summaryrefslogtreecommitdiff
path: root/kpov_judge/tasks/ldap
diff options
context:
space:
mode:
Diffstat (limited to 'kpov_judge/tasks/ldap')
-rw-r--r--kpov_judge/tasks/ldap/evaluation/task.py123
-rw-r--r--kpov_judge/tasks/ldap/lecture/ideja.txt2
-rw-r--r--kpov_judge/tasks/ldap/preparation/task.py111
3 files changed, 236 insertions, 0 deletions
diff --git a/kpov_judge/tasks/ldap/evaluation/task.py b/kpov_judge/tasks/ldap/evaluation/task.py
new file mode 100644
index 0000000..fee168a
--- /dev/null
+++ b/kpov_judge/tasks/ldap/evaluation/task.py
@@ -0,0 +1,123 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+# kpovRandomHelpers should be imported by add_assignment.py
+
+instructions = {
+ 'si':u"""
+Ustvari dva navidezna računalnika - SimpleArbiter z diskom simpleArbiterDhcp ter LDAPServer.
+Na LDAPServer namesti strežnik LDAP. Na SimpleArbiter preberi ime domene DOMENA,
+uporabniško ime BIND_DN ter geslo BIND_PASS. Poskrbi, da se bo lahko klient s simpleArbiterDhcp povezal na LDAP strežnik na LDAPServer.
+V primeru, da se klient poveže kot BIND_DN z geslom BIND_PASS, naj strežnik omogoči branje vseh podatkov za objekte v
+DC=DOMENA,DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si. Nato na LDAP strežniku poišči datoteko /home/test/users.txt. Vsaka vrstica
+v datoteki vsebuje uporabniško ime, ime ter priimek, ločene s tabulatorji. V bazi LDAP
+pod DC=DOMENA,DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si za vsako vrstico v users.txt ustvari svojega uporabnika.
+
+"""
+}
+
+computers = {
+ 'maliNetworkManager': {
+ 'disks': [
+ { 'name': 'maliNetworkManager',
+ },
+ #{ 'name': 'CDROM',
+ # 'options':{'readonly': True},
+ # 'parts': [],# no parts, no mounting.
+ #}
+ ],
+ 'network_interfaces': [{'network': 'net1'}],
+ 'flavor': 'm1.tiny',
+ 'config_drive': False
+
+ },
+ 'maliBrezNetworkManager': {
+ 'disks': [
+ { 'name': 'maliBrezNetworkManager',
+ },
+ #{ 'name': 'CDROM',
+ # 'options':{'readonly': True},
+ # 'parts': [],# no parts, no mounting.
+ #}
+ ],
+ 'network_interfaces': [{'network': 'net1'}],
+ 'flavor': 'm1.tiny',
+ 'config_drive': False
+
+ },
+ 'SimpleArbiter': {
+ 'disks': [
+ { 'name': 'simpleArbiterDhcp',
+ # attempt automount
+ },
+ #{ 'name': 'CDROM',
+ # 'options': {'readonly': True},
+ # 'parts': [{'dev': 'b1', 'path': '/cdrom'}],
+ #},
+ ],
+ 'network_interfaces': [{'network': 'net1'}, {'network': 'test-net'}],
+ 'flavor': 'm1.tiny',
+ 'config_drive': False
+ }
+}
+
+networks = { 'net1': {'public': False}, 'test-net': {'public': True} }
+
+params_meta = {
+ 'IP_NM': {'opis': 'Naslov maliNetworkManager', 'w': False, 'public':True, 'type': 'IP', 'generated': True},
+ 'DNS_NM': {'opis': 'DNS za maliNetworkManager', 'w': False, 'public':True, 'type': 'IP', 'generated': True},
+ 'IP_static': {'opis': 'Naslov maliBrezNetworkManager', 'w': False, 'public': True, 'type': 'IP', 'generated': True},
+ 'DNS_static': {'opis': 'DNS za maliBrezNetworkManager', 'w': False, 'public': True, 'type': 'IP', 'generated': True},
+}
+
+def task(IP_NM, DNS_NM, IP_static, DNS_static):
+ import pxssh
+ import pexpect
+ results = dict()
+ peer_user = 'student'
+ peer_passwd = 'vaje'
+ sA = pxssh.pxssh()
+ sB = pxssh.pxssh()
