kpov_judge/tasks/radius_mysql_pam/task.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111

#!/usr/bin/env python
# -*- coding: utf-8 -*-
.
# kpov_random_helpers should be imported by add_assignment.py

 instructions = {
    'si':u"""
Ustvari dva navidezna računalnika - SimpleArbiter z diska simpleArbiterDhcp ter
RadiusServer.SimpleArbeiterDhcp dobis na naslovu polz.si/media/uploads/kpov/virtualke.Na RadiusServer namesti OpenRadius. Dodatna navodila za instalacijo najdete na evbergen.home.xs4all.nl/openradius/doc-using-openradius.html.OpenRadius uporablja dve konfiguracijski datoteki. To sta /etc/openradius/configuration in /etc/openradius/behaviour.
Prejsnja definira serverjeve vire in vmesnike slednja pa nastavi, kako bo server delal z zahtevami.  Na SimpleArbiter preberi uporabnisko ime in geslo
uporabnika ter ga dodaj v konfiguracijo OpenRadius na RadiusServer. Na SimpleArbiter
preberi skrivnost ter poskrbi, da se bo s to skrivnostjo SimpleArbiter lahko povezal
na RadiusServer .

Nato na OpenRadius namesti še podatkovno bazo mysql. Na SimpleArbiter preberi še ime podatkovne baze, 
uporabniško ime na bazi ter geslo, s katerim se bo lahko klient s SimpleArbiter na to bazo lahko povezal.
Ustvari podatkovno bazo.Najprej namestimo mysql server. Nato se prijavimo v Mysql server z ukazom mysql -u root -p. Bazo ustvarimo z ukazom CREATE DATABASE <imePodatkovneBaze>. V bazi ustvari tabelo "users" s stolpcema username ter password. 
Na RadiusServer ustvari uporabnika test. Nastavi PAM tako, da se bo geslo uporabnika primerjalo z vnosom
v tabeli v mysql, namesto da se uporabi datoteka /etc/passwd oziroma /etc/shadow.
"""
}

computers = {
    'RadiusServer': {
        'disks': [
            {   'name': 'RadiusServer',
            },
            #{   'name': 'CDROM',
            #    'options':{'readonly': True},
            #    'parts': [],# no parts, no mounting.
            #}
        ],
        'network_interfaces': [{'network': 'net1'}],
        'flavor': 'm1.tiny',
        'config_drive': False

    },
    'SimpleArbiter': {
        'disks': [
            {   'name': 'simpleArbiterDhcp',
                # attempt automount
            },
            #{   'name': 'CDROM',
            #    'options': {'readonly': True},
            #    'parts': [{'dev': 'b1', 'path': '/cdrom'}],
            #},
        ],
        'network_interfaces': [{'network': 'net1'}, {'network': 'test-net'}],
        'flavor': 'm1.tiny',
        'config_drive': False
    }
}

networks = { 'net1': {'public': False}, 'test-net': {'public': True} }

params_meta = {
	'IP_RS': {'descriptions': {'si': 'Naslov RadiusServer'}, 'w': False, 'public':True, 'type': 'IP', 'generated': True},
    'RADIUS_SECRET':{'descriptions': {'si': 'Skrivnost RADIUS'}, 'w': False, 'public':True, 'type': 'passwd', 'generated': True},
    'RADIUS_USERNAME': {'descriptions': {'si': 'Username v RADIUS'}, 'w': True, 'public':True, 'type': 'username', 'generated': False},
    'RADIUS_PASSWORD': {'descriptions': {'si': 'Geslo v RADIUS'}, 'w': False, 'public':True, 'type': '', 'generated': True},
    'MYSQL_ADMIN_USER':{'descriptions': {'si': 'Username za dostop do MySQL'}, 'w': True, 'public':True, 'type': 'username', 'generated': False},
    'MYSQL_ADMIN_PASSWORD': {'descriptions': {'si': 'Geslo za dostop do MySQL'}, 'w': True, 'public':True, 'type': 'passwd', 'generated': True},
    'MYSQL_PAM_USERNAME': {'descriptions': {'si': 'Username v MySQL'}, 'w': True, 'public': True, 'type': 'IP', 'generated': False},
    'MYSQL_PAM_PASSWORD': {'descriptions': {'si': 'Geslo za uporabnika v MySQL'}, 'w': True, 'public': True, 'type': 'passwd', 'generated': False},
}

def task(IP_RS, RADIUS_SECRET, RADIUS_USERNAME, RADIUS_PASSWORD, MYSQL_ADMIN_USER, MYSQL_ADMIN_PASSWORD, MYSQL_PAM_USERNAME, MYSQL_PAM_PASSWORD):
    import pxssh
	results = dict()
	peer_user = 'student'
    peer_passwd = 'vaje'
    sR = pxssh.pxssh()
	sR.login(IP_RS, peer_user, peer_passwd)
	
	
    return results
    
def gen_params(user_id, params_meta):
    params = dict()
    r = random.Random(user_id)
    secrets = ['skupna', 'secret', 'skrivnost', 'mystery', 'tajna', 'skupnaskrivnost', 'nekadruga', 'spetnekaskrivnost']
    crke = list(string.ascii_lowercase)
    for name, meta in param_meta.iteritems():
	params[name] = default_generators[meta.get('type', None](r)
    params['RADIUS_SECRET'] = r.choice(secrets)
    password = SQLpassword = ""
    for i in range(4):
	passowrd+=crke[randint(0,25)]
	SQLpassword+=crke[randint(0,25)]
    params['RADIUS_PASSWORD'] = password
    params['MYSQL_ADMIN_PASSWORD'] = SQLpassword
    return params

def task_check(results, params):
    import re
    score = -9
    if results['NM_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_NM'])) > -1:
        score += 3
    if results['static_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_static'])) > -1:
        score += 3
    if re.search(r'eth0 +802-.*connected', results['NM_nmcli']):
        score += 2
    if not re.search(r'eth0 +802-.*connected', results['static_nmcli']):
        score += 2
    score = 0
    return score

def prepare_disks(templates, params):
#    d = templates['simpleArbiterDhcp']
    pass