Source code for fabtools.require.users

"""
System users
============
"""

from fabtools.files import is_file
from fabtools.user import create, exists, modify
from fabtools.utils import run_as_root


[docs]def user(name, comment=None, home=None, create_home=None, skeleton_dir=None, group=None, create_group=True, extra_groups=None, password=None, system=False, shell=None, uid=None, ssh_public_keys=None, non_unique=False): """ Require a user and its home directory. See :func:`fabtools.user.create` for a detailed description of arguments. :: from fabtools import require # This will also create a home directory for alice require.user('alice') # Sometimes we don't need a home directory require.user('mydaemon', create_home=False) # Require a user without shell access require.user('nologin', shell='/bin/false') .. note:: This function can be accessed directly from the ``fabtools.require`` module for convenience. """ from fabtools.require import directory as require_directory # Make sure the user exists if not exists(name): create(name, comment=comment, home=home, create_home=create_home, skeleton_dir=skeleton_dir, group=group, create_group=create_group, extra_groups=extra_groups, password=password, system=system, shell=shell, uid=uid, ssh_public_keys=ssh_public_keys, non_unique=non_unique) else: modify(name, comment=comment, home=home, group=group, extra_groups=extra_groups, password=password, shell=shell, uid=uid, ssh_public_keys=ssh_public_keys, non_unique=non_unique) # Make sure the home directory exists and is owned by user if home: require_directory(home, owner=name, use_sudo=True)
[docs]def sudoer(username, hosts="ALL", operators="ALL", passwd=False, commands="ALL"): """ Require sudo permissions for a given user. .. note:: This function can be accessed directly from the ``fabtools.require`` module for convenience. """ tags = "PASSWD:" if passwd else "NOPASSWD:" spec = "%(username)s %(hosts)s=(%(operators)s) %(tags)s %(commands)s" %\ locals() filename = '/etc/sudoers.d/fabtools-%s' % username if is_file(filename): run_as_root('chmod 0640 %(filename)s && rm -f %(filename)s' % locals()) run_as_root('echo "%(spec)s" >%(filename)s && chmod 0440 %(filename)s' % locals(), shell=True)