You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by sn...@apache.org on 2015/04/08 08:18:49 UTC
[1/2] incubator-ranger git commit: RANGER-353: Make install script
platform independent
Repository: incubator-ranger
Updated Branches:
refs/heads/master b3b773216 -> cb2dc3146
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cb2dc314/security-admin/scripts/dba_script.py
----------------------------------------------------------------------
diff --git a/security-admin/scripts/dba_script.py b/security-admin/scripts/dba_script.py
index 8b790ba..ad220f2 100644
--- a/security-admin/scripts/dba_script.py
+++ b/security-admin/scripts/dba_script.py
@@ -18,6 +18,7 @@ import sys
import errno
import shlex
import logging
+import platform
import subprocess
import fileinput
import getpass
@@ -26,8 +27,14 @@ from subprocess import Popen,PIPE
from datetime import date
globalDict = {}
+os_name = platform.system()
+os_name = os_name.upper()
+
def check_output(query):
- p = subprocess.Popen(query, stdout=subprocess.PIPE)
+ if os_name == "LINUX":
+ p = subprocess.Popen(shlex.split(query), stdout=subprocess.PIPE)
+ elif os_name == "WINDOWS":
+ p = subprocess.Popen(query, stdout=subprocess.PIPE, shell=True)
output = p.communicate ()[0]
return output
@@ -51,7 +58,6 @@ def populate_global_dict():
if re.search('=', each_line):
key , value = each_line.strip().split("=",1)
key = key.strip()
-
if 'PASSWORD' in key:
jceks_file_path = os.path.join(os.getenv('RANGER_HOME'), 'jceks','ranger_db.jceks')
statuscode,value = call_keystore(library_path,key,'',jceks_file_path,'get')
@@ -78,6 +84,7 @@ def logFile(msg):
else:
print("Invalid input! Provide file path to write DBA scripts:")
sys.exit()
+
class BaseDB(object):
def create_rangerdb_user(self, root_user, db_user, db_password, db_root_password,dryMode):
@@ -89,7 +96,7 @@ class BaseDB(object):
def create_db(self, root_user, db_root_password, db_name, db_user, db_password,dryMode):
log("[I] ---------- Verifying database ----------", "info")
- def create_auditdb_user(self, xa_db_host , audit_db_host , db_name ,audit_db_name, xa_db_root_user, audit_db_root_user, db_user, audit_db_user, xa_db_root_password, audit_db_root_password, db_password, audit_db_password, DBA_MODE,dryMode):
+ def create_auditdb_user(self, xa_db_host, audit_db_host, db_name, audit_db_name, xa_db_root_user, audit_db_root_user, db_user, audit_db_user, xa_db_root_password, audit_db_root_password, db_password, audit_db_password, DBA_MODE, dryMode):
log("[I] ---------- Create audit user ----------", "info")
@@ -102,14 +109,22 @@ class MysqlConf(BaseDB):
def get_jisql_cmd(self, user, password ,db_name):
#TODO: User array for forming command
- jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s -u %s -p %s -noheader -trim -c \;" %(self.JAVA_BIN,self.SQL_CONNECTOR_JAR,self.host,db_name,user,password)
+ path = os.getcwd()
+ if os_name == "LINUX":
+ jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s -u %s -p %s -noheader -trim -c \;" %(self.JAVA_BIN,self.SQL_CONNECTOR_JAR,self.host,db_name,user,password)
+ elif os_name == "WINDOWS":
+ self.JAVA_BIN = self.JAVA_BIN.strip("'")
+ jisql_cmd = "%s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s -u %s -p %s -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, self.host, db_name, user, password)
return jisql_cmd
def verify_user(self, root_user, db_root_password, host, db_user, get_cmd,dryMode):
if dryMode == False:
log("[I] Verifying user " + db_user+ " for Host "+ host, "info")
- query = get_cmd + " -query \"select user from mysql.user where user='%s' and host='%s';\"" %(db_user,host)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"select user from mysql.user where user='%s' and host='%s';\"" %(db_user,host)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select user from mysql.user where user='%s' and host='%s';\" -c ;" %(db_user,host)
+ output = check_output(query)
if output.strip(db_user + " |"):
return True
else:
@@ -118,8 +133,11 @@ class MysqlConf(BaseDB):
def check_connection(self, db_name, db_user, db_password):
#log("[I] Checking connection..", "info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -query \"SELECT version();\""
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"SELECT version();\""
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT version();\" -c ;"
+ output = check_output(query)
if output.strip('Production |'):
#log("[I] Checking connection passed.", "info")
return True
@@ -139,8 +157,12 @@ class MysqlConf(BaseDB):
if db_password == "":
if dryMode == False:
log("[I] MySQL user " + db_user + " does not exists for host " + host, "info")
- query = get_cmd + " -query \"create user '%s'@'%s';\"" %(db_user, host)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"create user '%s'@'%s';\"" %(db_user, host)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create user '%s'@'%s';\" -c ;" %(db_user, host)
+ ret = subprocess.call(query)
if ret == 0:
if self.verify_user(root_user, db_root_password, host, db_user, get_cmd):
log("[I] MySQL user " + db_user +" created for host " + host ,"info")
@@ -152,8 +174,12 @@ class MysqlConf(BaseDB):
else:
if dryMode == False:
log("[I] MySQL user " + db_user + " does not exists for host " + host, "info")
- query = get_cmd + " -query \"create user '%s'@'%s' identified by '%s';\"" %(db_user,host,db_password)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"create user '%s'@'%s' identified by '%s';\"" %(db_user, host, db_password)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create user '%s'@'%s' identified by '%s';\" -c ;" %(db_user, host, db_password)
+ ret = subprocess.call(query)
if ret == 0:
if self.verify_user(root_user, db_root_password, host, db_user, get_cmd,dryMode):
log("[I] MySQL user " + db_user +" created for host " + host ,"info")
@@ -171,8 +197,11 @@ class MysqlConf(BaseDB):
if dryMode == False:
log("[I] Verifying database " + db_name , "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'mysql')
- query = get_cmd + " -query \"show databases like '%s';\"" %(db_name)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"show databases like '%s';\"" %(db_name)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"show databases like '%s';\" -c ;" %(db_name)
+ output = check_output(query)
if output.strip(db_name + " |"):
return True
else:
@@ -185,10 +214,16 @@ class MysqlConf(BaseDB):
log("[I] Database "+db_name + " already exists.","info")
else:
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'mysql')
- query = get_cmd + " -query \"create database %s;\"" %(db_name)
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"create database %s;\"" %(db_name)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create database %s;\" -c ;" %(db_name)
if dryMode == False:
log("[I] Database does not exist, Creating database " + db_name,"info")
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Database creation failed..","error")
sys.exit(1)
@@ -210,10 +245,10 @@ class MysqlConf(BaseDB):
for host in hosts_arr:
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'mysql')
query = get_cmd + " -query \"REVOKE ALL PRIVILEGES,GRANT OPTION FROM '%s'@'%s';\"" %(db_user, host)
- ret = subprocess.check_call(shlex.split(query))
+ ret = subprocess.call(shlex.split(query))
if ret == 0:
query = get_cmd + " -query \"FLUSH PRIVILEGES;\""
- ret = subprocess.check_call(shlex.split(query))
+ ret = subprocess.call(shlex.split(query))
if ret != 0:
sys.exit(1)
else:
@@ -224,12 +259,20 @@ class MysqlConf(BaseDB):
if dryMode == False:
log("[I] ---------- Granting privileges TO user '"+db_user+"'@'"+host+"' on db '"+db_name+"'----------" , "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'mysql')
- query = get_cmd + " -query \"grant all privileges on %s.* to '%s'@'%s' with grant option;\"" %(db_name,db_user, host)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"grant all privileges on %s.* to '%s'@'%s' with grant option;\"" %(db_name,db_user, host)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"grant all privileges on %s.* to '%s'@'%s' with grant option;\" -c ;" %(db_name,db_user, host)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] ---------- FLUSH PRIVILEGES ----------" , "info")
- query = get_cmd + " -query \"FLUSH PRIVILEGES;\""
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"FLUSH PRIVILEGES;\""
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"FLUSH PRIVILEGES;\" -c ;"
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Privileges granted to '" + db_user + "' on '"+db_name+"'", "info")
else:
@@ -253,10 +296,10 @@ class MysqlConf(BaseDB):
for host in hosts_arr:
get_cmd = self.get_jisql_cmd(audit_db_root_user, audit_db_root_password ,'mysql')
query = get_cmd + " -query \"REVOKE ALL PRIVILEGES,GRANT OPTION FROM '%s'@'%s';\"" %(audit_db_user, host)
- ret = subprocess.check_call(shlex.split(query))
+ ret = subprocess.call(shlex.split(query))
if ret == 0:
query = get_cmd + " -query \"FLUSH PRIVILEGES;\""
- ret = subprocess.check_call(shlex.split(query))
+ ret = subprocess.call(shlex.split(query))
if ret != 0:
sys.exit(1)
else:
@@ -276,14 +319,21 @@ class OracleConf(BaseDB):
def get_jisql_cmd(self, user, password):
#TODO: User array for forming command
- jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver oraclethin -cstring jdbc:oracle:thin:@%s -u '%s' -p '%s' -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, self.host, user, password)
+ path = os.getcwd()
+ if os_name == "LINUX":
+ jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver oraclethin -cstring jdbc:oracle:thin:@%s -u '%s' -p '%s' -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, self.host, user, password)
+ elif os_name == "WINDOWS":
+ jisql_cmd = "%s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver oraclethin -cstring jdbc:oracle:thin:@%s -u %s -p %s -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, self.host, user, password)
return jisql_cmd
def check_connection(self, db_name, db_user, db_password):
log("[I] Checking connection", "info")
get_cmd = self.get_jisql_cmd(db_user, db_password)
- query = get_cmd + " -c \; -query \"select * from v$version;\""
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"select * from v$version;\""
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select * from v$version;\" -c ;"
+ output = check_output(query)
if output.strip('Production |'):
log("[I] Connection success", "info")
return True
@@ -295,8 +345,11 @@ class OracleConf(BaseDB):
if dryMode == False:
log("[I] Verifying user " + db_user ,"info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password)
- query = get_cmd + " -c \; -query \"select username from all_users where upper(username)=upper('%s');\"" %(db_user)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"select username from all_users where upper(username)=upper('%s');\"" %(db_user)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select username from all_users where upper(username)=upper('%s');\" -c ;" %(db_user)
+ output = check_output(query)
if output.strip(db_user + " |"):
return True
else:
@@ -311,14 +364,22 @@ class OracleConf(BaseDB):
if dryMode == False:
log("[I] User does not exists, Creating user : " + db_user, "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password)
- query = get_cmd + " -c \; -query 'create user %s identified by \"%s\";'" %(db_user, db_password)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'create user %s identified by \"%s\";'" %(db_user, db_password)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create user %s identified by \"%s\";\" -c ;" %(db_user, db_password)
+ ret = subprocess.call(query)
if ret == 0:
if self.verify_user(root_user, db_user, db_root_password,dryMode):
log("[I] User " + db_user + " created", "info")
log("[I] Granting permission to " + db_user, "info")
- query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;\" -c ;" % (db_user)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Granting permissions to Oracle user '" + db_user + "' for %s done" %(self.host), "info")
else:
@@ -338,8 +399,11 @@ class OracleConf(BaseDB):
if dryMode == False:
log("[I] Verifying tablespace " + db_name, "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password)
- query = get_cmd + " -c \; -query \"SELECT DISTINCT UPPER(TABLESPACE_NAME) FROM USER_TablespaceS where UPPER(Tablespace_Name)=UPPER(\'%s\');\"" %(db_name)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"SELECT DISTINCT UPPER(TABLESPACE_NAME) FROM USER_TablespaceS where UPPER(Tablespace_Name)=UPPER(\'%s\');\"" %(db_name)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT DISTINCT UPPER(TABLESPACE_NAME) FROM USER_TablespaceS where UPPER(Tablespace_Name)=UPPER(\'%s\');\" -c ;" %(db_name)
+ output = check_output(query)
if output.strip(db_name+' |'):
return True
else:
@@ -351,8 +415,11 @@ class OracleConf(BaseDB):
log("[I] Tablespace " + db_name + " already exists.","info")
if self.verify_user(root_user, db_user, db_root_password,dryMode):
get_cmd = self.get_jisql_cmd(db_user ,db_password)
- query = get_cmd + " -c \; -query 'select default_tablespace from user_users;'"
- output = check_output(shlex.split(query)).strip()
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'select default_tablespace from user_users;'"
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select default_tablespace from user_users;\" -c ;"
+ output = check_output(query).strip()
db_name = db_name.upper() +' |'
if output == db_name:
log("[I] User name " + db_user + " and tablespace " + db_name + " already exists.","info")
@@ -365,8 +432,12 @@ class OracleConf(BaseDB):
if dryMode == False:
log("[I] Tablespace does not exist. Creating tablespace: " + db_name,"info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password)
- query = get_cmd + " -c \; -query \"create tablespace %s datafile '%s.dat' size 10M autoextend on;\"" %(db_name, db_name)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"create tablespace %s datafile '%s.dat' size 10M autoextend on;\"" %(db_name, db_name)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create tablespace %s datafile '%s.dat' size 10M autoextend on;\" -c ;" %(db_name, db_name)
+ ret = subprocess.call(query)
if ret == 0:
