1
|
|
2
|
|
3
|
|
4
|
|
5
|
import os, commands
|
6
|
|
7
|
|
8
|
abcd = [ chr(i) for i in range(97, 123)]
|
9
|
home = '/home'
|
10
|
|
11
|
|
12
|
def create_eleve_dirs(rep):
|
13
|
dico = dict(rep = rep)
|
14
|
cmd = """[ ! -d "%(rep)s/perso/prive" ] && mkdir -p %(rep)s/perso/prive
|
15
|
[ ! -d "%(rep)s/profil" ] && mkdir -p %(rep)s/profil
|
16
|
[ ! -d "%(rep)s/MailDir" ] && mkdir -p %(rep)s/MailDir
|
17
|
"""%dico
|
18
|
os.system(cmd)
|
19
|
|
20
|
def create_prof_dirs(rep):
|
21
|
dico = dict(rep = rep)
|
22
|
cmd = """[ ! -d "%(rep)s/perso" ] && mkdir -p %(rep)s/perso
|
23
|
[ ! -d "%(rep)s/profil" ] && mkdir -p %(rep)s/profil
|
24
|
[ ! -d "%(rep)s/MailDir" ] && mkdir -p %(rep)s/MailDir
|
25
|
"""%dico
|
26
|
os.system(cmd)
|
27
|
|
28
|
def create_adm_dirs(rep):
|
29
|
dico = dict(rep = rep)
|
30
|
cmd = """[ ! -d "%(rep)s/perso" ] && mkdir -p %(rep)s/perso
|
31
|
[ ! -d "%(rep)s/profil" ] && mkdir -p %(rep)s/profil
|
32
|
[ ! -d "%(rep)s/MailDir" ] && mkdir -p %(rep)s/MailDir
|
33
|
"""%dico
|
34
|
os.system(cmd)
|
35
|
|
36
|
def get_groupe(user):
|
37
|
cmde = 'id %s|grep eleves'%user
|
38
|
cmdp = 'id %s|grep professeurs'%user
|
39
|
cmda = 'id %s|grep administratifs'%user
|
40
|
if commands.getstatusoutput(cmde)[0] == 0:
|
41
|
return 'eleve'
|
42
|
if commands.getstatusoutput(cmdp)[0] == 0:
|
43
|
return 'professeur'
|
44
|
if commands.getstatusoutput(cmda)[0] == 0:
|
45
|
return 'administratif'
|
46
|
return None
|
47
|
|
48
|
def place_droit(user, rep):
|
49
|
dico = dict(user = user, rep = rep)
|
50
|
drte = """setfacl -Rbk %(rep)s
|
51
|
chown -R root:root %(rep)s
|
52
|
setfacl -PRm u:%(user)s:rwx,g::---,o::--- %(rep)s
|
53
|
chown -R %(user)s %(rep)s/perso
|
54
|
setfacl -m u:mail:r-x,g:mail:r-x %(rep)s
|
55
|
setfacl -PRm u:mail:rwx,g:mail:rwx %(rep)s/MailDir
|
56
|
setfacl -m g:professeurs:r-x %(rep)s
|
57
|
setfacl -PRm g:professeurs:r-x %(rep)s/perso
|
58
|
if [ -d %(rep)s/perso/prive ];then
|
59
|
setfacl -x g:professeurs %(rep)s/perso/prive
|
60
|
fi
|
61
|
getfacl --access --absolute-names %(rep)s | setfacl -d -M- %(rep)s
|
62
|
getfacl --access --absolute-names %(rep)s/perso | setfacl -d -M- %(rep)s/perso
|
63
|
getfacl --access --absolute-names %(rep)s/perso/prive | setfacl -d -M- %(rep)s/perso/prive
|
64
|
getfacl --access --absolute-names %(rep)s/profil | setfacl -d -M- %(rep)s/profil
|
65
|
getfacl --access --absolute-names %(rep)s/MailDir | setfacl -d -M- %(rep)s/MailDir
|
66
|
# pour les quotas
|
67
|
"""%dico
|
68
|
|
69
|
drtp = """setfacl -Rbk %(rep)s
|
70
|
chown -R root:root %(rep)s
|
71
|
setfacl -PRm u:%(user)s:rwx,g::---,o:--- %(rep)s
|
72
|
chown -R %(user)s %(rep)s/perso
|
73
|
setfacl -m u:mail:r-x,g:mail:r-x %(rep)s
|
74
|
if [ -d %(rep)s/MailDir ];then
|
75
|
setfacl -PRm u:mail:rwx,g:mail:rwx %(rep)s/MailDir
|
76
|
getfacl --access --absolute-names %(rep)s/MailDir| setfacl -d -M- %(rep)s/MailDir
|
77
|
fi
|
78
|
getfacl --access --absolute-names %(rep)s/perso | setfacl -d -M- %(rep)s/perso
|
79
|
getfacl --access --absolute-names %(rep)s/profil | setfacl -d -M- %(rep)s/profil
|
80
|
"""%dico
|
81
|
|
82
|
drta = """setfacl -Rbk %(rep)s
|
83
|
chown -R root:root %(rep)s
|
84
|
setfacl -PRm u:%(user)s:rwx,g::---,o:--- %(rep)s
|
85
|
chown -R %(user)s %(rep)s/perso
|
86
|
setfacl -m u:mail:r-x,g:mail:r-x %(rep)s
|
87
|
if [ -d %(rep)s/MailDir ];then
|
88
|
setfacl -PRm u:mail:rwx,g:mail:rwx %(rep)s/MailDir
|
89
|
getfacl --access --absolute-names %(rep)s/MailDir| setfacl -d -M- %(rep)s/MailDir
|
90
|
fi
|
91
|
getfacl --access --absolute-names %(rep)s/perso | setfacl -d -M- %(rep)s/perso
|
92
|
getfacl --access --absolute-names %(rep)s/profil | setfacl -d -M- %(rep)s/profil
|
93
|
"""%dico
|
94
|
|
95
|
grp = get_groupe(user)
|
96
|
if not grp:
|
97
|
print ' ### Utilisateur %s non trouvé ###'%user
|
98
|
print "Traitement de", user, grp
|
99
|
if grp == 'eleve':
|
100
|
create_eleve_dirs(rep)
|
101
|
os.system(drte)
|
102
|
return
|
103
|
if grp == 'professeur':
|
104
|
create_prof_dirs(rep)
|
105
|
os.system(drtp)
|
106
|
return
|
107
|
if grp == 'administratif':
|
108
|
create_adm_dirs(rep)
|
109
|
os.system(drta)
|
110
|
return
|
111
|
|
112
|
|
113
|
|
114
|
for i in abcd:
|
115
|
rep = os.path.join(home, i)
|
116
|
print rep
|
117
|
if not os.path.isdir(rep): continue
|
118
|
users = os.listdir(rep)
|
119
|
for user in users:
|
120
|
rep2 = os.path.join(rep, user)
|
121
|
|
122
|
place_droit(user, rep2)
|
123
|
|
124
|
|