#!/usr/bin/env python from ConfigParser import * import os, tempfile def ldap_init(fun): def __ldap_init(self): #print 'DEBUG: hello from __ldap_init()' # Are we going to use a HOST or URI config? if self.URI: self.l = self.ldap.initialize(self.URI) elif self.HOST: self.l = self.ldap.open(self.HOST, int(self.PORT)) else: # without a HOST or a URI, won't be able to initialize return False try: self.l.protocol_version = self.ldap.VERSION3 self.id = self.l.simple_bind(self.BINDDN,self.BINDPW) except (self.ldap.SERVER_DOWN), e: return False # good, we are connected and authenticated to the LDAP server return True return __ldap_init def ldap_read(fun): def read(self, filenames): if self.usingldap: #print '# DEBUG: All good on the LDAP front.' tempprefix = tempfile.mktemp() tmpfilenames = [] for conffile in filenames: shortname = os.path.basename(conffile).replace('.conf', '') tmpfile = '%s_%s' % (tempprefix, shortname) tmpfilenames.append(tmpfile) fh = open(tmpfile, 'w') #print '# DEBUG: writing to file %s' % tmpfile sections = {} # dict of dict for resultDN, ldif in self.l.search_s(self.BASEDN, self.ldap.SCOPE_ONELEVEL, 'cn=%s' % shortname): for attribute_name, value in ldif.iteritems(): try: shortname, section, option = attribute_name.split('--') #print 'DEBUG: attribute_name = %s' % attribute_name except (ValueError), e: continue if sections.has_key(section): sections[section][option] = value else: sections[section] = {} sections[section][option] = value # now to temporarily writeout the same config file for section, options in sections.iteritems(): #print 'DEBUG: [%s]' % section fh.write('\n[%s]\n' % section) for option, value in options.iteritems(): #print 'DEBUG: %s = %s' % (option, '\n'.join(value)) fh.write('%s = %s\n' % (option, ('\n'.join(value)).replace('--\\NEWLINE--', '\n '))) fh.close() #print '# DEBUG: Having SafeConfigParser read files: %s' % ', '.join(tmpfilenames) returnlist = SafeConfigParser.read(self, tmpfilenames) # cleanup [ os.remove(fn) for fn in tmpfilenames ] return returnlist else: return SafeConfigParser.read(self, filenames) return read #------------------------------ # Class inheritance class SafeConfigParser_L(SafeConfigParser): def __init__(self): self.HOST = os.getenv('ldap_host') self.PORT = os.getenv('ldap_port', '389') self.URI = os.getenv('ldap_uri') self.BINDDN = os.getenv('ldap_binddn', '') # '' = anonymous self.BINDPW = os.getenv('ldap_bindpw', '') # '' = anonymous self.BASEDN = os.getenv('ldap_basedn', 'dc=my-domain,dc=com') # try to import the LDAP module # then attempt to initialize connect to the LDAP server try: self.ldap = __import__('ldap') self.usingldap = self.__ldap_init() except (ImportError), e: self.usingldap = False SafeConfigParser.__init__(self) @ldap_init def __ldap_init(self): pass @ldap_read def read(self, filenames): pass class ConfigParser_L(ConfigParser): def __init__(self): self.HOST = os.getenv('ldap_host') self.PORT = os.getenv('ldap_port', '389') self.URI = os.getenv('ldap_uri') self.BINDDN = os.getenv('ldap_binddn', '') # '' = anonymous self.BINDPW = os.getenv('ldap_bindpw', '') # '' = anonymous self.BASEDN = os.getenv('ldap_basedn', 'dc=my-domain,dc=com') # try to import the LDAP module # then attempt to initialize connect to the LDAP server try: self.ldap = __import__('ldap') self.usingldap = self.__ldap_init() except (ImportError), e: self.usingldap = False SafeConfigParser.__init__(self) @ldap_init def __ldap_init(self): pass @ldap_read def read(self, filenames): pass #class RawConfigParser_L(RawConfigParser): # pass if __name__ == '__main__': cp = SafeConfigParser_L() cp.URI = 'ldap://localhost:389/' cp.BINDDN = 'cn=Manager,dc=my-domain,dc=com' cp.BINDPW = 'secret' cp.BASEDN = 'ou=fail2ban,ou=apps,dc=my-domain,dc=com' cp.read(['/etc/fail2ban/jail.conf']) for section in cp.sections(): #print '\nSection: %s\n%s' % (section, '-'*50) print '\n[%s]' % section for option in cp.options(section): print '%s = %s' % (option, cp.get(section, option))