if self.verify_tablespace(root_user, db_root_password, db_name,dryMode):
log("[I] Creating tablespace "+db_name+" succeeded", "info")
@@ -387,12 +458,20 @@ class OracleConf(BaseDB):
log("[I] Assign default tablespace " +db_name + " to " + db_user, "info")
# Assign default tablespace db_name
get_cmd = self.get_jisql_cmd(root_user , db_root_password)
- query = get_cmd +" -c \; -query 'alter user %s identified by \"%s\" DEFAULT Tablespace %s;'" %(db_user, db_password, db_name)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd +" -c \; -query 'alter user %s identified by \"%s\" DEFAULT Tablespace %s;'" %(db_user, db_password, db_name)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd +" -query \"alter user %s identified by \"%s\" DEFAULT Tablespace %s;\" -c ;" %(db_user, db_password, db_name)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Granting permission to " + db_user, "info")
- query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;\" -c ;" % (db_user)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Granting Oracle user '" + db_user + "' done", "info")
return status
@@ -418,8 +497,12 @@ class OracleConf(BaseDB):
if dryMode == False:
log("[I] Tablespace does not exist. Creating tablespace: " + audit_db_name,"info")
get_cmd = self.get_jisql_cmd(audit_db_root_user, audit_db_root_password)
- query = get_cmd + " -c \; -query \"create tablespace %s datafile '%s.dat' size 10M autoextend on;\"" %(audit_db_name, audit_db_name)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"create tablespace %s datafile '%s.dat' size 10M autoextend on;\"" %(audit_db_name, audit_db_name)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create tablespace %s datafile '%s.dat' size 10M autoextend on;\" -c ;" %(audit_db_name, audit_db_name)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Tablespace creation failed..","error")
sys.exit(1)
@@ -437,8 +520,12 @@ class OracleConf(BaseDB):
if dryMode == False:
log("[I] Tablespace does not exist. Creating tablespace: " + db_name,"info")
get_cmd = self.get_jisql_cmd(audit_db_root_user, audit_db_root_password)
- query = get_cmd + " -c \; -query \"create tablespace %s datafile '%s.dat' size 10M autoextend on;\"" %(db_name, db_name)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"create tablespace %s datafile '%s.dat' size 10M autoextend on;\"" %(db_name, db_name)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create tablespace %s datafile '%s.dat' size 10M autoextend on;\" -c ;" %(db_name, db_name)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Tablespace creation failed..","error")
sys.exit(1)
@@ -453,19 +540,31 @@ class OracleConf(BaseDB):
log("[I] Assign default tablespace " + db_name + " to : " + audit_db_user, "info")
# Assign default tablespace db_name
get_cmd = self.get_jisql_cmd(audit_db_root_user , audit_db_root_password)
- query = get_cmd +" -c \; -query 'alter user %s identified by \"%s\" DEFAULT Tablespace %s;'" %(audit_db_user, audit_db_password, db_name)
- ret1 = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd +" -c \; -query 'alter user %s identified by \"%s\" DEFAULT Tablespace %s;'" %(audit_db_user, audit_db_password, db_name)
+ ret1 = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd +" -query \"alter user %s identified by \"%s\" DEFAULT Tablespace %s;\" -c ;" %(audit_db_user, audit_db_password, db_name)
+ ret1 = subprocess.call(query)
log("[I] Assign default tablespace " + audit_db_name + " to : " + audit_db_user, "info")
# Assign default tablespace audit_db_name
get_cmd = self.get_jisql_cmd(audit_db_root_user , audit_db_root_password)
- query = get_cmd +" -c \; -query 'alter user %s identified by \"%s\" DEFAULT Tablespace %s;'" %(audit_db_user, audit_db_password, audit_db_name)
- ret2 = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd +" -c \; -query 'alter user %s identified by \"%s\" DEFAULT Tablespace %s;'" %(audit_db_user, audit_db_password, audit_db_name)
+ ret2 = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd +" -query \"alter user %s identified by \"%s\" DEFAULT Tablespace %s;\" -c ;" %(audit_db_user, audit_db_password, audit_db_name)
+ ret2 = subprocess.call(query)
if (ret1 == 0 and ret2 == 0):
log("[I] Granting permission to " + db_user, "info")
- query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;\" -c ;" % (db_user)
+ ret = subprocess.call(query)
if ret == 0:
return True
else:
@@ -481,8 +580,12 @@ class OracleConf(BaseDB):
def grant_xa_db_user(self, root_user, db_name, db_user, db_password, db_root_password, invoke,dryMode):
if dryMode == False:
get_cmd = self.get_jisql_cmd(root_user ,db_root_password)
- query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;\" -c ;" % (db_user)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Granted permission to " + db_user, "info")
return True
@@ -504,14 +607,22 @@ class OracleConf(BaseDB):
if dryMode == False:
log("[I] User does not exists, Creating user " + db_user, "info")
get_cmd = self.get_jisql_cmd(audit_db_root_user, audit_db_root_password)
- query = get_cmd + " -c \; -query 'create user %s identified by \"%s\";'" %(db_user, db_password)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'create user %s identified by \"%s\";'" %(db_user, db_password)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create user %s identified by \"%s\";\" -c ;" %(db_user, db_password)
+ ret = subprocess.call(query)
if ret == 0:
if self.verify_user(audit_db_root_user, db_user, audit_db_root_password,dryMode):
log("[I] User " + db_user + " created", "info")
log("[I] Granting permission to " + db_user, "info")
- query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;'" % (db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED Tablespace TO %s WITH ADMIN OPTION;\" -c ;" % (db_user)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Granting permissions to Oracle user '" + db_user + "' for %s Done" %(self.host), "info")
else:
@@ -534,12 +645,20 @@ class OracleConf(BaseDB):
if dryMode == False:
log("[I] Audit user does not exists, Creating audit user " + audit_db_user, "info")
get_cmd = self.get_jisql_cmd(audit_db_root_user, audit_db_root_password)
- query = get_cmd + " -c \; -query 'create user %s identified by \"%s\";'" %(audit_db_user, audit_db_password)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'create user %s identified by \"%s\";'" %(audit_db_user, audit_db_password)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create user %s identified by \"%s\";\" -c ;" %(audit_db_user, audit_db_password)
+ ret = subprocess.call(query)
if ret == 0:
if self.verify_user(audit_db_root_user, audit_db_user, audit_db_root_password,dryMode):
- query = get_cmd + " -c \; -query \"GRANT CREATE SESSION TO %s;\"" %(audit_db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"GRANT CREATE SESSION TO %s;\"" %(audit_db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT CREATE SESSION TO %s;\" -c ;" %(audit_db_user)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Granting permission to " + audit_db_user + " done", "info")
else:
@@ -562,18 +681,25 @@ class PostgresConf(BaseDB):
self.SQL_CONNECTOR_JAR = SQL_CONNECTOR_JAR
self.JAVA_BIN = JAVA_BIN
-
def get_jisql_cmd(self, user, password, db_name):
#TODO: User array for forming command
- jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s:5432/%s -u %s -p %s -noheader -trim -c \;" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, self.host, db_name, user, password)
+ path = os.getcwd()
+ self.JAVA_BIN = self.JAVA_BIN.strip("'")
+ if os_name == "LINUX":
+ jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s:5432/%s -u %s -p %s -noheader -trim -c \;" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, self.host, db_name, user, password)
+ elif os_name == "WINDOWS":
+ jisql_cmd = "%s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s:5432/%s -u %s -p %s -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, self.host, db_name, user, password)
return jisql_cmd
def verify_user(self, root_user, db_root_password, db_user,dryMode):
if dryMode == False:
log("[I] Verifying user " + db_user , "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'postgres')
- query = get_cmd + " -query \"SELECT rolname FROM pg_roles WHERE rolname='%s';\"" %(db_user)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"SELECT rolname FROM pg_roles WHERE rolname='%s';\"" %(db_user)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT rolname FROM pg_roles WHERE rolname='%s';\" -c ;" %(db_user)
+ output = check_output(query)
if output.strip(db_user + " |"):
return True
else:
@@ -582,8 +708,11 @@ class PostgresConf(BaseDB):
def check_connection(self, db_name, db_user, db_password):
#log("[I] Checking connection", "info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -query \"SELECT 1;\""
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"SELECT 1;\""
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT 1;\" -c ;"
+ output = check_output(query)
if output.strip('1 |'):
#log("[I] connection success", "info")
return True
@@ -600,8 +729,12 @@ class PostgresConf(BaseDB):
if dryMode == False:
log("[I] User does not exists, Creating user : " + db_user, "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'postgres')
- query = get_cmd + " -query \"CREATE USER %s WITH LOGIN PASSWORD '%s';\"" %(db_user, db_password)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"CREATE USER %s WITH LOGIN PASSWORD '%s';\"" %(db_user, db_password)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"CREATE USER %s WITH LOGIN PASSWORD '%s';\" -c ;" %(db_user, db_password)
+ ret = subprocess.call(query)
if ret == 0:
if self.verify_user(root_user, db_root_password, db_user,dryMode):
log("[I] Postgres user " + db_user + " created", "info")
@@ -618,8 +751,11 @@ class PostgresConf(BaseDB):
if dryMode == False:
log("[I] Verifying database " + db_name , "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'postgres')
- query = get_cmd + " -query \"SELECT datname FROM pg_database where datname='%s';\"" %(db_name)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"SELECT datname FROM pg_database where datname='%s';\"" %(db_name)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT datname FROM pg_database where datname='%s';\" -c ;" %(db_name)
+ output = check_output(query)
if output.strip(db_name + " |"):
return True
else:
@@ -634,8 +770,12 @@ class PostgresConf(BaseDB):
if dryMode == False:
log("[I] Database does not exist, Creating database : " + db_name,"info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'postgres')
- query = get_cmd + " -query \"CREATE DATABASE %s WITH OWNER %s;\"" %(db_name, db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"create database %s with OWNER %s;\"" %(db_name, db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create database %s with OWNER %s;\" -c ;" %(db_name, db_user)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Database creation failed..","error")
sys.exit(1)
@@ -653,26 +793,42 @@ class PostgresConf(BaseDB):
if dryMode == False:
log("[I] Granting privileges TO user '"+db_user+"' on db '"+db_name+"'" , "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, db_name)
- query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON DATABASE %s to %s;\"" %(db_name, db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON DATABASE %s to %s;\"" %(db_name, db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON DATABASE %s to %s;\" -c ;" %(db_name, db_user)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Granting privileges on tables in schema public failed..", "error")
sys.exit(1)
- query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON SCHEMA public TO %s;\"" %(db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON SCHEMA public TO %s;\"" %(db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON SCHEMA public TO %s;\" -c ;" %(db_user)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Granting privileges on schema public failed..", "error")
sys.exit(1)
- query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO %s;\"" %(db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO %s;\"" %(db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO %s;\" -c ;" %(db_user)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Granting privileges on database "+db_name+ " failed..", "error")
sys.exit(1)
- query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO %s;\"" %(db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO %s;\"" %(db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO %s;\" -c ;" %(db_user)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Granting privileges on database "+db_name+ " failed..", "error")
sys.exit(1)
@@ -702,18 +858,25 @@ class SqlServerConf(BaseDB):
self.SQL_CONNECTOR_JAR = SQL_CONNECTOR_JAR
self.JAVA_BIN = JAVA_BIN
-
def get_jisql_cmd(self, user, password, db_name):
#TODO: User array for forming command
- jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -user %s -password %s -driver mssql -cstring jdbc:sqlserver://%s:1433\\;databaseName=%s -noheader -trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, user, password, self.host,db_name)
+ path = os.getcwd()
+ self.JAVA_BIN = self.JAVA_BIN.strip("'")
+ if os_name == "LINUX":
+ jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -user %s -password %s -driver mssql -cstring jdbc:sqlserver://%s:1433\\;databaseName=%s -noheader -trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, user, password, self.host,db_name)
+ elif os_name == "WINDOWS":
+ jisql_cmd = "%s -cp %s;%s\\jisql\\lib\\* org.apache.util.sql.Jisql -user %s -password %s -driver mssql -cstring jdbc:sqlserver://%s:1433;databaseName=%s -noheader -trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, user, password, self.host,db_name)
return jisql_cmd
def verify_user(self, root_user, db_root_password, db_user,dryMode):
if dryMode == False:
log("[I] Verifying user " + db_user , "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'msdb')
- query = get_cmd + " -c \; -query \"select loginname from master.dbo.syslogins where loginname = '%s';\"" %(db_user)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"select loginname from master.dbo.syslogins where loginname = '%s';\"" %(db_user)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select loginname from master.dbo.syslogins where loginname = '%s';\" -c ;" %(db_user)
