Skip to content

Instantly share code, notes, and snippets.

@cyberpirate cyberpirate/jailUserManager.py
Created Jun 13, 2017

Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
A small python script to manage permissions on my FreeNAS home server
Raw
jailUserManager.py
#!/usr/local/bin/python
import os
import os.path
import re
import json
import grp
import pwd
import stat
import sys
def jls():
ret = os.popen("jls").read()
ret = ret.split("\n")[1:]
ret = map(lambda x : re.sub("\s+", " ", x).strip(), ret)
ret = map(lambda x : x.split(" "), ret)
ret = [[y for y in x if y != "-"] for x in ret if len(x) == 4]
return ret
def notifyUpdates(path, notify, lastTime=0):
time = os.path.getmtime(path)
if time > lastTime:
notify(path)
if os.path.isdir(path):
for d in os.listdir(path):
time = max(notifyUpdates(os.path.join(path, d), lastTime, notify), time)
return time
def addGroup(jail, name, number):
pref = ("jexec %s " % jail) if len(jail) > 0 else ""
os.popen(pref + "pw groupadd %s -g %s" % (name, number)).read()
def addUser(jail, name, number, group):
pref = ("jexec %s " % jail) if len(jail) > 0 else ""
os.popen(pref + "pw useradd %s -u %s -g %s" % (name, number, group)).read()
def jailHasUser(jail, name):
pref = ("jexec %s " % jail) if len(jail) > 0 else ""
ret = os.popen(pref + "cat /etc/passwd | grep %s" % (name)).read()
ret = ret.split("\n")
ret = [r.split(":") for r in ret if len(r) > 0]
ret = [(r[0], r[2]) for r in ret if r[0] == name]
return len(ret) > 0
def jailHasGroup(jail, name):
pref = ("jexec %s " % jail) if len(jail) > 0 else ""
ret = os.popen(pref + "cat /etc/group | grep %s" % (name)).read()
ret = ret.split("\n")
ret = [r.split(":") for r in ret if len(r) > 0]
ret = [(r[0], r[2]) for r in ret if r[0] == name]
return len(ret) > 0
def getPermissions(path):
stat_info = os.stat(path)
uid = stat_info.st_uid
gid = stat_info.st_gid
user = pwd.getpwuid(uid)[0]
group = grp.getgrgid(gid)[0]
return (user, group, oct(stat_info.st_mode)[-3:])
groupTable = [
("downloadGroup", "2000"),
("backupGroup", "2001"),
("mediaGroup", "2002"),
("privateGroup", "2003"),
("execGroup", "2004"),
]
userTable = [
("downloadUser", "2000", "downloadGroup"),
("backupUser", "2001", "backupGroup"),
("mediaUser", "2002", "mediaGroup"),
("privateUser", "2003", "privateGroup"),
("execUser", "2004", "execGroup"),
]
pTable = {}
pTable["/mnt/MainVolume/btSync/"] = ("backupUser", "backupGroup", "770")
pTable["/mnt/MainVolume/Downloads/"] = ("downloadUser", "downloadGroup", "770")
pTable["/mnt/MainVolume/Movies/"] = ("mediaUser", "mediaGroup", "770")
pTable["/mnt/MainVolume/SynDump/"] = ("backupUser", "backupGroup", "770")
pTable["/mnt/MainVolume/crypto/"] = ("privateUser", "privateGroup", "770")
pTable["/mnt/MainVolume/private/"] = ("privateUser", "privateGroup", "770")
pTable["/mnt/MainVolume/Programs/"] = ("execUser", "execGroup", "770")
pTable["/mnt/MainVolume/TV/"] = ("mediaUser", "mediaGroup", "770")
# pTable["/mnt/MainVolume/Home/"] = ("root", "dataGroup", "777")
def p(x):
print(x)
def pFix(x):
for p in pTable:
if x.startswith(p):
if pTable[p] != getPermissions(x):
usr = pTable[p][0]
grp = pTable[p][1]
nmb = pTable[p][2]
print("fixing: " + x)
x = "\"%s\"" % (x.replace("\"", "\\\""))
os.system("chown %s:%s %s" % (usr, grp, x))
os.system("chmod %s %s" % (nmb, x))
break
def runFixPermissions():
for path in pTable:
notifyUpdates(path, pFix)
def runAddUsersToJails():
jails = [j[1] for j in jls()]# + [""]
for jail in jails:
for g in groupTable:
# print("group: %s %s %s" % (jail, g[0], str(not jailHasGroup(jail, g[0]))))
if not jailHasGroup(jail, g[0]):
addGroup(jail, g[0], g[1])
for u in userTable:
# print("user: %s %s %s" % (jail, u[0], str(not jailHasUser(jail, u[0]))))
if not jailHasUser(jail, u[0]):
addUser(jail, u[0], u[1], u[2])
command = sys.argv[1] if len(sys.argv) > 0 else ""
if command == "fix":
runFixPermissions()
elif command == "add":
runAddUsersToJails()
else:
print("use fix or add as argument")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.