Tree - rpms/cups - CentOS Git server

rpms / cups

Blame SOURCES/upgrade_get_document.py.in

Blob History Raw

		a325c7	`@PYTHON_SHEBANG@`
		a325c7
		a325c7	`"""`
		a325c7	`Upgrade script to enable authentication for CUPS-Get-Document in`
		a325c7	`default policy`
		a325c7	`"""`
		a325c7
		a325c7	`import os`
		a325c7	`import sys`
		a325c7	`from shutil import copy`
		a325c7
		a325c7
		a325c7	`def get_cupsd_conf():`
		a325c7	`"""`
		a325c7	`Get all lines from cupsd.conf`
		a325c7	`"""`
		a325c7	`if not os.path.exists('/etc/cups/cupsd.conf'):`
		a325c7	`return None`
		a325c7
		a325c7	`lines = []`
		a325c7	`with open('/etc/cups/cupsd.conf', 'r') as conf:`
		a325c7	`lines = conf.readlines()`
		a325c7
		a325c7	`return lines`
		a325c7
		a325c7
		a325c7	`def get_default_policy(lines):`
		a325c7	`"""`
		a325c7	`Get the default policy lines`
		a325c7
		a325c7	`:param list lines: lines from cupsd.conf`
		a325c7	`"""`
		a325c7	`default_policy = []`
		a325c7	`in_policy = False`
		a325c7
		a325c7	`for line in lines:`
		a325c7	`if not in_policy and not line.lstrip().startswith('<Policy default>'):`
		a325c7	`continue`
		a325c7
		a325c7	`default_policy.append(line)`
		a325c7
		a325c7	`if line.lstrip().startswith('</Policy>'):`
		a325c7	`return default_policy`
		a325c7
		a325c7	`in_policy = True`
		a325c7
		a325c7	`return default_policy`
		a325c7
		a325c7
		a325c7	`def get_limit_with_document(lines):`
		a325c7	`"""`
		a325c7	`Get <Limit> scope which defines CUPS-Get-Document operation`
		a325c7
		a325c7	`:param list lines: Lines containing the default policy`
		a325c7	`"""`
		a325c7	`limit = []`
		a325c7	`in_limit = False`
		a325c7
		a325c7	`for line in lines:`
		a325c7	`if not in_limit and not line.lstrip().startswith('`
		a325c7	`continue`
		a325c7
		a325c7	`if (not in_limit and line.lstrip().startswith('`
		a325c7	`not 'CUPS-Get-Document' in line.lstrip().split('#')[0][1:-1]):`
		a325c7	`continue`
		a325c7
		a325c7	`limit.append(line)`
		a325c7
		a325c7	`if line.lstrip().startswith('</Limit>'):`
		a325c7	`return limit`
		a325c7
		a325c7	`in_limit = True`
		a325c7
		a325c7	`return limit`
		a325c7
		a325c7
		a325c7	`def check_for_authtype(lines):`
		a325c7	`"""`
		a325c7	`Check if <Limit> defining CUPS-Get-Document defines`
		a325c7	`any authentication`
		a325c7
		a325c7	`:param list lines: Lines of <Limit> scope which defines CUPS-Get-Document`
		a325c7	`"""`
		a325c7	`for line in lines:`
		a325c7	`if line.lstrip().startswith('AuthType'):`
		a325c7	`return True`
		a325c7	`return False`
		a325c7
		a325c7
		a325c7	`def migrate_cupsd_conf(lines):`
		a325c7	`"""`
		a325c7	`Make changes to cupsd.conf contents to use authentication`
		a325c7	`for CUPS-Get-Document`
		a325c7
		a325c7	`:param list lines: Lines from cupsd.conf`
		a325c7	`"""`
		a325c7	`new_lines = []`
		a325c7	`in_policy = False`
		a325c7	`create_document_limit = False`
		a325c7
		a325c7	`for line in lines:`
		a325c7	`if (in_policy and line.lstrip().startswith('`
		a325c7	`not line.lstrip().startswith('<Limit CUPS-Get-Document>') and`
		a325c7	`'CUPS-Get-Document' in line.lstrip().split('#')[0][1:-1]):`
		a325c7	`line = line.replace(' CUPS-Get-Document', '')`
		a325c7	`create_document_limit = True`
		a325c7
		a325c7	`if in_policy and line.lstrip().startswith('</Policy>') and create_document_limit:`
		a325c7	`new_lines.append('\n')`
		a325c7	`new_lines.append((len(line) - len(line.lstrip()) + 2) * ' ' +`
		a325c7	`'# added during upgrade\n')`
		a325c7	`new_lines.append((len(line) - len(line.lstrip()) + 2) * ' ' +`
		a325c7	`'<Limit CUPS-Get-Document>\n')`
		a325c7	`new_lines.append((len(line) - len(line.lstrip()) + 4) * ' ' +`
		a325c7	`'AuthType Default\n')`
		a325c7	`new_lines.append((len(line) - len(line.lstrip()) + 4) * ' ' +`
		a325c7	`'Require user @OWNER @SYSTEM\n')`
		a325c7	`new_lines.append((len(line) - len(line.lstrip()) + 4) * ' ' +`
		a325c7	`'Order deny,allow\n')`
		a325c7	`new_lines.append((len(line) - len(line.lstrip()) + 2) * ' ' +`
		a325c7	`'</Limit>\n')`
		a325c7	`create_document_limit = False`
		a325c7
		a325c7	`new_lines.append(line)`
		a325c7
		a325c7	`if not in_policy:`
		a325c7	`if line.lstrip().startswith('<Policy default>'):`
		a325c7	`in_policy = True`
		a325c7	`continue`
		a325c7
		a325c7	`if line.lstrip().startswith('<Limit CUPS-Get-Document>'):`
		a325c7	`new_lines.append((len(line) - len(line.lstrip()) + 2) * ' ' +`
		a325c7	`'# added during upgrade\n')`
		a325c7	`new_lines.append((len(line) - len(line.lstrip()) + 2) * ' ' +`
		a325c7	`'AuthType Default\n')`
		a325c7	`continue`
		a325c7
		a325c7	`if line.lstrip().startswith('</Policy>'):`
		a325c7	`in_policy = False`
		a325c7	`continue`
		a325c7
		a325c7	`return new_lines`
		a325c7
		a325c7
		a325c7	`def apply_changes(lines):`
		a325c7	`"""`
		a325c7	`Backup the original file if there is no .rpmsave already and`
		a325c7	`apply changes to the actual cupsd.conf`
		a325c7
		a325c7	`:param list lines: New lines for cupsd.conf`
		a325c7	`"""`
		a325c7	`if not os.path.exists('/etc/cups/cupsd.conf.rpmsave'):`
		a325c7	`copy('/etc/cups/cupsd.conf', '/etc/cups/cupsd.conf.rpmsave')`
		a325c7
		a325c7	`with open('/etc/cups/cupsd.conf', 'w') as conf:`
		a325c7	`conf.writelines(lines)`
		a325c7
		a325c7
		a325c7
		a325c7	`content = get_cupsd_conf()`
		a325c7	`if content is None:`
		a325c7	`sys.exit(1)`
		a325c7
		a325c7	`if check_for_authtype(get_limit_with_document(get_default_policy(content))):`
		a325c7	`sys.exit(0)`
		a325c7
		a325c7	`new_content = migrate_cupsd_conf(content)`
		a325c7
		a325c7	`apply_changes(new_content)`
		a325c7
		a325c7	`sys.exit(0)`

rpms / cups

Source Code

Blame SOURCES/upgrade_get_document.py.in