+ output = check_output(query)
if output.strip(db_user + " |"):
return True
else:
@@ -722,8 +885,11 @@ class SqlServerConf(BaseDB):
def check_connection(self, db_name, db_user, db_password):
log("[I] Checking connection", "info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -c \; -query \"SELECT 1;\""
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"SELECT 1;\""
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT 1;\" -c ;"
+ output = check_output(query)
if output.strip('1 |'):
log("[I] Connection success", "info")
return True
@@ -740,8 +906,12 @@ class SqlServerConf(BaseDB):
if dryMode == False:
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'msdb')
log("[I] User does not exists, Creating Login user " + db_user, "info")
- query = get_cmd + " -c \; -query \"CREATE LOGIN %s WITH PASSWORD = '%s';\"" %(db_user,db_password)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"CREATE LOGIN %s WITH PASSWORD = '%s';\"" %(db_user,db_password)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"CREATE LOGIN %s WITH PASSWORD = '%s';\" -c ;" %(db_user,db_password)
+ ret = subprocess.call(query)
if ret == 0:
if self.verify_user(root_user, db_root_password, db_user,dryMode):
log("[I] SQL Server user " + db_user + " created", "info")
@@ -758,8 +928,11 @@ class SqlServerConf(BaseDB):
if dryMode == False:
log("[I] Verifying database " + db_name, "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'msdb')
- query = get_cmd + " -c \; -query \"SELECT name from sys.databases where name='%s';\"" %(db_name)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"SELECT name from sys.databases where name='%s';\"" %(db_name)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT name from sys.databases where name='%s';\" -c ;" %(db_name)
+ output = check_output(query)
if output.strip(db_name + " |"):
return True
else:
@@ -773,8 +946,12 @@ class SqlServerConf(BaseDB):
if dryMode == False:
log("[I] Database does not exist. Creating database : " + db_name,"info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'msdb')
- query = get_cmd + " -c \; -query \"create database %s;\"" %(db_name)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"create database %s;\"" %(db_name)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"create database %s;\" -c ;" %(db_name)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Database creation failed..","error")
sys.exit(1)
@@ -792,18 +969,28 @@ class SqlServerConf(BaseDB):
def create_user(self, root_user, db_name ,db_user, db_password, db_root_password,dryMode):
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'msdb')
- query = get_cmd + " -c \; -query \"USE %s SELECT name FROM sys.database_principals WHERE name = N'%s';\"" %(db_name, db_user)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"USE %s SELECT name FROM sys.database_principals WHERE name = N'%s';\"" %(db_name, db_user)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"USE %s SELECT name FROM sys.database_principals WHERE name = N'%s';\" -c ;" %(db_name, db_user)
+ output = check_output(query)
if output.strip(db_user + " |"):
if dryMode == False:
log("[I] User "+db_user+" exist ","info")
else:
if dryMode == False:
- query = get_cmd + " -c \; -query \"USE %s CREATE USER %s for LOGIN %s;\"" %(db_name ,db_user, db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"USE %s CREATE USER %s for LOGIN %s;\"" %(db_name ,db_user, db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"USE %s CREATE USER %s for LOGIN %s;\" -c ;" %(db_name ,db_user, db_user)
+ ret = subprocess.call(query)
if ret == 0:
- query = get_cmd + " -c \; -query \"USE %s SELECT name FROM sys.database_principals WHERE name = N'%s';\"" %(db_name ,db_user)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"USE %s SELECT name FROM sys.database_principals WHERE name = N'%s';\"" %(db_name ,db_user)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"USE %s SELECT name FROM sys.database_principals WHERE name = N'%s';\" -c ;" %(db_name ,db_user)
+ output = check_output(query)
if output.strip(db_user + " |"):
log("[I] User "+db_user+" exist ","info")
else:
@@ -819,13 +1006,22 @@ class SqlServerConf(BaseDB):
if dryMode == False:
log("[I] Granting permission to admin user '" + db_user + "' on db '" + db_name + "'" , "info")
get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'msdb')
- query = get_cmd + " -c \; -query \"ALTER LOGIN [%s] WITH DEFAULT_DATABASE=[%s];\"" %(db_user, db_name)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"ALTER LOGIN [%s] WITH DEFAULT_DATABASE=[%s];\"" %(db_user, db_name)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"ALTER LOGIN [%s] WITH DEFAULT_DATABASE=[%s];\" -c ;" %(db_user, db_name)
+ ret = subprocess.call(query)
if ret != 0:
sys.exit(1)
- query = get_cmd + " -c \; -query \" USE %s EXEC sp_addrolemember N'db_owner', N'%s';\"" %(db_name, db_user)
- # query = get_cmd + " -c \; -query \" USE %s GRANT ALL PRIVILEGES to %s;\"" %(db_name , db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \" USE %s EXEC sp_addrolemember N'db_owner', N'%s';\"" %(db_name, db_user)
+# query = get_cmd + " -c \; -query \" USE %s GRANT ALL PRIVILEGES to %s;\"" %(db_name , db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \" USE %s EXEC sp_addrolemember N'db_owner', N'%s';\" -c ;" %(db_name, db_user)
+# query = get_cmd + " -c \; -query \" USE %s GRANT ALL PRIVILEGES to %s;\"" %(db_name , db_user)
+ ret = subprocess.call(query)
if ret != 0:
sys.exit(1)
else:
@@ -842,7 +1038,7 @@ class SqlServerConf(BaseDB):
self.create_rangerdb_user(audit_db_root_user, audit_db_user, audit_db_password, audit_db_root_password,dryMode)
self.create_db(audit_db_root_user, audit_db_root_password ,audit_db_name, audit_db_user, audit_db_password,dryMode)
self.create_user(xa_db_root_user, audit_db_name ,db_user, db_password, xa_db_root_password,dryMode)
- self.grant_xa_db_user(audit_db_root_user, audit_db_name, db_user, db_password, audit_db_root_password, is_revoke,dryMode)
+ self.grant_xa_db_user(audit_db_root_user, audit_db_name, db_user, db_password, audit_db_root_password, is_revoke, dryMode)
def main(argv):
@@ -893,10 +1089,15 @@ def main(argv):
if os.environ['JAVA_HOME'] == "":
log("[E] ---------- JAVA_HOME environment property not defined, aborting installation. ----------", "error")
sys.exit(1)
- JAVA_BIN=os.environ['JAVA_HOME']+'/bin/java'
- while os.path.isfile(JAVA_BIN) == False:
- log("Enter java executable path: :","info")
- JAVA_BIN=raw_input()
+ JAVA_BIN=os.path.join(os.environ['JAVA_HOME'],'bin','java')
+ if os_name == "WINDOWS" :
+ JAVA_BIN = JAVA_BIN+'.exe'
+ if os.path.isfile(JAVA_BIN):
+ pass
+ else :
+ while os.path.isfile(JAVA_BIN) == False:
+ log("Enter java executable path: :","info")
+ JAVA_BIN=raw_input()
log("[I] Using Java:" + str(JAVA_BIN),"info")
if (quiteMode):
@@ -1006,33 +1207,33 @@ def main(argv):
#log("Enter db root password:","info")
#xa_db_root_password = raw_input()
- mysql_dbversion_catalog = 'db/mysql/create_dbversion_catalog.sql'
+ mysql_dbversion_catalog = os.path.join('db','mysql','create_dbversion_catalog.sql')
#mysql_core_file = globalDict['mysql_core_file']
- mysql_core_file = 'db/mysql/xa_core_db.sql'
+ mysql_core_file = os.path.join('db','mysql','xa_core_db.sql')
#mysql_audit_file = globalDict['mysql_audit_file']
- mysql_audit_file = 'db/mysql/xa_audit_db.sql'
- mysql_patches = 'db/mysql/patches'
+ mysql_audit_file = os.path.join('db','mysql','xa_audit_db.sql')
+ mysql_patches = os.path.join('db','mysql','patches')
- oracle_dbversion_catalog = 'db/oracle/create_dbversion_catalog.sql'
+ oracle_dbversion_catalog = os.path.join('db','oracle','create_dbversion_catalog.sql')
#oracle_core_file = globalDict['oracle_core_file']
- oracle_core_file = 'db/oracle/xa_core_db_oracle.sql'
+ oracle_core_file = os.path.join('db','oracle','xa_core_db_oracle.sql')
#oracle_audit_file = globalDict['oracle_audit_file']
- oracle_audit_file = 'db/oracle/xa_audit_db_oracle.sql'
- oracle_patches = 'db/oracle/patches'
+ oracle_audit_file = os.path.join('db','oracle','xa_audit_db_oracle.sql')
+ oracle_patches = os.path.join('db','oracle','patches')
- postgres_dbversion_catalog = 'db/postgres/create_dbversion_catalog.sql'
+ postgres_dbversion_catalog = os.path.join('db','postgres','create_dbversion_catalog.sql')
#postgres_core_file = globalDict['postgres_core_file']
- postgres_core_file = 'db/postgres/xa_core_db_postgres.sql'
+ postgres_core_file = os.path.join('db','postgres','xa_core_db_postgres.sql')
#postgres_audit_file = globalDict['postgres_audit_file']
- postgres_audit_file = 'db/postgres/xa_audit_db_postgres.sql'
- postgres_patches = 'db/postgres/patches'
+ postgres_audit_file = os.path.join('db','postgres','xa_audit_db_postgres.sql')
+ postgres_patches = os.path.join('db','postgres','patches')
- sqlserver_dbversion_catalog = 'db/sqlserver/create_dbversion_catalog.sql'
+ sqlserver_dbversion_catalog = os.path.join('db','sqlserver','create_dbversion_catalog.sql')
#sqlserver_core_file = globalDict['sqlserver_core_file']
- sqlserver_core_file = 'db/sqlserver/xa_core_db_sqlserver.sql'
+ sqlserver_core_file = os.path.join('db','sqlserver','xa_core_db_sqlserver.sql')
#sqlserver_audit_file = globalDict['sqlserver_audit_file']
- sqlserver_audit_file = 'db/sqlserver/xa_audit_db_sqlserver.sql'
- sqlserver_patches = 'db/sqlserver/patches'
+ sqlserver_audit_file = os.path.join('db','sqlserver','xa_audit_db_sqlserver.sql')
+ sqlserver_patches = os.path.join('db','sqlserver','patches')
x_db_version = 'x_db_version_h'
xa_access_audit = 'xa_access_audit'
@@ -1051,7 +1252,10 @@ def main(argv):
#ORACLE_CONNECTOR_JAR=globalDict['SQL_CONNECTOR_JAR']
#ORACLE_CONNECTOR_JAR='/usr/share/java/ojdbc6.jar'
ORACLE_CONNECTOR_JAR=CONNECTOR_JAR
- xa_db_root_user = xa_db_root_user+" AS SYSDBA"
+ if os_name == "LINUX":
+ xa_db_root_user = xa_db_root_user+" AS SYSDBA"
+ elif os_name == "WINDOWS":
+ xa_db_root_user = xa_db_root_user
xa_sqlObj = OracleConf(xa_db_host, ORACLE_CONNECTOR_JAR, JAVA_BIN)
xa_db_version_file = os.path.join(os.getcwd(),oracle_dbversion_catalog)
xa_db_core_file = os.path.join(os.getcwd(),oracle_core_file)
@@ -1089,7 +1293,10 @@ def main(argv):
#ORACLE_CONNECTOR_JAR=globalDict['SQL_CONNECTOR_JAR']
#ORACLE_CONNECTOR_JAR='/usr/share/java/ojdbc6.jar'
ORACLE_CONNECTOR_JAR=CONNECTOR_JAR
- audit_db_root_user = audit_db_root_user+" AS SYSDBA"
+ if os_name == "LINUX":
+ audit_db_root_user = audit_db_root_user+" AS SYSDBA"
+ if os_name == "WINDOWS":
+ audit_db_root_user = audit_db_root_user
audit_sqlObj = OracleConf(audit_db_host, ORACLE_CONNECTOR_JAR, JAVA_BIN)
audit_db_file = os.path.join(os.getcwd(),oracle_audit_file)
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cb2dc314/security-admin/scripts/install.properties
----------------------------------------------------------------------
diff --git a/security-admin/scripts/install.properties b/security-admin/scripts/install.properties
index 2d35771..c2d896f 100644
--- a/security-admin/scripts/install.properties
+++ b/security-admin/scripts/install.properties
@@ -18,6 +18,9 @@
#
#------------------------- DB CONFIG - BEGIN ----------------------------------
+# Uncomment the below if the DBA steps need to be run separately
+#setup_mode=SeparateDBA
+
PYTHON_COMMAND_INVOKER=python
#DB_FLAVOR=MYSQL|ORACLE|POSTGRES|SQLSERVER
@@ -178,6 +181,3 @@ postgres_audit_file=db/postgres/xa_audit_db_postgres.sql
sqlserver_core_file=db/sqlserver/xa_core_db_sqlserver.sql
sqlserver_audit_file=db/sqlserver/xa_audit_db_sqlserver.sql
cred_keystore_filename=$app_home/WEB-INF/classes/conf/.jceks/rangeradmin.jceks
-
-# Uncomment the below if the DBA steps need to be run separately
-#setup_mode=SeparateDBA
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cb2dc314/security-admin/scripts/restrict_permissions.py
----------------------------------------------------------------------
diff --git a/security-admin/scripts/restrict_permissions.py b/security-admin/scripts/restrict_permissions.py
new file mode 100644
index 0000000..a4998be
--- /dev/null
+++ b/security-admin/scripts/restrict_permissions.py
@@ -0,0 +1,453 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License. See accompanying LICENSE file.
+#
+
+import os
+import re
+import sys
+import errno
+import shlex
+import logging
+import subprocess
+import platform
+import fileinput
+import getpass
+from os.path import basename
+from subprocess import Popen,PIPE
+from datetime import date
+from datetime import datetime
+globalDict = {}
+
+os_name = platform.system()
+os_name = os_name.upper()
+
+def check_output(query):
+ if os_name == "LINUX":
+ p = subprocess.Popen(shlex.split(query), stdout=subprocess.PIPE)
+ elif os_name == "WINDOWS":
+ p = subprocess.Popen(query, stdout=subprocess.PIPE, shell=True)
+ output = p.communicate ()[0]
+ return output
+
+def log(msg,type):
+ if type == 'info':
+ logging.info(" %s",msg)
+ if type == 'debug':
+ logging.debug(" %s",msg)
+ if type == 'warning':
+ logging.warning(" %s",msg)
+ if type == 'exception':
+ logging.exception(" %s",msg)
+ if type == 'error':
+ logging.error(" %s",msg)
+
+def populate_global_dict():
+ global globalDict
+ read_config_file = open(os.path.join(os.getcwd(),'install.properties'))
+ for each_line in read_config_file.read().split('\n') :
+ if len(each_line) == 0 : continue
+ if re.search('=', each_line):
+ key , value = each_line.strip().split("=",1)
+ key = key.strip()
+
+ if 'PASSWORD' in key:
+ jceks_file_path = os.path.join(os.getenv('RANGER_HOME'), 'jceks','ranger_db.jceks')
+ statuscode,value = call_keystore(library_path,key,'',jceks_file_path,'get')
+ if statuscode == 1:
+ value = ''
+ value = value.strip()
+ globalDict[key] = value
+
+def logFile(msg):
+ if globalDict["dryMode"]==True:
+ logFileName=globalDict["dryModeOutputFile"]
+ if logFileName !="":
+ if os.path.isfile(logFileName):
+ if os.access(logFileName, os.W_OK):
+ with open(logFileName, "a") as f:
+ f.write(msg+"\n")
+ f.close()
+ else:
+ print("Unable to open file "+logFileName+" in write mode, Check file permissions.")