+ sA.login(IP_NM, peer_user, peer_passwd)
+ sB.login(IP_static, peer_user, peer_passwd)
+ # sA
+ # make sure NM is not handling eth0
+ results['NM_nmcli'] = sA.run('nmcli d')
+ results['NM_nslookup'] = sA.run('nslookup www.arnes.si')
+ # sB
+ # check whether NM is handling eth0
+ results['static_nmcli'] = sB.run('nmcli d')
+ results['static_nslookup'] = sB.run('nslookup www.arnes.si')
+ sA.logout()
+ sB.logout()
+ return results
+
+def gen_params(user_id, params_meta):
+ params = dict()
+ r = random.Random(user_id)
+ # IP_NM, DNS_NM, IP_static, DNS_static)
+ dns_servers = ['193.2.1.66', '193.2.1.72', '8.8.8.8', '8.8.4.4', '208.67.222.222', '208.67.220.220']
+ net = kpovRandomHelpers.IPv4_subnet_gen(r, '172.23.128.0/18', 24)
+ params['DNS_NM'] = r.choice(dns_servers)
+ params['IP_NM'], params['IP_static'] = kpovRandomHelpers.IPv4_addr_gen(r, net, 2)
+ params['DNS_static'] = r.choice(dns_servers)
+ return params
+
+def task_check(results, params):
+ import re
+ score = -9
+ if results['NM_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_NM'])) > -1:
+ score += 3
+ if results['static_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_static'])) > -1:
+ score += 3
+ if re.search(r'eth0 +802-.*connected', results['NM_nmcli']):
+ score += 2
+ if not re.search(r'eth0 +802-.*connected', results['static_nmcli']):
+ score += 2
+ score = 0
+ return score
+
+def prepare_disks(templates, params):
+# d = templates['simpleArbiterDhcp']
+ pass
+
diff --git a/kpov_judge/tasks/ldap/lecture/ideja.txt b/kpov_judge/tasks/ldap/lecture/ideja.txt
new file mode 100644
index 0000000..e9647ce
--- /dev/null
+++ b/kpov_judge/tasks/ldap/lecture/ideja.txt
@@ -0,0 +1,2 @@
+Postavi strežnik OpenLDAP. Ustvari shemo. Ustvari uporabnika. Uporabi LDAP kot backend za RADIUS.
+
diff --git a/kpov_judge/tasks/ldap/preparation/task.py b/kpov_judge/tasks/ldap/preparation/task.py
new file mode 100644
index 0000000..c123c92
--- /dev/null
+++ b/kpov_judge/tasks/ldap/preparation/task.py
@@ -0,0 +1,111 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+# kpovRandomHelpers should be imported by add_assignment.py
+# Poveži se na strežnik LDAP prek spletnega vmesnika. Ustvari uporabnika z danim imenom in geslom.
+# Napiši skripto, ki izpiše podatke o tem uporabniku z ldapsearch.
+#
+# TODO: finish this!
+instructions = {
+ 'si':u"""
+Ustvari dva navidezna računalnika - SimpleArbiter z diskom simpleArbiterDhcp ter LDAPServer.
+Na LDAPServer namesti strežnik LDAP. Na SimpleArbiter preberi ime domene DOMENA, uporabniško ime USER_A, geslo PASS_A,
+uporabniško ime BIND_DN ter geslo BIND_PASS. Poskrbi, da se bo lahko klient s simpleArbiterDhcp povezal na LDAP strežnik na LDAPServer.
+V primeru, da se klient poveže kot BIND_DN z geslom BIND_PASS, naj strežnik omogoči spreminjanje podatkov za objekt
+CN=USER_A,DC=DOMENA,DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si ter ustvarjanje novih objektov v DC=DOMENA,DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+
+Na SimpleArbiter ustvari program, ki bo s pomočjo ldapsearch izpisala seznam lastnosti (otrok), ki jih ima poljuben objekt v domeni DOMENA.kpov.lusy.fri.uni-lj.si. Ime objekta (CN) naj program sprejme kot prvi argument.
