Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Add the ability to manage sudo users and groups from GUI

  • Loading branch information...
commit 72a7e36420040768837ec5a829c2237d2afa8686 1 parent f2d6ba7
@jhixson74 jhixson74 authored
View
1  gui/account/forms.py
@@ -389,6 +389,7 @@ class Meta:
'bsdusr_password2',
'bsdusr_password_disabled',
'bsdusr_locked',
+ 'bsdusr_sudo',
'bsdusr_sshpubkey',
'bsdusr_to_group',
)
View
13 gui/account/migrations/0004_builtin_user_and_groups.py
@@ -11,8 +11,17 @@ class Migration(DataMigration):
def forwards(self, orm):
from django.core.management import call_command
- call_command("loaddata", "bsdGroups.json")
- #call_command("loaddata", "bsdUsers.json")
+ jf = os.path.join(os.path.abspath(os.path.dirname(__file__)), "..", "fixtures", "bsdGroups.json")
+ with open(jf) as json_fd:
+ json = json_fd.read()
+ groups = simplejson.loads(json)
+ for entry in groups:
+ group = orm.bsdGroups(pk=entry['pk'])
+ for field in entry['fields']:
+ mfield = orm.bsdGroups._meta.get_field(field)
+ setattr(group, field, entry['fields'].get(field))
+ group.save()
+
jf = os.path.join(os.path.abspath(os.path.dirname(__file__)), "..", "fixtures", "bsdUsers.json")
with open(jf) as json_fd:
json = json_fd.read()
View
88 gui/account/migrations/0019_auto__add_field_bsdusers_bsdusr_sudo__chg_field_bsdusers_bsdusr_userna.py
@@ -0,0 +1,88 @@
+# -*- coding: utf-8 -*-
+import datetime
+from south.db import db
+from south.v2 import SchemaMigration
+from django.db import models
+
+
+class Migration(SchemaMigration):
+
+ def forwards(self, orm):
+ # Removing unique constraint on 'bsdUsers', fields ['bsdusr_uid']
+ db.delete_unique(u'account_bsdusers', ['bsdusr_uid'])
+
+ # Adding field 'bsdUsers.bsdusr_sudo'
+ db.add_column(u'account_bsdusers', 'bsdusr_sudo',
+ self.gf('django.db.models.fields.BooleanField')(default=False),
+ keep_default=False)
+
+
+ # Changing field 'bsdUsers.bsdusr_username'
+ db.alter_column(u'account_bsdusers', 'bsdusr_username', self.gf('django.db.models.fields.CharField')(unique=True, max_length=16))
+
+ # Changing field 'bsdUsers.bsdusr_uid'
+ db.alter_column(u'account_bsdusers', 'bsdusr_uid', self.gf('django.db.models.fields.IntegerField')())
+
+ # Changing field 'bsdUsers.bsdusr_home'
+ db.alter_column(u'account_bsdusers', 'bsdusr_home', self.gf('freenasUI.freeadmin.models.fields.PathField')(max_length=255))
+ # Adding field 'bsdGroups.bsdgrp_sudo'
+ db.add_column(u'account_bsdgroups', 'bsdgrp_sudo',
+ self.gf('django.db.models.fields.BooleanField')(default=False),
+ keep_default=False)
+
+
+ def backwards(self, orm):
+ # Deleting field 'bsdUsers.bsdusr_sudo'
+ db.delete_column(u'account_bsdusers', 'bsdusr_sudo')
+
+
+ # Changing field 'bsdUsers.bsdusr_username'
+ db.alter_column(u'account_bsdusers', 'bsdusr_username', self.gf('django.db.models.fields.CharField')(max_length=30, unique=True))
+
+ # Changing field 'bsdUsers.bsdusr_uid'
+ db.alter_column(u'account_bsdusers', 'bsdusr_uid', self.gf('django.db.models.fields.IntegerField')(max_length=10, unique='True'))
+ # Adding unique constraint on 'bsdUsers', fields ['bsdusr_uid']
+ db.create_unique(u'account_bsdusers', ['bsdusr_uid'])
+
+
+ # Changing field 'bsdUsers.bsdusr_home'
+ db.alter_column(u'account_bsdusers', 'bsdusr_home', self.gf('django.db.models.fields.CharField')(max_length=120))
+ # Deleting field 'bsdGroups.bsdgrp_sudo'
+ db.delete_column(u'account_bsdgroups', 'bsdgrp_sudo')
+
+
+ models = {
+ u'account.bsdgroupmembership': {
+ 'Meta': {'object_name': 'bsdGroupMembership'},
+ 'bsdgrpmember_group': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['account.bsdGroups']"}),