+ sys.exit()
+ else:
+ print(logFileName+" is Invalid input file name! Provide valid file path to write DBA scripts:")
+ sys.exit()
+ else:
+ print("Invalid input! Provide file path to write DBA scripts:")
+ sys.exit()
+
+class BaseDB(object):
+
+ def check_connection(self, db_name, db_user, db_password):
+ log("[I] ---------- Verifying DB connection ----------", "info")
+
+ def auditdb_operation(self, xa_db_host, audit_db_host, db_name, audit_db_name, xa_db_root_user, audit_db_root_user, db_user, audit_db_user, xa_db_root_password, audit_db_root_password, db_password, audit_db_password, DBA_MODE, dryMode):
+ log("[I] ---------- set audit user permissions ----------", "info")
+
+
+class MysqlConf(BaseDB):
+ def __init__(self, host,SQL_CONNECTOR_JAR,JAVA_BIN):
+ self.host = host
+ self.SQL_CONNECTOR_JAR = SQL_CONNECTOR_JAR
+ self.JAVA_BIN = JAVA_BIN
+
+ def get_jisql_cmd(self, user, password ,db_name):
+ path = os.getcwd()
+ if os_name == "LINUX":
+ jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s -u %s -p %s -noheader -trim -c \;" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, self.host, db_name, user, password)
+ elif os_name == "WINDOWS":
+ self.JAVA_BIN = self.JAVA_BIN.strip("'")
+ jisql_cmd = "%s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s -u %s -p %s -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, self.host, db_name, user, password)
+ return jisql_cmd
+
+ def verify_user(self, root_user, db_root_password, host, db_user, get_cmd,dryMode):
+ if dryMode == False:
+ log("[I] Verifying user " + db_user+ " for Host "+ host, "info")
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"select user from mysql.user where user='%s' and host='%s';\"" %(db_user,host)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select user from mysql.user where user='%s' and host='%s';\" -c ;" %(db_user,host)
+ output = check_output(query)
+ if output.strip(db_user + " |"):
+ return True
+ else:
+ return False
+
+ def check_connection(self, db_name, db_user, db_password):
+ #log("[I] Checking connection..", "info")
+ get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"SELECT version();\""
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT version();\" -c ;"
+ output = check_output(query)
+ if output.strip('Production |'):
+ #log("[I] Checking connection passed.", "info")
+ return True
+ else:
+ log("[E] Can't establish db connection.. Exiting.." ,"error")
+ sys.exit(1)
+
+ def verify_db(self, root_user, db_root_password, db_name,dryMode):
+ if dryMode == False:
+ log("[I] Verifying database " + db_name , "info")
+ get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'mysql')
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"show databases like '%s';\"" %(db_name)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"show databases like '%s';\" -c ;" %(db_name)
+ output = check_output(query)
+ if output.strip(db_name + " |"):
+ return True
+ else:
+ return False
+
+ def revoke_permissions(self, root_user, db_name, db_user, db_password, db_root_password, is_revoke,dryMode):
+ hosts_arr =["%", "localhost"]
+ if is_revoke:
+ for host in hosts_arr:
+ if dryMode == False:
+ log("[I] Revoking *.* privileges of user '"+db_user+"'@'"+host+"'" , "info")
+ get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'mysql')
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"REVOKE ALL PRIVILEGES,GRANT OPTION FROM '%s'@'%s';\"" %(db_user, host)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"REVOKE ALL PRIVILEGES,GRANT OPTION FROM '%s'@'%s';\" -c ;" %(db_user, host)
+ ret = subprocess.call(query)
+ if ret == 0:
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"FLUSH PRIVILEGES;\""
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"FLUSH PRIVILEGES;\" -c ;"
+ ret = subprocess.call(query)
+ if ret != 0:
+ sys.exit(1)
+ else:
+ sys.exit(1)
+ else:
+ logFile("REVOKE ALL PRIVILEGES,GRANT OPTION FROM '%s'@'%s';" %(db_user, host))
+ logFile("FLUSH PRIVILEGES;")
+
+ def grant_xa_db_user(self, root_user, db_name, db_user, db_password, db_root_password, is_revoke,dryMode):
+ hosts_arr =["%", "localhost"]
+ for host in hosts_arr:
+ if dryMode == False:
+ log("[I] Granting all privileges to user '"+db_user+"'@'"+host+"' on db '"+db_name+"'" , "info")
+ get_cmd = self.get_jisql_cmd(root_user, db_root_password, 'mysql')
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"grant all privileges on %s.* to '%s'@'%s' with grant option;\"" %(db_name,db_user, host)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"grant all privileges on %s.* to '%s'@'%s' with grant option;\" -c ;" %(db_name,db_user, host)
+ ret = subprocess.call(query)
+ if ret == 0:
+ log("[I] FLUSH PRIVILEGES.." , "info")
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"FLUSH PRIVILEGES;\""
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"FLUSH PRIVILEGES;\" -c ;"
+ ret = subprocess.call(query)
+ if ret == 0:
+ log("[I] Privileges granted to '" + db_user + "'@'"+host+"' on '"+db_name+"'", "info")
+ else:
+ log("[E] Granting privileges to '" +db_user+ "'@'"+host+"' failed on '"+db_name+"'", "error")
+ sys.exit(1)
+ else:
+ log("[E] Granting privileges to '" +db_user+ "'@'"+host+"' failed on '"+db_name+"'", "error")
+ sys.exit(1)
+ else:
+ logFile("grant all privileges on %s.* to '%s'@'%s' with grant option;" %(db_name,db_user, host))
+ logFile("FLUSH PRIVILEGES;")
+
+ def grant_audit_db_user(self, db_user, audit_db_name, audit_db_user, audit_db_password, db_password,TABLE_NAME,dryMode):
+ hosts_arr =["%", "localhost"]
+ for host in hosts_arr:
+ if dryMode == False:
+ log("[I] Granting insert privileges to '"+ audit_db_user + "'@'"+host+"' on table '"+ audit_db_name+"."+TABLE_NAME+"'" , "info")
+ get_cmd = self.get_jisql_cmd(db_user, db_password, audit_db_name)
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"GRANT INSERT ON %s.%s to '%s'@'%s';\"" %(audit_db_name,TABLE_NAME,audit_db_user,host)
+ ret = subprocess.call(shlex.split(query))
+ if os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT INSERT ON %s.%s to '%s'@'%s';\"" %(audit_db_name,TABLE_NAME,audit_db_user,host)
+ ret = subprocess.call(query)
+ if ret == 0:
+ log("[I] Insert Privileges granted to '" + audit_db_user+ "'@'"+host+"' on table '"+ audit_db_name+"."+TABLE_NAME+"'", "info")
+ else:
+ log("[E] Granting insert privileges to '" +audit_db_user+ "'@'"+host+"' failed on table '"+ audit_db_name+"."+TABLE_NAME+"'", "error")
+ sys.exit(1)
+ else:
+ logFile("GRANT INSERT ON %s.%s to '%s'@'%s';" %(audit_db_name,TABLE_NAME,audit_db_user,host))
+ logFile("FLUSH PRIVILEGES;")
+
+ def auditdb_operation(self, xa_db_host, audit_db_host, db_name, audit_db_name, xa_db_root_user, audit_db_root_user, db_user, audit_db_user, xa_db_root_password, audit_db_root_password, db_password, audit_db_password, DBA_MODE,dryMode):
+ is_revoke=True
+ if db_user != audit_db_user:
+ if dryMode == False:
+ log("[I] ---------- Revoking permissions from Ranger Audit db user ----------","info")
+ self.revoke_permissions(audit_db_root_user, audit_db_name, audit_db_user, audit_db_password, audit_db_root_password, is_revoke,dryMode)
+ if dryMode == False:
+ log("[I] ---------- Granting permissions to Ranger Admin db user on Audit DB ----------","info")
+ self.grant_xa_db_user(audit_db_root_user, audit_db_name, db_user, db_password, audit_db_root_password, is_revoke,dryMode)
+ self.grant_audit_db_user(db_user, audit_db_name, audit_db_user, audit_db_password, db_password,'xa_access_audit',dryMode)
+
+
+def main(argv):
+
+ FORMAT = '%(asctime)-15s %(message)s'
+ logging.basicConfig(format=FORMAT, level=logging.DEBUG)
+ DBA_MODE = 'TRUE'
+
+ quiteMode = False
+ dryMode=False
+ is_revoke=True
+
+ if len(argv) > 1:
+ for i in range(len(argv)):
+ if str(argv[i]) == "-q":
+ quiteMode = True
+ populate_global_dict()
+ if str(argv[i]) == "-d":
+ index=i+1
+ try:
+ dba_sql_file=str(argv[index])
+ if dba_sql_file == "":
+ log("[E] Invalid input! Provide file path to write Grant/Revoke sql scripts:","error")
+ sys.exit(1)
+ except IndexError:
+ log("[E] Invalid input! Provide file path to write Grant/Revoke sql scripts:","error")
+ sys.exit(1)
+
+ if not dba_sql_file == "":
+ if not os.path.exists(dba_sql_file):
+ log("[I] Creating File:"+dba_sql_file,"info")
+ open(dba_sql_file, 'w').close()
+ else:
+ log("[I] File "+dba_sql_file+ " is available.","info")
+
+ if os.path.isfile(dba_sql_file):
+ dryMode=True
+ globalDict["dryMode"]=True
+ globalDict["dryModeOutputFile"]=dba_sql_file
+ else:
+ log("[E] Invalid file Name! Unable to find file:"+dba_sql_file,"error")
+ sys.exit(1)
+
+ log("[I] Running Grant/Revoke sql script. QuiteMode:" + str(quiteMode),"info")
+ if (quiteMode):
+ JAVA_BIN=globalDict['JAVA_BIN']
+ else:
+ if os.environ['JAVA_HOME'] == "":
+ log("[E] ---------- JAVA_HOME environment property not defined, aborting installation. ----------", "error")
+ sys.exit(1)
+ JAVA_BIN=os.path.join(os.environ['JAVA_HOME'],'bin','java')
+ if os_name == "WINDOWS" :
+ JAVA_BIN = JAVA_BIN+'.exe'
+ if os.path.isfile(JAVA_BIN):
+ pass
+ else :
+ while os.path.isfile(JAVA_BIN) == False:
+ log("Enter java executable path: :","info")
+ JAVA_BIN=raw_input()
+ log("[I] Using Java:" + str(JAVA_BIN),"info")
+
+ if (quiteMode):
+ XA_DB_FLAVOR=globalDict['DB_FLAVOR']
+ AUDIT_DB_FLAVOR=globalDict['DB_FLAVOR']
+ else:
+ XA_DB_FLAVOR=''
+ while XA_DB_FLAVOR == "":
+ log("Enter db flavour{MYSQL} :","info")
+ XA_DB_FLAVOR=raw_input()
+ AUDIT_DB_FLAVOR = XA_DB_FLAVOR
+ XA_DB_FLAVOR = XA_DB_FLAVOR.upper()
+ AUDIT_DB_FLAVOR = AUDIT_DB_FLAVOR.upper()
+
+ log("[I] DB FLAVOR:" + str(XA_DB_FLAVOR),"info")
+
+ if (quiteMode):
+ CONNECTOR_JAR=globalDict['SQL_CONNECTOR_JAR']
+ else:
+ if XA_DB_FLAVOR == "MYSQL":
+ log("Enter JDBC connector file for :"+XA_DB_FLAVOR,"info")
+ CONNECTOR_JAR=raw_input()
+ while os.path.isfile(CONNECTOR_JAR) == False:
+ log("JDBC connector file "+CONNECTOR_JAR+" does not exist, Please enter connector path :","error")
+ CONNECTOR_JAR=raw_input()
+ else:
+ log("[E] ---------- NO SUCH SUPPORTED DB FLAVOUR.. ----------", "error")
+ sys.exit(1)
+
+ if (quiteMode):
+ xa_db_host = globalDict['db_host']
+ audit_db_host = globalDict['db_host']
+ else:
+ xa_db_host=''
+ while xa_db_host == "":
+ log("Enter DB Host :","info")
+ xa_db_host=raw_input()
+ audit_db_host=xa_db_host
+ log("[I] DB Host:" + str(xa_db_host),"info")
+
+ if (quiteMode):
+ xa_db_root_user = globalDict['db_root_user']
+ xa_db_root_password = globalDict['db_root_password']
+ else:
+ xa_db_root_user=''
+ while xa_db_root_user == "":
+ log("Enter db root user:","info")
+ xa_db_root_user=raw_input()
+ log("Enter db root password:","info")
+ xa_db_root_password = getpass.getpass("Enter db root password:")
+
+ if (quiteMode):
+ db_name = globalDict['db_name']
+ else:
+ db_name = ''
+ while db_name == "":
+ log("Enter DB Name :","info")
+ db_name=raw_input()
+
+ if (quiteMode):
+ db_user = globalDict['db_user']
+ else:
+ db_user=''
+ while db_user == "":
+ log("Enter db user name:","info")
+ db_user=raw_input()
+
+ if (quiteMode):
+ db_password = globalDict['db_password']
+ else:
+ db_password=''
+ while db_password == "":
+ log("Enter db user password:","info")
+ db_password = getpass.getpass("Enter db user password:")
+
+ if (quiteMode):
+ audit_db_name = globalDict['audit_db_name']
+ else:
+ audit_db_name=''
+ while audit_db_name == "":
+ log("Enter audit db name:","info")
+ audit_db_name = raw_input()
+
+ if (quiteMode):
+ audit_db_user = globalDict['audit_db_user']
+ else:
+ audit_db_user=''
+ while audit_db_user == "":
+ log("Enter audit user name:","info")
+ audit_db_user = raw_input()
+
+ if (quiteMode):
+ audit_db_password = globalDict['audit_db_password']
+ else:
+ audit_db_password=''
+ while audit_db_password == "":
+ log("Enter audit db user password:","info")
+ audit_db_password = getpass.getpass("Enter audit db user password:")
+
+ audit_db_root_user = xa_db_root_user
+ audit_db_root_password = xa_db_root_password
+
+ mysql_dbversion_catalog = os.path.join('db','mysql','create_dbversion_catalog.sql')
+ mysql_core_file = os.path.join('db','mysql','xa_core_db.sql')
+ mysql_audit_file = os.path.join('db','mysql','xa_audit_db.sql')
+ mysql_patches = os.path.join('db','mysql','patches')
+
+ x_db_version = 'x_db_version_h'
+ xa_access_audit = 'xa_access_audit'
+ x_user = 'x_portal_user'
+
+ if XA_DB_FLAVOR == "MYSQL":
+ MYSQL_CONNECTOR_JAR=CONNECTOR_JAR
+ xa_sqlObj = MysqlConf(xa_db_host, MYSQL_CONNECTOR_JAR, JAVA_BIN)
+ xa_db_version_file = os.path.join(os.getcwd(),mysql_dbversion_catalog)
+ xa_db_core_file = os.path.join(os.getcwd(),mysql_core_file)
+ xa_patch_file = os.path.join(os.getcwd(),mysql_patches)
+ else:
+ log("[E] ---------- NO SUCH SUPPORTED DB FLAVOUR.. ----------", "error")
+ sys.exit(1)
+
+ if AUDIT_DB_FLAVOR == "MYSQL":
+ MYSQL_CONNECTOR_JAR=CONNECTOR_JAR
+ audit_sqlObj = MysqlConf(audit_db_host,MYSQL_CONNECTOR_JAR,JAVA_BIN)
+ audit_db_file = os.path.join(os.getcwd(),mysql_audit_file)
+ else:
+ log("[E] ---------- NO SUCH SUPPORTED DB FLAVOUR.. ----------", "error")
+ sys.exit(1)
+ # Methods Begin
+ if DBA_MODE == "TRUE" :
+ if (dryMode==True):
+ log("[I] Dry run mode:"+str(dryMode),"info")
+ log("[I] Logging Grant/Revoke sql script in file:"+str(globalDict["dryModeOutputFile"]),"info")
+ now = datetime.now()
+ logFile("=========="+now.strftime('%Y-%m-%d %H:%M:%S')+"==========\n")
+ xa_sqlObj.revoke_permissions(xa_db_root_user, db_name, db_user, db_password, xa_db_root_password, is_revoke,dryMode)
+ xa_sqlObj.grant_xa_db_user(xa_db_root_user, db_name, db_user, db_password, xa_db_root_password, is_revoke,dryMode)
+ audit_sqlObj.auditdb_operation(xa_db_host, audit_db_host, db_name, audit_db_name, xa_db_root_user, audit_db_root_user, db_user, audit_db_user, xa_db_root_password, audit_db_root_password, db_password, audit_db_password, DBA_MODE,dryMode)
+ logFile("========================================\n")
+ if (dryMode==False):
+ log("[I] ---------- Revoking permissions from Ranger Admin db user ----------","info")
+ xa_sqlObj.revoke_permissions(xa_db_root_user, db_name, db_user, db_password, xa_db_root_password, is_revoke,dryMode)
+ log("[I] ---------- Granting permissions to Ranger Admin db user ----------","info")
+ xa_sqlObj.grant_xa_db_user(xa_db_root_user, db_name, db_user, db_password, xa_db_root_password, is_revoke,dryMode)
+ log("[I] ---------- Starting Ranger Audit db user operations ---------- ","info")
+ audit_sqlObj.auditdb_operation(xa_db_host, audit_db_host, db_name, audit_db_name, xa_db_root_user, audit_db_root_user, db_user, audit_db_user, xa_db_root_password, audit_db_root_password, db_password, audit_db_password, DBA_MODE,dryMode)
+ log("[I] ---------- Ranger Policy Manager DB and User Creation Process Completed.. ---------- ","info")
+main(sys.argv)
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cb2dc314/security-admin/scripts/setup.sh
----------------------------------------------------------------------
diff --git a/security-admin/scripts/setup.sh b/security-admin/scripts/setup.sh
index ffc8e2a..c1b5658 100755
--- a/security-admin/scripts/setup.sh
+++ b/security-admin/scripts/setup.sh
@@ -37,7 +37,7 @@ usage() {
} 2>/dev/null
log() {
- local prefix="[$(date +%Y/%m/%d\ %H:%M:%S)]: "
+ local prefix="$(date +%Y-%m-%d\ %H:%M:%S,%3N) "
echo "${prefix} $@" >> $LOGFILE
echo "${prefix} $@"
}
@@ -1451,8 +1451,10 @@ if [ "$?" == "0" ]
then
update_properties
do_authentication_setup
-execute_java_patches
+$PYTHON_COMMAND_INVOKER db_setup.py -javapatch
+#execute_java_patches
else
+ log "[E] DB schema setup failed! Please contact Administrator."
exit 1
fi
echo "Installation of Ranger PolicyManager Web Application is completed."