+"""
+}
+
+computers = {
+ 'LDAPServer': {
+ 'disks': [
+ { 'name': 'LDAPServer',
+ },
+ #{ 'name': 'CDROM',
+ # 'options':{'readonly': True},
+ # 'parts': [],# no parts, no mounting.
+ #}
+ ],
+ 'network_interfaces': [{'network': 'net1'}],
+ 'flavor': 'm1.tiny',
+ 'config_drive': False
+
+ },
+ 'SimpleArbiter': {
+ 'disks': [
+ { 'name': 'simpleArbiterDhcp',
+ # attempt automount
+ },
+ #{ 'name': 'CDROM',
+ # 'options': {'readonly': True},
+ # 'parts': [{'dev': 'b1', 'path': '/cdrom'}],
+ #},
+ ],
+ 'network_interfaces': [{'network': 'net1'}, {'network': 'test-net'}],
+ 'flavor': 'm1.tiny',
+ 'config_drive': False
+ }
+}
+
+networks = { 'net1': {'public': False}, 'test-net': {'public': True} }
+
+params_meta = {
+ 'LDAP_USERNAME': {'opis': 'Uporabnisko ime v LDAP', 'w': False, 'public':True, 'type': 'username', 'generated': True},
+ 'LDAP_PASSWORD': {'opis': 'Geslo v LDAP', 'w': False, 'public':True, 'type': 'password', 'generated': True},
+ 'BIND_USERNAME': {'opis': 'Uporabnisko ime za dostop do LDAP', 'w': False, 'public':True, 'type': 'username', 'generated': True},
+ 'BIND_PASSWORD': {'opis': 'Geslo za dostop do LDAP', 'w': False, 'public':True, 'type': 'password', 'generated': True},
+}
+
+def task(LDAP_USERNAME, LDAP_PASSWORD, IP_static, DNS_static):
+ import pxssh
+ import pexpect
+ results = dict()
+ peer_user = 'student'
+ peer_passwd = 'vaje'
+ sA = pxssh.pxssh()
+ sB = pxssh.pxssh()
+ sA.login(IP_NM, peer_user, peer_passwd)
+ sB.login(IP_static, peer_user, peer_passwd)
+ # sA
+ # make sure NM is not handling eth0
+ results['NM_nmcli'] = sA.run('nmcli d')
+ results['NM_nslookup'] = sA.run('nslookup www.arnes.si')
+ # sB
+ # check whether NM is handling eth0
+ results['static_nmcli'] = sB.run('nmcli d')
+ results['static_nslookup'] = sB.run('nslookup www.arnes.si')
+ sA.logout()
+ sB.logout()
+ return results
+
+def gen_params(user_id, params_meta):
+ params = dict()
+ r = random.Random(user_id)
+ # IP_NM, DNS_NM, IP_static, DNS_static)
+ dns_servers = ['193.2.1.66', '193.2.1.72', '8.8.8.8', '8.8.4.4', '208.67.222.222', '208.67.220.220']
+ net = kpovRandomHelpers.IPv4_subnet_gen(r, '172.23.128.0/18', 24)
+ params['DNS_NM'] = r.choice(dns_servers)
+ params['IP_NM'], params['IP_static'] = kpovRandomHelpers.IPv4_addr_gen(r, net, 2)
+ params['DNS_static'] = r.choice(dns_servers)
+ return params
+
+def task_check(results, params):
+ import re
+ score = -9
+ if results['NM_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_NM'])) > -1:
+ score += 3
+ if results['static_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_static'])) > -1:
+ score += 3
+ if re.search(r'eth0 +802-.*connected', results['NM_nmcli']):
+ score += 2
+ if not re.search(r'eth0 +802-.*connected', results['static_nmcli']):
+ score += 2
+ score = 0
+ return score
+
+def prepare_disks(templates, params):
+# d = templates['simpleArbiterDhcp']
+ pass
+