+ 'bsdgrpmember_user': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['account.bsdUsers']"}),
+ u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'})
+ },
+ u'account.bsdgroups': {
+ 'Meta': {'object_name': 'bsdGroups'},
+ 'bsdgrp_builtin': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ 'bsdgrp_gid': ('django.db.models.fields.IntegerField', [], {}),
+ 'bsdgrp_group': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '120'}),
+ 'bsdgrp_sudo': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'})
+ },
+ u'account.bsdusers': {
+ 'Meta': {'object_name': 'bsdUsers'},
+ 'bsdusr_builtin': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ 'bsdusr_email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
+ 'bsdusr_full_name': ('django.db.models.fields.CharField', [], {'max_length': '120'}),
+ 'bsdusr_group': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['account.bsdGroups']"}),
+ 'bsdusr_home': ('freenasUI.freeadmin.models.fields.PathField', [], {'default': "'/nonexistent'", 'max_length': '255'}),
+ 'bsdusr_locked': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ 'bsdusr_password_disabled': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ 'bsdusr_shell': ('django.db.models.fields.CharField', [], {'default': "'/bin/csh'", 'max_length': '120'}),
+ 'bsdusr_smbhash': ('django.db.models.fields.CharField', [], {'default': "'*'", 'max_length': '128', 'blank': 'True'}),
+ 'bsdusr_sudo': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ 'bsdusr_uid': ('django.db.models.fields.IntegerField', [], {}),
+ 'bsdusr_unixhash': ('django.db.models.fields.CharField', [], {'default': "'*'", 'max_length': '128', 'blank': 'True'}),
+ 'bsdusr_username': ('django.db.models.fields.CharField', [], {'default': "u'User &'", 'unique': 'True', 'max_length': '16'}),
+ u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'})
+ }
+ }
+
+ complete_apps = ['account']
View
8 gui/account/models.py
@@ -47,6 +47,10 @@ class bsdGroups(Model):
editable=False,
verbose_name=_("Built-in Group"),
)
+ bsdgrp_sudo = models.BooleanField(
+ default=False,
+ verbose_name=_("Permit Sudo"),
+ )
class Meta:
verbose_name = _("Group")
@@ -137,6 +141,10 @@ class bsdUsers(Model):
verbose_name=_("Lock user"),
default=False,
)
+ bsdusr_sudo = models.BooleanField(
+ verbose_name=_("Permit Sudo"),
+ default=False,
+ )
is_active = True
is_staff = True
View
1  gui/middleware/notifier.py
@@ -2187,6 +2187,7 @@ def save_pubkey(self, homedir, pubkey, username, groupname):
def _reload_user(self):
self._system("/usr/sbin/service ix-passwd quietstart")
self._system("/usr/sbin/service ix-aliases quietstart")
+ self._system("/usr/sbin/service ix-sudoers quietstart")
self.reload("cifs")
def mp_change_permission(self, path='/mnt', user='root', group='wheel',
View
48 nanobsd/Files/etc/rc.d/ix-sudoers
@@ -0,0 +1,48 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: ix-sudoers
+# REQUIRE: FILESYSTEMS
+
+. /etc/rc.freenas
+
+SUDOERS_FILE="/usr/local/etc/sudoers"
+
+sudoers_start()
+{
+ local IFS="|"
+
+ cp /conf/base/etc/local/sudoers "${SUDOERS_FILE}"
+ ${FREENAS_SQLITE_CMD} ${FREENAS_CONFIG} "\
+ SELECT
+ bsdusr_username
+ FROM
+ account_bsdusers
+ WHERE
+ bsdusr_sudo = 1
+ " | while read -r username
+ do
+ echo "${username} ALL=(ALL) ALL" >> "${SUDOERS_FILE}"
+ done
+
+ ${FREENAS_SQLITE_CMD} ${FREENAS_CONFIG} "\
+ SELECT
+ bsdgrp_group
+ FROM
+ account_bsdgroups
+ WHERE
+ bsdgrp_sudo = 1
+ " | while read -r group
+ do
+ echo "%${group} ALL=(ALL) ALL" >> "${SUDOERS_FILE}"
+ done
+}
+
+name="ix-sudoers"
+start_cmd='sudoers_start'
+stop_cmd=':'
+
+load_rc_config $name
+run_rc_command "$1"
Please sign in to comment.
Something went wrong with that request. Please try again.