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cb2dc314/security-admin/src/bin/ranger_install.py
----------------------------------------------------------------------
diff --git a/security-admin/src/bin/ranger_install.py b/security-admin/src/bin/ranger_install.py
index 75b5931..68da67c 100644
--- a/security-admin/src/bin/ranger_install.py
+++ b/security-admin/src/bin/ranger_install.py
@@ -195,6 +195,8 @@ def populate_config_dict_from_env():
conf_dict['RANGER_ADMIN_DB_HOST'] = os.getenv("RANGER_ADMIN_DB_HOST")
conf_dict['RANGER_AUDIT_DB_HOST'] = os.getenv("RANGER_AUDIT_DB_HOST")
conf_dict['MYSQL_BIN'] = 'mysql.exe' #os.getenv("MYSQL_BIN")
+ conf_dict['XA_DB_FLAVOR'] = os.getenv("XA_DB_FLAVOR")
+ conf_dict['AUDIT_DB_FLAVOR'] = os.getenv("AUDIT_DB_FLAVOR")
conf_dict['RANGER_ADMIN_DB_USERNAME'] = os.getenv("RANGER_ADMIN_DB_USERNAME")
conf_dict['RANGER_ADMIN_DB_PASSWORD'] = os.getenv("RANGER_ADMIN_DB_PASSWORD")
conf_dict['RANGER_ADMIN_DB_NAME'] = os.getenv("RANGER_ADMIN_DB_DBNAME")
@@ -259,13 +261,30 @@ def init_variables(switch):
conf_dict['EWS_ROOT'] = EWS_ROOT
conf_dict['WEBAPP_ROOT']= WEBAPP_ROOT
conf_dict['INSTALL_DIR']= INSTALL_DIR
+ conf_dict['JAVA_BIN']='java'
+ conf_dict['DB_FLAVOR']=os.getenv("XA_DB_FLAVOR")
+ conf_dict['SQL_CONNECTOR_JAR']=os.getenv("SQL_CONNECTOR_JAR")
+ conf_dict['db_host']=os.getenv("RANGER_ADMIN_DB_HOST")
+ conf_dict['db_name']=os.getenv("RANGER_ADMIN_DB_DBNAME")
+ conf_dict['db_user']=os.getenv("RANGER_ADMIN_DB_USERNAME")
+ conf_dict['db_password']=os.getenv("RANGER_ADMIN_DB_PASSWORD")
+ conf_dict['audit_db_name']=os.getenv("RANGER_AUDIT_DB_DBNAME")
+ conf_dict['audit_db_user']=os.getenv("RANGER_AUDIT_DB_USERNAME")
+ conf_dict['audit_db_password']=os.getenv("RANGER_AUDIT_DB_PASSWORD")
db_dir = os.path.join(conf_dict['RANGER_ADMIN_HOME'] , "db")
- conf_dict['RANGER_DB_DIR'] = db_dir
- conf_dict['db_core_file'] = os.path.join(db_dir, "xa_core_db.sql")
- conf_dict['db_create_user_file'] = os.path.join(db_dir, "create_dev_user.sql")
- conf_dict['db_audit_file'] = os.path.join(db_dir, "xa_audit_db.sql")
- conf_dict['db_asset_file'] = os.path.join(db_dir, "reset_asset.sql")
+ conf_dict['mysql_core_file']=os.path.join(db_dir,'mysql','xa_core_db.sql')
+ conf_dict['mysql_audit_file']=os.path.join(db_dir,'mysql','xa_audit_db.sql')
+ conf_dict['oracle_core_file']=os.path.join(db_dir,'oracle','xa_core_db_oracle.sql')
+ conf_dict['oracle_audit_file']=os.path.join(db_dir,'oracle','xa_audit_db_oracle.sql')
+ conf_dict['postgres_core_file']=os.path.join(db_dir,'postgres','xa_core_db_postgres.sql')
+ conf_dict['postgres_audit_file']=os.path.join(db_dir,'postgres','xa_audit_db_postgres.sql')
+ conf_dict['sqlserver_core_file']=os.path.join(db_dir,'sqlserver','xa_core_db_sqlserver.sql')
+ conf_dict['sqlserver_audit_file']=os.path.join(db_dir,'sqlserver','xa_audit_db_sqlserver.sql')
+ #conf_dict['db_core_file'] = os.path.join(db_dir, "xa_core_db.sql")
+ #conf_dict['db_create_user_file'] = os.path.join(db_dir, "create_dev_user.sql")
+ #conf_dict['db_audit_file'] = os.path.join(db_dir, "xa_audit_db.sql")
+ #conf_dict['db_asset_file'] = os.path.join(db_dir, "reset_asset.sql")
#log("config is : " , "debug")
#for x in conf_dict:
@@ -336,7 +355,7 @@ def write_config_to_file():
for key,value in conf_dict.items():
if 'PASSWORD' in key :
call_keystore(library_path,key,value,jceks_file_path,'create')
- value = ''
+ value=''
ModConfig(write_conf_to_file , key,value)
@@ -653,6 +672,8 @@ def update_properties():
global conf_dict
sys_conf_dict={}
+ XA_DB_FLAVOR = conf_dict["XA_DB_FLAVOR"]
+ AUDIT_DB_FLAVOR = conf_dict["AUDIT_DB_FLAVOR"]
MYSQL_HOST = conf_dict["RANGER_ADMIN_DB_HOST"]
WEBAPP_ROOT = conf_dict["WEBAPP_ROOT"]
db_user = conf_dict["RANGER_ADMIN_DB_USERNAME"]
@@ -662,17 +683,13 @@ def update_properties():
audit_db_user = conf_dict["RANGER_AUDIT_DB_USERNAME"]
audit_db_password = conf_dict["RANGER_AUDIT_DB_PASSWORD"]
audit_db_name = conf_dict["RANGER_AUDIT_DB_NAME"]
-
update_xapolicymgr_properties()
-
newPropertyValue=''
to_file = os.path.join(WEBAPP_ROOT, "WEB-INF", "classes", "conf", "xa_system.properties")
-
if os.path.isfile(to_file):
log("to_file: " + to_file + " file found", "info")
else:
log("to_file: " + to_file + " does not exists", "warning")
-
config = StringIO.StringIO()
config.write('[dummysection]\n')
config.write(open(to_file).read())
@@ -687,9 +704,39 @@ def update_properties():
sys_conf_dict[option] = value
cObj.set("dummysection",option, value)
- log("MYSQL_HOST is : " + MYSQL_HOST,"debug")
+
+ log("SQL_HOST is : " + MYSQL_HOST,"debug")
propertyName="jdbc.url"
- newPropertyValue="jdbc:log4jdbc:mysql://" + MYSQL_HOST + ":3306/" + db_name
+ if XA_DB_FLAVOR == "MYSQL":
+ newPropertyValue="jdbc:log4jdbc:mysql://" + MYSQL_HOST + ":3306/" + db_name
+ elif XA_DB_FLAVOR == "ORACLE":
+ newPropertyValue="jdbc:oracle:thin:%s/%s@%s:1521/XE" %(db_user, db_password, MYSQL_HOST)
+ elif XA_DB_FLAVOR == "POSTGRES":
+ newPropertyValue="jdbc:postgresql://%s/%s" %(MYSQL_HOST, db_name)
+ elif XA_DB_FLAVOR == "SQLSERVER":
+ newPropertyValue="jdbc:sqlserver://%s;databaseName=%s" %(MYSQL_HOST, db_name)
+ cObj.set('dummysection',propertyName,newPropertyValue)
+
+ propertyName="jdbc.dialect"
+ if XA_DB_FLAVOR == "MYSQL":
+ newPropertyValue="org.eclipse.persistence.platform.database.MySQLPlatform"
+ elif XA_DB_FLAVOR == "ORACLE":
+ newPropertyValue="org.eclipse.persistence.platform.database.OraclePlatform"
+ elif XA_DB_FLAVOR == "POSTGRES":
+ newPropertyValue="org.eclipse.persistence.platform.database.PostgreSQLPlatform"
+ elif XA_DB_FLAVOR == "SQLSERVER":
+ newPropertyValue="org.eclipse.persistence.platform.database.SQLServerPlatform"
+ cObj.set('dummysection',propertyName,newPropertyValue)
+
+ propertyName="jdbc.driver"
+ if XA_DB_FLAVOR == "MYSQL":
+ newPropertyValue="net.sf.log4jdbc.DriverSpy"
+ elif XA_DB_FLAVOR == "ORACLE":
+ newPropertyValue="oracle.jdbc.OracleDriver"
+ elif XA_DB_FLAVOR == "POSTGRES":
+ newPropertyValue="org.postgresql.Driver"
+ elif XA_DB_FLAVOR == "SQLSERVER":
+ newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver"
cObj.set('dummysection',propertyName,newPropertyValue)
propertyName="xa.webapp.url.root"
@@ -702,7 +749,36 @@ def update_properties():
cObj.set('dummysection',propertyName,newPropertyValue)
propertyName="auditDB.jdbc.url"
- newPropertyValue="jdbc:log4jdbc:mysql://"+MYSQL_HOST+":3306/"+audit_db_name
+ if AUDIT_DB_FLAVOR == "MYSQL":
+ newPropertyValue="jdbc:log4jdbc:mysql://"+MYSQL_HOST+":3306/"+audit_db_name
+ elif AUDIT_DB_FLAVOR == "ORACLE":
+ newPropertyValue="jdbc:oracle:thin:%s/%s@%s:1521/XE" %(db_user, db_password, MYSQL_HOST)
+ elif AUDIT_DB_FLAVOR == "POSTGRES":
+ newPropertyValue="jdbc:postgresql://%s/%s" %(MYSQL_HOST, db_name)
+ elif AUDIT_DB_FLAVOR == "SQLSERVER":
+ newPropertyValue="jdbc:sqlserver://%s;databaseName=%s" % (MYSQL_HOST, audit_db_name)
+ cObj.set('dummysection',propertyName,newPropertyValue)
+
+ propertyName="auditDB.jdbc.dialect"
+ if AUDIT_DB_FLAVOR == "MYSQL":
+ newPropertyValue="org.eclipse.persistence.platform.database.MySQLPlatform"
+ elif AUDIT_DB_FLAVOR == "ORACLE":
+ newPropertyValue="org.eclipse.persistence.platform.database.OraclePlatform"
+ elif AUDIT_DB_FLAVOR == "POSTGRES":
+ newPropertyValue="org.eclipse.persistence.platform.database.PostgreSQLPlatform"
+ elif AUDIT_DB_FLAVOR == "SQLSERVER":
+ newPropertyValue="org.eclipse.persistence.platform.database.SQLServerPlatform"
+ cObj.set('dummysection',propertyName,newPropertyValue)
+
+ propertyName="auditDB.jdbc.driver"
+ if AUDIT_DB_FLAVOR == "MYSQL":
+ newPropertyValue="net.sf.log4jdbc.DriverSpy"
+ elif AUDIT_DB_FLAVOR == "ORACLE":
+ newPropertyValue="oracle.jdbc.OracleDriver"
+ elif AUDIT_DB_FLAVOR == "POSTGRES":
+ newPropertyValue="org.postgresql.Driver"
+ elif AUDIT_DB_FLAVOR == "SQLSERVER":
+ newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver"
cObj.set('dummysection',propertyName,newPropertyValue)
propertyName="jdbc.user"
@@ -1060,4 +1136,4 @@ def configure():
# copy_mysql_connector()
#log(" --------- Creatin Audit DB --------- ","info")
setup_admin_db_user()
- setup_audit_user_db()
+ setup_audit_user_db()
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cb2dc314/security-admin/src/bin/service_start.py
----------------------------------------------------------------------
diff --git a/security-admin/src/bin/service_start.py b/security-admin/src/bin/service_start.py
index ad2caa2..035a86c 100644
--- a/security-admin/src/bin/service_start.py
+++ b/security-admin/src/bin/service_start.py
@@ -24,7 +24,6 @@ app_type = 'ranger-admin'
service_entry = '--service' in sys.argv
-configure_entry = '--configure' in sys.argv
if service_entry:
@@ -32,16 +31,13 @@ if service_entry:
ranger_install.run_setup(cmd)
jdk_options = ranger_install.get_jdk_options()
class_path = ranger_install.get_ranger_classpath()
- java_class = 'org.apache.ranger.server.tomcat.EmbededServer'
+ java_class = 'org.apache.ranger.server.tomcat.EmbeddedServer'
class_arguments = ''
-
from xml.dom.minidom import getDOMImplementation
dom = getDOMImplementation()
xmlDoc = dom.createDocument(None, 'service', None)
xmlDocRoot = xmlDoc.documentElement
arguments = ' '.join([''.join(jdk_options), '-cp', class_path, java_class, class_arguments])
-
-
def appendTextElement(name, value):
elem = xmlDoc.createElement(name)
elem.appendChild(xmlDoc.createTextNode(value))
@@ -63,13 +59,3 @@ if service_entry:
except:
print "######################## Ranger Setup failed! #######################"
sys.exit(1)
-
-
-if configure_entry:
- try:
- ranger_install.configure()
- except:
- print "######################## Ranger Configure failed! #######################"
- sys.exit(1)
-
- sys.exit(0)
[2/2] incubator-ranger git commit: RANGER-353: Make install script
platform independent
Posted by sn...@apache.org.
RANGER-353: Make install script platform independent
Signed-off-by: sneethiraj <sn...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/cb2dc314
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/cb2dc314
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/cb2dc314
Branch: refs/heads/master
Commit: cb2dc314688eb2d88526bb627d84c91508ee95f3
Parents: b3b7732
Author: Gautam Borad <gb...@gmail.com>
Authored: Tue Apr 7 20:41:46 2015 +0530
Committer: sneethiraj <sn...@apache.org>
Committed: Wed Apr 8 02:14:40 2015 -0400
----------------------------------------------------------------------
.../main/java/org/apache/util/sql/Jisql.java | 21 +-
security-admin/scripts/db_setup.py | 660 +++++++++++++++----
security-admin/scripts/dba_script.py | 465 +++++++++----
security-admin/scripts/install.properties | 6 +-
security-admin/scripts/restrict_permissions.py | 453 +++++++++++++
security-admin/scripts/setup.sh | 6 +-
security-admin/src/bin/ranger_install.py | 104 ++-
security-admin/src/bin/service_start.py | 16 +-
8 files changed, 1446 insertions(+), 285 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cb2dc314/jisql/src/main/java/org/apache/util/sql/Jisql.java
----------------------------------------------------------------------
diff --git a/jisql/src/main/java/org/apache/util/sql/Jisql.java b/jisql/src/main/java/org/apache/util/sql/Jisql.java
index b429499..b9453e8 100644
--- a/jisql/src/main/java/org/apache/util/sql/Jisql.java
+++ b/jisql/src/main/java/org/apache/util/sql/Jisql.java
@@ -277,7 +277,7 @@ public class Jisql {
}
public void run() throws Exception {
-
+ boolean isExit=false;
try {
driver = (Driver) Class.forName(driverName).newInstance();
props = new Properties();
@@ -313,16 +313,23 @@ public class Jisql {
}
}
catch (SQLException sqle) {
- printAllExceptions(sqle);
+ printAllExceptions(sqle);
+ isExit=true;
+ }
+ catch (IOException ie) {
+ isExit=true;
}
catch (ClassNotFoundException cnfe) {
+ isExit=true;
System.err.println("Cannot find the driver class \"" + driverName + "\" in the current classpath.");
}
catch (InstantiationException ie) {
+ isExit=true;
System.err.println("Cannot instantiate the driver class \"" + driverName + "\"");
ie.printStackTrace(System.err);
}
catch (IllegalAccessException iae) {
+ isExit=true;
System.err.println("Cannot instantiate the driver class \"" + driverName + "\" because of an IllegalAccessException");
iae.printStackTrace(System.err);
}
@@ -334,6 +341,9 @@ public class Jisql {
catch (SQLException ignore) {
/* ignored */
}
+ if(isExit){
+ System.exit(1);
+ }
}
}
}
@@ -347,7 +357,7 @@ public class Jisql {
* if an exception occurs.
*
*/
- public void doIsql() throws SQLException {
+ public void doIsql() throws IOException, SQLException {
BufferedReader reader = null;
Statement statement = null;
ResultSet resultSet = null;
@@ -359,9 +369,9 @@ public class Jisql {
reader = new BufferedReader(new FileReader(inputFileName));
}
catch (FileNotFoundException fnfe) {
- System.err.println("Unable to open \"" + inputFileName + "\"");
+ System.err.println("Unable to open file \"" + inputFileName + "\"");
fnfe.printStackTrace(System.err);
- return;
+ throw fnfe;
}
}
else {
@@ -489,6 +499,7 @@ public class Jisql {
printAllExceptions(sqle);
statement.cancel();
statement.clearWarnings();
+ throw sqle;
}
catch (Exception e) {
e.printStackTrace(System.err);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cb2dc314/security-admin/scripts/db_setup.py
----------------------------------------------------------------------
diff --git a/security-admin/scripts/db_setup.py b/security-admin/scripts/db_setup.py
index 09a7b57..7e0d022 100644
--- a/security-admin/scripts/db_setup.py
+++ b/security-admin/scripts/db_setup.py
@@ -17,16 +17,30 @@ import re
import sys
import errno
import shlex
+import platform
import logging
import subprocess
import fileinput
from os.path import basename
from subprocess import Popen,PIPE
from datetime import date
+import datetime
+from time import gmtime, strftime
globalDict = {}
+os_name = platform.system()
+os_name = os_name.upper()
+
+if os_name == "LINUX":
+ RANGER_ADMIN_HOME = os.getcwd()
+elif os_name == "WINDOWS":
+ RANGER_ADMIN_HOME = os.getenv("RANGER_ADMIN_HOME")
+
def check_output(query):
- p = subprocess.Popen(query, stdout=subprocess.PIPE)
+ if os_name == "LINUX":
+ p = subprocess.Popen(shlex.split(query), stdout=subprocess.PIPE)
+ elif os_name == "WINDOWS":
+ p = subprocess.Popen(query, stdout=subprocess.PIPE, shell=True)
output = p.communicate ()[0]
return output
@@ -44,7 +58,11 @@ def log(msg,type):
def populate_global_dict():
global globalDict
- read_config_file = open(os.path.join(os.getcwd(),'install.properties'))
+ if os_name == "LINUX":
+ read_config_file = open(os.path.join(RANGER_ADMIN_HOME,'install.properties'))
+ elif os_name == "WINDOWS":
+ read_config_file = open(os.path.join(RANGER_ADMIN_HOME,'bin','install_config.properties'))
+ library_path = os.path.join(RANGER_ADMIN_HOME,"cred","lib","*")
for each_line in read_config_file.read().split('\n') :
if len(each_line) == 0 : continue
if re.search('=', each_line):
@@ -58,6 +76,23 @@ def populate_global_dict():
value = value.strip()
globalDict[key] = value
+def call_keystore(libpath,aliasKey,aliasValue , filepath,getorcreate):
+ finalLibPath = libpath.replace('\\','/').replace('//','/')
+ finalFilePath = 'jceks://file/'+filepath.replace('\\','/').replace('//','/')
+ if getorcreate == 'create':
+ commandtorun = ['java', '-cp', finalLibPath, 'org.apache.ranger.credentialapi.buildks' ,'create', aliasKey, '-value', aliasValue, '-provider',finalFilePath]
+ p = Popen(commandtorun,stdin=PIPE, stdout=PIPE, stderr=PIPE)
+ output, error = p.communicate()
+ statuscode = p.returncode
+ return statuscode
+ elif getorcreate == 'get':
+ commandtorun = ['java', '-cp', finalLibPath, 'org.apache.ranger.credentialapi.buildks' ,'get', aliasKey, '-provider',finalFilePath]
+ p = Popen(commandtorun,stdin=PIPE, stdout=PIPE, stderr=PIPE)
+ output, error = p.communicate()
+ statuscode = p.returncode
+ return statuscode, output
+ else:
+ print 'proper command not received for input need get or create'
class BaseDB(object):
@@ -84,14 +119,16 @@ class BaseDB(object):
if files:
sorted_files = sorted(files, key=lambda x: str(x.split('.')[0]))
for filename in sorted_files:
- currentPatch = PATCHES_PATH + "/"+filename
+ currentPatch = os.path.join(PATCHES_PATH, filename)
self.import_db_patches(db_name, db_user, db_password, currentPatch)
else:
log("[I] No patches to apply!","info")
- def auditdb_operation(self, xa_db_host , audit_db_host , db_name ,audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME):
- log("[I] ----------------- Create audit user ------------", "info")
+ def auditdb_operation(self, xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME):
+ log("[I] ----------------- Audit DB operations ------------", "info")
+ def execute_java_patches(xa_db_host, db_user, db_password, db_name):
+ log("[I] ----------------- Executing java patches ------------", "info")
class MysqlConf(BaseDB):
# Constructor
@@ -101,14 +138,23 @@ class MysqlConf(BaseDB):
self.JAVA_BIN = JAVA_BIN
def get_jisql_cmd(self, user, password ,db_name):
- jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s -u %s -p %s -noheader -trim -c \;" %(self.JAVA_BIN,self.SQL_CONNECTOR_JAR,self.host,db_name,user,password)
+ #path = os.getcwd()
+ path = RANGER_ADMIN_HOME
+ self.JAVA_BIN = self.JAVA_BIN.strip("'")
+ if os_name == "LINUX":
+ jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s -u %s -p %s -noheader -trim -c \;" %(self.JAVA_BIN,self.SQL_CONNECTOR_JAR,self.host,db_name,user,password)
+ elif os_name == "WINDOWS":
+ jisql_cmd = "%s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s -u %s -p %s -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, self.host, db_name, user, password)
return jisql_cmd
def check_connection(self, db_name, db_user, db_password):
log("[I] Checking connection..", "info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -query \"SELECT version();\""
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"SELECT version();\""
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT version();\" -c ;"
+ output = check_output(query)
if output.strip('Production |'):
log("[I] Checking connection passed.", "info")
return True
@@ -122,8 +168,12 @@ class MysqlConf(BaseDB):
for host in hosts_arr:
log("[I] ---------------Granting privileges TO '"+ audit_db_user + "' on '" + audit_db_name+"'-------------" , "info")
get_cmd = self.get_jisql_cmd(db_user, db_password, audit_db_name)
- query = get_cmd + " -query \"GRANT INSERT ON %s.%s TO '%s'@'%s';\"" %(audit_db_name,TABLE_NAME,audit_db_user,host)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"GRANT INSERT ON %s.%s TO '%s'@'%s';\"" %(audit_db_name,TABLE_NAME,audit_db_user,host)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT INSERT ON %s.%s TO '%s'@'%s';\" -c ;" %(audit_db_name,TABLE_NAME,audit_db_user,host)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Granting privileges to '" + audit_db_user+"' done on '"+ audit_db_name+"'", "info")
else:
@@ -135,8 +185,12 @@ class MysqlConf(BaseDB):
if os.path.isfile(file_name):
log("[I] Importing db schema to database " + db_name + " from file: " + name,"info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -input %s" %file_name
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -input %s" %file_name
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -input %s -c ;" %file_name
+ ret = subprocess.call(query)
if ret == 0:
log("[I] "+name + " DB schema imported successfully","info")
else:
@@ -152,18 +206,29 @@ class MysqlConf(BaseDB):
version = name.split('-')[0]
log("[I] Executing patch on " + db_name + " from file: " + name,"info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version)
+ output = check_output(query)
if output.strip(version + " |"):
log("[I] Patch "+ name +" is already applied" ,"info")
else:
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -input %s" %file_name
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -input %s" %file_name
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -input %s -c ;" %file_name
+ ret = subprocess.call(query)
if ret == 0:
log("[I] "+name + " patch applied","info")
- query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), user(), now(), user()) ;\"" %(version)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), user(), now(), user()) ;\"" %(version)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), user(), now(), user()) ;\" -c ;" %(version)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Patch version updated", "info")
else:
@@ -178,8 +243,11 @@ class MysqlConf(BaseDB):
def check_table(self, db_name, db_user, db_password, TABLE_NAME):
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -query \"show tables like '%s';\"" %(TABLE_NAME)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"show tables like '%s';\"" %(TABLE_NAME)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"show tables like '%s';\" -c ;" %(TABLE_NAME)
+ output = check_output(query)
if output.strip(TABLE_NAME + " |"):
log("[I] Table " + TABLE_NAME +" already exists in database '" + db_name + "'","info")
return True
@@ -196,6 +264,65 @@ class MysqlConf(BaseDB):
self.import_db_file(audit_db_name ,db_user, db_password, file_name)
self.grant_audit_db_user(db_user, audit_db_name, audit_db_user, audit_db_password, db_password,TABLE_NAME)
+ def execute_java_patches(self, xa_db_host, db_user, db_password, db_name):
+ my_dict = {}
+ version = ""
+ className = ""
+ app_home = os.path.join(os.getcwd(),"ews","webapp")
+ javaFiles = os.path.join(app_home,"WEB-INF","classes","org","apache","ranger","patch")
+
+ if not os.path.exists(javaFiles):
+ log("[I] No patches to apply!","info")
+ else:
+ files = os.listdir(javaFiles)
+ if files:
+ for filename in files:
+ f = re.match("^Patch.*?.class$",filename)
+ if f:
+ className = re.match("(Patch.*?)_.*.class",filename)
+ className = className.group(1)
+ version = re.match("Patch.*?_(.*).class",filename)
+ version = version.group(1)
+ key3 = int(version.strip("J"))
+ my_dict[key3] = filename
+
+ keylist = my_dict.keys()
+ keylist.sort()
+ for key in keylist:
+ #print "%s: %s" % (key, my_dict[key])
+ version = str(key)
+ className = my_dict[key]
+ className = className.strip(".class")
+ if version != "":
+ get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'Y';\"" %(version)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'Y';\" -c ;" %(version)
+ output = check_output(query)
+ if output.strip(version + " |"):
+ log("[I] Patch "+ className +" is already applied" ,"info")
+ else:
+ log ("[I] patch "+ className +" is being applied..","info")
+ path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
+ get_cmd = "%s -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,path,className)
+ if os_name == "LINUX":
+ ret = subprocess.call(shlex.split(get_cmd))
+ elif os_name == "WINDOWS":
+ ret = subprocess.call(get_cmd)
+ if ret == 0:
+ get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', now(), user(), now(), user()) ;\"" %(version)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', now(), user(), now(), user()) ;\" -c ;" %(version)
+ ret = subprocess.call(query)
+ if ret == 0:
+ log("[I] Patch version updated", "info")
+ else:
+ log("[E] Updating patch version failed", "error")
+ sys.exit(1)
class OracleConf(BaseDB):
# Constructor
@@ -205,14 +332,24 @@ class OracleConf(BaseDB):
self.JAVA_BIN = JAVA_BIN
def get_jisql_cmd(self, user, password):
- jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver oraclethin -cstring jdbc:oracle:thin:@%s -u '%s' -p '%s' -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, self.host, user, password)
+ #path = os.getcwd()
+ path = RANGER_ADMIN_HOME
+ self.JAVA_BIN = self.JAVA_BIN.strip("'")
+ if os_name == "LINUX":
+ jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver oraclethin -cstring jdbc:oracle:thin:@%s -u '%s' -p '%s' -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, self.host, user, password)
+ elif os_name == "WINDOWS":
+ jisql_cmd = "%s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver oraclethin -cstring jdbc:oracle:thin:@%s -u %s -p %s -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, self.host, user, password)
return jisql_cmd
+
def check_connection(self, db_name, db_user, db_password):
log("[I] Checking connection", "info")
get_cmd = self.get_jisql_cmd(db_user, db_password)
- query = get_cmd + " -c \; -query \"select * from v$version;\""
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"select * from v$version;\""
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select * from v$version;\" -c ;"
+ output = check_output(query)
if output.strip('Production |'):
log("[I] Connection success", "info")
return True
@@ -222,16 +359,28 @@ class OracleConf(BaseDB):
def grant_audit_db_user(self, audit_db_name ,db_user,audit_db_user,db_password,audit_db_password):
get_cmd = self.get_jisql_cmd(db_user, db_password)
- query = get_cmd + " -c \; -query 'GRANT CREATE SESSION TO %s;'" % (audit_db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'GRANT CREATE SESSION TO %s;'" % (audit_db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT CREATE SESSION TO %s;\" -c ;" % (audit_db_user)
+ ret = subprocess.call(query)
if ret != 0:
sys.exit(1)
- query = get_cmd + " -c \; -query 'GRANT SELECT ON %s.XA_ACCESS_AUDIT_SEQ TO %s;'" % (db_user,audit_db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'GRANT SELECT ON %s.XA_ACCESS_AUDIT_SEQ TO %s;'" % (db_user,audit_db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT SELECT ON %s.XA_ACCESS_AUDIT_SEQ TO %s;\" -c ;" % (db_user,audit_db_user)
+ ret = subprocess.call(query)
if ret != 0:
sys.exit(1)
- query = get_cmd + " -c \; -query 'GRANT INSERT ON %s.XA_ACCESS_AUDIT TO %s;'" % (db_user,audit_db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'GRANT INSERT ON %s.XA_ACCESS_AUDIT TO %s;'" % (db_user,audit_db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT INSERT ON %s.XA_ACCESS_AUDIT TO %s;\" -c ;" % (db_user,audit_db_user)
+ ret = subprocess.call(query)
if ret != 0:
sys.exit(1)
@@ -240,8 +389,12 @@ class OracleConf(BaseDB):
if os.path.isfile(file_name):
log("[I] Importing script " + db_name + " from file: " + name,"info")
get_cmd = self.get_jisql_cmd(db_user, db_password)
- query = get_cmd + " -input %s -c \;" %file_name
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -input %s -c \;" %file_name
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -input %s -c ;" %file_name
+ ret = subprocess.call(query)
if ret == 0:
log("[I] "+name + " imported successfully","info")
else:
@@ -257,18 +410,29 @@ class OracleConf(BaseDB):
version = name.split('-')[0]
log("[I] Executing patch on " + db_name + " from file: " + name,"info")
get_cmd = self.get_jisql_cmd(db_user, db_password)
- query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version)
+ output = check_output(query)
if output.strip(version +" |"):
log("[I] Patch "+ name +" is already applied" ,"info")
else:
get_cmd = self.get_jisql_cmd(db_user, db_password)
- query = get_cmd + " -input %s -c /" %file_name
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -input %s -c /" %file_name
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -input %s -c /" %file_name
+ ret = subprocess.call(query)
if ret == 0:
log("[I] "+name + " patch applied","info")
- query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s');\"" %(version, db_user, db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s');\"" %(version, db_user, db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s');\" -c ;" %(version, db_user, db_user)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Patch version updated", "info")
else:
@@ -283,16 +447,22 @@ class OracleConf(BaseDB):
def check_table(self, db_name, db_user, db_password, TABLE_NAME):
get_cmd = self.get_jisql_cmd(db_user ,db_password)
- query = get_cmd + " -c \; -query 'select default_tablespace from user_users;'"
- output = check_output(shlex.split(query)).strip()
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query 'select default_tablespace from user_users;'"
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select default_tablespace from user_users;\" -c ;"
+ output = check_output(query).strip()
output = output.strip(' |')
db_name = db_name.upper()
if output == db_name:
log("[I] User name " + db_user + " and tablespace " + db_name + " already exists.","info")
log("[I] Verifying table " + TABLE_NAME +" in tablespace " + db_name, "info")
get_cmd = self.get_jisql_cmd(db_user, db_password)
- query = get_cmd + " -c \; -query \"select UPPER(table_name) from all_tables where UPPER(tablespace_name)=UPPER('%s') and UPPER(table_name)=UPPER('%s');\"" %(db_name ,TABLE_NAME)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"select UPPER(table_name) from all_tables where UPPER(tablespace_name)=UPPER('%s') and UPPER(table_name)=UPPER('%s');\"" %(db_name ,TABLE_NAME)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select UPPER(table_name) from all_tables where UPPER(tablespace_name)=UPPER('%s') and UPPER(table_name)=UPPER('%s');\" -c ;" %(db_name ,TABLE_NAME)
+ output = check_output(query)
if output.strip(TABLE_NAME.upper() + ' |'):
log("[I] Table " + TABLE_NAME +" already exists in tablespace " + db_name + "","info")
return True
@@ -316,6 +486,66 @@ class OracleConf(BaseDB):
log("[I] ---------------Granting privileges TO '"+ audit_db_user + "' on audit table-------------" , "info")
self.grant_audit_db_user( audit_db_name ,db_user, audit_db_user, db_password,audit_db_password)
+ def execute_java_patches(self, xa_db_host, db_user, db_password, db_name):
+ my_dict = {}
+ version = ""
+ className = ""
+ app_home = os.path.join(os.getcwd(),"ews","webapp")
+ javaFiles = os.path.join(app_home,"WEB-INF","classes","org","apache","ranger","patch")
+
+ if not os.path.exists(javaFiles):
+ log("[I] No patches to apply!","info")
+ else:
+ files = os.listdir(javaFiles)
+ if files:
+ for filename in files:
+ f = re.match("^Patch.*?.class$",filename)
+ if f:
+ className = re.match("(Patch.*?)_.*.class",filename)
+ className = className.group(1)
+ version = re.match("Patch.*?_(.*).class",filename)
+ version = version.group(1)
+ key3 = int(version.strip("J"))
+ my_dict[key3] = filename
+
+ keylist = my_dict.keys()
+ keylist.sort()
+ for key in keylist:
+ #print "%s: %s" % (key, my_dict[key])
+ version = str(key)
+ className = my_dict[key]
+ className = className.strip(".class")
+ if version != "":
+ get_cmd = self.get_jisql_cmd(db_user, db_password)
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = 'J%s' and active = 'Y';\"" %(version)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'Y';\" -c ;" %(version)
+ output = check_output(query)
+ if output.strip(version + " |"):
+ log("[I] Patch "+ className +" is already applied" ,"info")
+ else:
+ log ("[I] patch "+ className +" is being applied..","info")
+ path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
+ get_cmd = "%s -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,path,className)
+ if os_name == "LINUX":
+ ret = subprocess.call(shlex.split(get_cmd))
+ elif os_name == "WINDOWS":
+ ret = subprocess.call(get_cmd)
+ if ret == 0:
+ get_cmd = self.get_jisql_cmd(db_user, db_password)
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'J%s', sysdate, '%s', sysdate, '%s');\"" %(version, db_user, db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'J%s', sysdate, '%s', sysdate, '%s');\" -c ;" %(version, db_user, db_user)
+ ret = subprocess.call(query)
+ if ret == 0:
+ log("[I] Patch version updated", "info")
+ else:
+ log("[E] Updating patch version failed", "error")
+ sys.exit(1)
+
class PostgresConf(BaseDB):
# Constructor
def __init__(self, host, SQL_CONNECTOR_JAR, JAVA_BIN):
@@ -325,14 +555,23 @@ class PostgresConf(BaseDB):
def get_jisql_cmd(self, user, password, db_name):
#TODO: User array for forming command
- jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s:5432/%s -u %s -p %s -noheader -trim -c \;" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, self.host, db_name, user, password)
+ #path = os.getcwd()
+ path = RANGER_ADMIN_HOME
+ self.JAVA_BIN = self.JAVA_BIN.strip("'")
+ if os_name == "LINUX":
+ jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s:5432/%s -u %s -p %s -noheader -trim -c \;" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, self.host, db_name, user, password)
+ elif os_name == "WINDOWS":
+ jisql_cmd = "%s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s:5432/%s -u %s -p %s -noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, self.host, db_name, user, password)
return jisql_cmd
def check_connection(self, db_name, db_user, db_password):
log("[I] Checking connection", "info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -query \"SELECT 1;\""
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"SELECT 1;\""
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT 1;\" -c ;"
+ output = check_output(query)
if output.strip('1 |'):
log("[I] connection success", "info")
return True
@@ -345,8 +584,12 @@ class PostgresConf(BaseDB):
if os.path.isfile(file_name):
log("[I] Importing db schema to database " + db_name + " from file: " + name,"info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -input %s" %file_name
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -input %s" %file_name
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -input %s -c ;" %file_name
+ ret = subprocess.call(query)
if ret == 0:
log("[I] "+name + " DB schema imported successfully","info")
else:
@@ -360,15 +603,23 @@ class PostgresConf(BaseDB):
log("[I] Granting permission to " + audit_db_user, "info")
get_cmd = self.get_jisql_cmd(db_user, db_password, audit_db_name)
log("[I] Granting select and usage privileges to Postgres audit user '" + audit_db_user + "' on XA_ACCESS_AUDIT_SEQ", "info")
- query = get_cmd + " -query 'GRANT SELECT,USAGE ON XA_ACCESS_AUDIT_SEQ TO %s;'" % (audit_db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query 'GRANT SELECT,USAGE ON XA_ACCESS_AUDIT_SEQ TO %s;'" % (audit_db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT SELECT,USAGE ON XA_ACCESS_AUDIT_SEQ TO %s;\" -c ;" % (audit_db_user)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Granting select privileges to Postgres user '" + audit_db_user + "' failed", "error")
sys.exit(1)
log("[I] Granting insert privileges to Postgres audit user '" + audit_db_user + "' on XA_ACCESS_AUDIT table", "info")
- query = get_cmd + " -query 'GRANT INSERT ON XA_ACCESS_AUDIT TO %s;'" % (audit_db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query 'GRANT INSERT ON XA_ACCESS_AUDIT TO %s;'" % (audit_db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"GRANT INSERT ON XA_ACCESS_AUDIT TO %s;\" -c ;" % (audit_db_user)
+ ret = subprocess.call(query)
if ret != 0:
log("[E] Granting insert privileges to Postgres user '" + audit_db_user + "' failed", "error")
sys.exit(1)
@@ -379,17 +630,28 @@ class PostgresConf(BaseDB):
version = name.split('-')[0]
log("[I] Executing patch on " + db_name + " from file: " + name,"info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version)
+ output = check_output(query)
if output.strip(version + " |"):
log("[I] Patch "+ name +" is already applied" ,"info")
else:
- query = get_cmd + " -input %s" %file_name
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -input %s" %file_name
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -input %s -c ;" %file_name
+ ret = subprocess.call(query)
if ret == 0:
log("[I] "+name + " patch applied","info")
- query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), user(), now(), user()) ;\"" %(version)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), '%s@%s', now(), '%s@%s') ;\"" %(version,db_user,xa_db_host,db_user,xa_db_host)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), '%s@%s', now(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Patch version updated", "info")
else:
@@ -405,8 +667,11 @@ class PostgresConf(BaseDB):
def check_table(self, db_name, db_user, db_password, TABLE_NAME):
log("[I] Verifying table " + TABLE_NAME +" in database " + db_name, "info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -query \"select * from (select table_name from information_schema.tables where table_catalog='%s' and table_name = '%s') as temp;\"" %(db_name , TABLE_NAME)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"select * from (select table_name from information_schema.tables where table_catalog='%s' and table_name = '%s') as temp;\"" %(db_name , TABLE_NAME)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select * from (select table_name from information_schema.tables where table_catalog='%s' and table_name = '%s') as temp;\" -c ;" %(db_name , TABLE_NAME)
+ output = check_output(query)
if output.strip(TABLE_NAME +" |"):
log("[I] Table " + TABLE_NAME +" already exists in database " + db_name, "info")
return True
@@ -415,7 +680,6 @@ class PostgresConf(BaseDB):
return False
def auditdb_operation(self, xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME):
-
log("[I] --------- Check admin user connection ---------","info")
self.check_connection(audit_db_name, db_user, db_password)
log("[I] --------- Check audit user connection ---------","info")
@@ -426,6 +690,66 @@ class PostgresConf(BaseDB):
self.import_db_file(audit_db_name, db_user, db_password, file_name)
self.grant_audit_db_user(audit_db_name ,db_user, audit_db_user, db_password,audit_db_password)
+ def execute_java_patches(self, xa_db_host, db_user, db_password, db_name):
+ my_dict = {}
+ version = ""
+ className = ""
+ app_home = os.path.join(os.getcwd(),"ews","webapp")
+ javaFiles = os.path.join(app_home,"WEB-INF","classes","org","apache","ranger","patch")
+
+ if not os.path.exists(javaFiles):
+ log("[I] No patches to apply!","info")
+ else:
+ files = os.listdir(javaFiles)
+ if files:
+ for filename in files:
+ f = re.match("^Patch.*?.class$",filename)
+ if f:
+ className = re.match("(Patch.*?)_.*.class",filename)
+ className = className.group(1)
+ version = re.match("Patch.*?_(.*).class",filename)
+ version = version.group(1)
+ key3 = int(version.strip("J"))
+ my_dict[key3] = filename
+
+ keylist = my_dict.keys()
+ keylist.sort()
+ for key in keylist:
+ #print "%s: %s" % (key, my_dict[key])
+ version = str(key)
+ className = my_dict[key]
+ className = className.strip(".class")
+ if version != "":
+ get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'Y';\"" %(version)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'Y';\" -c ;" %(version)
+ output = check_output(query)
+ if output.strip(version + " |"):
+ log("[I] Patch "+ className +" is already applied" ,"info")
+ else:
+ log ("[I] patch "+ className +" is being applied..","info")
+ path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s")%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
+ get_cmd = "%s -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,path,className)
+ if os_name == "LINUX":
+ ret = subprocess.call(shlex.split(get_cmd))
+ elif os_name == "WINDOWS":
+ ret = subprocess.call(get_cmd)
+ if ret == 0:
+ get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', now(), '%s@%s', now(), '%s@%s') ;\"" %(version,db_user,xa_db_host,db_user,xa_db_host)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', now(), '%s@%s', now(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host)
+ ret = subprocess.call(query)
+ if ret == 0:
+ log("[I] Patch version updated", "info")
+ else:
+ log("[E] Updating patch version failed", "error")
+ sys.exit(1)
+
class SqlServerConf(BaseDB):
# Constructor
@@ -436,14 +760,23 @@ class SqlServerConf(BaseDB):
def get_jisql_cmd(self, user, password, db_name):
#TODO: User array for forming command
- jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -user %s -password %s -driver mssql -cstring jdbc:sqlserver://%s:1433\\;databaseName=%s -noheader -trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, user, password, self.host,db_name)
+ #path = os.getcwd()
+ path = RANGER_ADMIN_HOME
+ self.JAVA_BIN = self.JAVA_BIN.strip("'")
+ if os_name == "LINUX":
+ jisql_cmd = "%s -cp %s:jisql/lib/* org.apache.util.sql.Jisql -user %s -password %s -driver mssql -cstring jdbc:sqlserver://%s:1433\\;databaseName=%s -noheader -trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, user, password, self.host,db_name)
+ elif os_name == "WINDOWS":
+ jisql_cmd = "%s -cp %s;%s\\jisql\\lib\\* org.apache.util.sql.Jisql -user %s -password %s -driver mssql -cstring jdbc:sqlserver://%s:1433;databaseName=%s -noheader -trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, user, password, self.host,db_name)
return jisql_cmd
def check_connection(self, db_name, db_user, db_password):
log("[I] Checking connection", "info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -c \; -query \"SELECT 1;\""
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"SELECT 1;\""
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT 1;\" -c ;"
+ output = check_output(query)
if output.strip('1 |'):
log("[I] Connection success", "info")
return True
@@ -456,8 +789,12 @@ class SqlServerConf(BaseDB):
if os.path.isfile(file_name):
log("[I] Importing db schema to database " + db_name + " from file: " + name,"info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -input %s" %file_name
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -input %s" %file_name
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -input %s" %file_name
+ ret = subprocess.call(query)
if ret == 0:
log("[I] "+name + " DB schema imported successfully","info")
else:
@@ -469,8 +806,11 @@ class SqlServerConf(BaseDB):
def check_table(self, db_name, db_user, db_password, TABLE_NAME):
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -c \; -query \"SELECT TABLE_NAME FROM information_schema.tables where table_name = '%s';\"" %(TABLE_NAME)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"SELECT TABLE_NAME FROM information_schema.tables where table_name = '%s';\"" %(TABLE_NAME)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"SELECT TABLE_NAME FROM information_schema.tables where table_name = '%s';\" -c ;" %(TABLE_NAME)
+ output = check_output(query)
if output.strip(TABLE_NAME + " |"):
log("[I] Table '" + TABLE_NAME + "' already exists in database '" + db_name + "'","info")
return True
@@ -481,8 +821,12 @@ class SqlServerConf(BaseDB):
def grant_audit_db_user(self, audit_db_name, db_user, audit_db_user, db_password, audit_db_password,TABLE_NAME):
log("[I] Granting permission to audit user '" + audit_db_user + "' on db '" + audit_db_name + "'","info")
get_cmd = self.get_jisql_cmd(db_user, db_password,audit_db_name)
- query = get_cmd + " -c \; -query \"USE %s GRANT INSERT to %s;\"" %(audit_db_name ,audit_db_user)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -c \; -query \"USE %s GRANT SELECT,INSERT to %s;\"" %(audit_db_name ,audit_db_user)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"USE %s GRANT SELECT,INSERT to %s;\" -c ;" %(audit_db_name ,audit_db_user)
+ ret = subprocess.call(query)
if ret != 0 :
sys.exit(1)
else:
@@ -494,17 +838,28 @@ class SqlServerConf(BaseDB):
version = name.split('-')[0]
log("[I] Executing patch on " + db_name + " from file: " + name,"info")
get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
- query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version)
- output = check_output(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version)
+ output = check_output(query)
if output.strip(version + " |"):
log("[I] Patch "+ name +" is already applied" ,"info")
else:
- query = get_cmd + " -input %s" %file_name
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -input %s" %file_name
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -input %s" %file_name
+ ret = subprocess.call(query)
if ret == 0:
log("[I] "+name + " patch applied","info")
- query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), user(), now(), user()) ;\"" %(version)
- ret = subprocess.check_call(shlex.split(query))
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c \;" %(version,db_user,xa_db_host,db_user,xa_db_host)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host)
+ ret = subprocess.call(query)
if ret == 0:
log("[I] Patch version updated", "info")
else:
@@ -528,7 +883,68 @@ class SqlServerConf(BaseDB):
self.import_db_file(audit_db_name ,db_user, db_password, file_name)
self.grant_audit_db_user( audit_db_name ,db_user, audit_db_user, db_password,audit_db_password,TABLE_NAME)
-def main():
+ def execute_java_patches(self, xa_db_host, db_user, db_password, db_name):
+ my_dict = {}
+ version = ""
+ className = ""
+ app_home = os.path.join(os.getcwd(),"ews","webapp")
+ javaFiles = os.path.join(app_home,"WEB-INF","classes","org","apache","ranger","patch")
+
+ if not os.path.exists(javaFiles):
+ log("[I] No patches to apply!","info")
+ else:
+ files = os.listdir(javaFiles)
+ if files:
+ for filename in files:
+ f = re.match("^Patch.*?.class$",filename)
+ if f:
+ className = re.match("(Patch.*?)_.*.class",filename)
+ className = className.group(1)
+ version = re.match("Patch.*?_(.*).class",filename)
+ version = version.group(1)
+ key3 = int(version.strip("J"))
+ my_dict[key3] = filename
+
+ keylist = my_dict.keys()
+ keylist.sort()
+ for key in keylist:
+ #print "%s: %s" % (key, my_dict[key])
+ version = str(key)
+ className = my_dict[key]
+ className = className.strip(".class")
+ if version != "":
+ get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'Y';\" -c \;" %(version)
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'Y';\" -c ;" %(version)
+ output = check_output(query)
+ if output.strip(version + " |"):
+ log("[I] Patch "+ className +" is already applied" ,"info")
+ else:
+ log ("[I] patch "+ className +" is being applied..","info")
+ path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
+ get_cmd = "%s -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,path,className)
+ if os_name == "LINUX":
+ ret = subprocess.call(shlex.split(get_cmd))
+ elif os_name == "WINDOWS":
+ ret = subprocess.call(get_cmd)
+ if ret == 0:
+ get_cmd = self.get_jisql_cmd(db_user, db_password, db_name)
+ if os_name == "LINUX":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c \;" %(version,db_user,xa_db_host,db_user,xa_db_host)
+ ret = subprocess.call(shlex.split(query))
+ elif os_name == "WINDOWS":
+ query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', now(), '%s@%s', now(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host)
+ ret = subprocess.call(query)
+ if ret == 0:
+ log("[I] Patch version updated", "info")
+ else:
+ log("[E] Updating patch version failed", "error")
+ sys.exit(1)
+
+
+def main(argv):
populate_global_dict()
FORMAT = '%(asctime)-15s %(message)s'
@@ -537,31 +953,32 @@ def main():
JAVA_BIN=globalDict['JAVA_BIN']
XA_DB_FLAVOR=globalDict['DB_FLAVOR']
AUDIT_DB_FLAVOR=globalDict['DB_FLAVOR']
- XA_DB_FLAVOR.upper()
- AUDIT_DB_FLAVOR.upper()
+ XA_DB_FLAVOR = XA_DB_FLAVOR.upper()
+ AUDIT_DB_FLAVOR = AUDIT_DB_FLAVOR.upper()
+ log("[I] DB FLAVOR :" + XA_DB_FLAVOR ,"info")
xa_db_host = globalDict['db_host']
audit_db_host = globalDict['db_host']
- mysql_dbversion_catalog = 'db/mysql/create_dbversion_catalog.sql'
+ mysql_dbversion_catalog = os.path.join('db','mysql','create_dbversion_catalog.sql')
mysql_core_file = globalDict['mysql_core_file']
mysql_audit_file = globalDict['mysql_audit_file']
- mysql_patches = 'db/mysql/patches'
+ mysql_patches = os.path.join('db','mysql','patches')
- oracle_dbversion_catalog = 'db/oracle/create_dbversion_catalog.sql'
+ oracle_dbversion_catalog = os.path.join('db','oracle','create_dbversion_catalog.sql')
oracle_core_file = globalDict['oracle_core_file']
oracle_audit_file = globalDict['oracle_audit_file']
- oracle_patches = 'db/oracle/patches'
+ oracle_patches = os.path.join('db','oracle','patches')
- postgres_dbversion_catalog = 'db/postgres/create_dbversion_catalog.sql'
+ postgres_dbversion_catalog = os.path.join('db','postgres','create_dbversion_catalog.sql')
postgres_core_file = globalDict['postgres_core_file']
postgres_audit_file = globalDict['postgres_audit_file']
- postgres_patches = 'db/postgres/patches'
+ postgres_patches = os.path.join('db','postgres','patches')
- sqlserver_dbversion_catalog = 'db/sqlserver/create_dbversion_catalog.sql'
+ sqlserver_dbversion_catalog = os.path.join('db','sqlserver','create_dbversion_catalog.sql')
sqlserver_core_file = globalDict['sqlserver_core_file']
sqlserver_audit_file = globalDict['sqlserver_audit_file']
- sqlserver_patches = 'db/sqlserver/patches'
+ sqlserver_patches = os.path.join('db','sqlserver','patches')
db_name = globalDict['db_name']
db_user = globalDict['db_user']
@@ -578,30 +995,30 @@ def main():
if XA_DB_FLAVOR == "MYSQL":
MYSQL_CONNECTOR_JAR=globalDict['SQL_CONNECTOR_JAR']
xa_sqlObj = MysqlConf(xa_db_host, MYSQL_CONNECTOR_JAR, JAVA_BIN)
- xa_db_version_file = os.path.join(os.getcwd(),mysql_dbversion_catalog)
- xa_db_core_file = os.path.join(os.getcwd(),mysql_core_file)
- xa_patch_file = os.path.join(os.getcwd(),mysql_patches)
+ xa_db_version_file = os.path.join(RANGER_ADMIN_HOME , mysql_dbversion_catalog)
+ xa_db_core_file = os.path.join(RANGER_ADMIN_HOME , mysql_core_file)
+ xa_patch_file = os.path.join(RANGER_ADMIN_HOME ,mysql_patches)
elif XA_DB_FLAVOR == "ORACLE":
ORACLE_CONNECTOR_JAR=globalDict['SQL_CONNECTOR_JAR']
xa_sqlObj = OracleConf(xa_db_host, ORACLE_CONNECTOR_JAR, JAVA_BIN)
- xa_db_version_file = os.path.join(os.getcwd(),oracle_dbversion_catalog)
- xa_db_core_file = os.path.join(os.getcwd(),oracle_core_file)
- xa_patch_file = os.path.join(os.getcwd(),oracle_patches)
+ xa_db_version_file = os.path.join(RANGER_ADMIN_HOME ,oracle_dbversion_catalog)
+ xa_db_core_file = os.path.join(RANGER_ADMIN_HOME ,oracle_core_file)
+ xa_patch_file = os.path.join(RANGER_ADMIN_HOME ,oracle_patches)
elif XA_DB_FLAVOR == "POSTGRES":
POSTGRES_CONNECTOR_JAR = globalDict['SQL_CONNECTOR_JAR']
xa_sqlObj = PostgresConf(xa_db_host, POSTGRES_CONNECTOR_JAR, JAVA_BIN)
- xa_db_version_file = os.path.join(os.getcwd(),postgres_dbversion_catalog)
- xa_db_core_file = os.path.join(os.getcwd(),postgres_core_file)
- xa_patch_file = os.path.join(os.getcwd(),postgres_patches)
+ xa_db_version_file = os.path.join(RANGER_ADMIN_HOME , postgres_dbversion_catalog)
+ xa_db_core_file = os.path.join(RANGER_ADMIN_HOME , postgres_core_file)
+ xa_patch_file = os.path.join(RANGER_ADMIN_HOME , postgres_patches)
elif XA_DB_FLAVOR == "SQLSERVER":
SQLSERVER_CONNECTOR_JAR = globalDict['SQL_CONNECTOR_JAR']
xa_sqlObj = SqlServerConf(xa_db_host, SQLSERVER_CONNECTOR_JAR, JAVA_BIN)
- xa_db_version_file = os.path.join(os.getcwd(),sqlserver_dbversion_catalog)
- xa_db_core_file = os.path.join(os.getcwd(),sqlserver_core_file)
- xa_patch_file = os.path.join(os.getcwd(),sqlserver_patches)
+ xa_db_version_file = os.path.join(RANGER_ADMIN_HOME ,sqlserver_dbversion_catalog)
+ xa_db_core_file = os.path.join(RANGER_ADMIN_HOME , sqlserver_core_file)
+ xa_patch_file = os.path.join(RANGER_ADMIN_HOME , sqlserver_patches)
else:
log("[E] --------- NO SUCH SUPPORTED DB FLAVOUR!! ---------", "error")
sys.exit(1)
@@ -609,41 +1026,50 @@ def main():
if AUDIT_DB_FLAVOR == "MYSQL":
MYSQL_CONNECTOR_JAR=globalDict['SQL_CONNECTOR_JAR']
audit_sqlObj = MysqlConf(audit_db_host,MYSQL_CONNECTOR_JAR,JAVA_BIN)
- audit_db_file = os.path.join(os.getcwd(),mysql_audit_file)
+ audit_db_file = os.path.join(RANGER_ADMIN_HOME ,mysql_audit_file)
elif AUDIT_DB_FLAVOR == "ORACLE":
ORACLE_CONNECTOR_JAR=globalDict['SQL_CONNECTOR_JAR']
audit_sqlObj = OracleConf(audit_db_host, ORACLE_CONNECTOR_JAR, JAVA_BIN)
- audit_db_file = os.path.join(os.getcwd(),oracle_audit_file)
+ audit_db_file = os.path.join(RANGER_ADMIN_HOME , oracle_audit_file)
elif AUDIT_DB_FLAVOR == "POSTGRES":
POSTGRES_CONNECTOR_JAR = globalDict['SQL_CONNECTOR_JAR']
audit_sqlObj = PostgresConf(audit_db_host, POSTGRES_CONNECTOR_JAR, JAVA_BIN)
- audit_db_file = os.path.join(os.getcwd(),postgres_audit_file)
+ audit_db_file = os.path.join(RANGER_ADMIN_HOME , postgres_audit_file)
elif AUDIT_DB_FLAVOR == "SQLSERVER":
SQLSERVER_CONNECTOR_JAR = globalDict['SQL_CONNECTOR_JAR']
audit_sqlObj = SqlServerConf(audit_db_host, SQLSERVER_CONNECTOR_JAR, JAVA_BIN)
- audit_db_file = os.path.join(os.getcwd(),sqlserver_audit_file)
+ audit_db_file = os.path.join(RANGER_ADMIN_HOME , sqlserver_audit_file)
else:
log("[E] --------- NO SUCH SUPPORTED DB FLAVOUR!! ---------", "error")
sys.exit(1)
+# '''
log("[I] --------- Verifying Ranger DB connection ---------","info")
xa_sqlObj.check_connection(db_name, db_user, db_password)
- log("[I] --------- Verifying Ranger DB tables ---------","info")
- if xa_sqlObj.check_table(db_name, db_user, db_password, x_user):
- pass
- else:
- log("[I] --------- Importing Ranger Core DB Schema ---------","info")
- xa_sqlObj.import_db_file(db_name, db_user, db_password, xa_db_core_file)
- log("[I] --------- Verifying upgrade history table ---------","info")
- output = xa_sqlObj.check_table(db_name, db_user, db_password, x_db_version)
- if output == False:
- log("[I] --------- Creating version history table ---------","info")
- xa_sqlObj.upgrade_db(db_name, db_user, db_password, xa_db_version_file)
- log("[I] --------- Applying patches ---------","info")
- xa_sqlObj.apply_patches(db_name, db_user, db_password, xa_patch_file)
- audit_sqlObj.auditdb_operation(xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, audit_db_file, xa_access_audit)
-
-main()
\ No newline at end of file
+
+ if len(argv)==1:
+
+ log("[I] --------- Verifying Ranger DB tables ---------","info")
+ if xa_sqlObj.check_table(db_name, db_user, db_password, x_user):
+ pass
+ else:
+ log("[I] --------- Importing Ranger Core DB Schema ---------","info")
+ xa_sqlObj.import_db_file(db_name, db_user, db_password, xa_db_core_file)
+ log("[I] --------- Verifying upgrade history table ---------","info")
+ output = xa_sqlObj.check_table(db_name, db_user, db_password, x_db_version)
+ if output == False:
+ log("[I] --------- Creating version history table ---------","info")
+ xa_sqlObj.upgrade_db(db_name, db_user, db_password, xa_db_version_file)
+ log("[I] --------- Applying patches ---------","info")
+ xa_sqlObj.apply_patches(db_name, db_user, db_password, xa_patch_file)
+ audit_sqlObj.auditdb_operation(xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, audit_db_file, xa_access_audit)
+# '''
+ if len(argv)>1:
+ for i in range(len(argv)):
+ if str(argv[i]) == "-javapatch":
+ xa_sqlObj.execute_java_patches(xa_db_host, db_user, db_password, db_name)
+
+main(sys.argv)