Untitled

#!/usr/bin/env python

import daemon
import time
import socket
import fcntl
import struct
import md5
import sys
import os

def getHwAddr(ifname):
	s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
	info = fcntl.ioctl(s.fileno(), 0x8927,  struct.pack('256s', ifname[:15]))
	return ''.join(['%02x:' % ord(char) for char in info[18:24]])[:-1]

serverkey = md5.md5(getHwAddr('eth0')).hexdigest()

addr = ('', 30331)
isock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
isock.bind(addr)

daemon.daemonize()
while True:
	isock.listen(1)
	conn, addr = isock.accept()
	data = conn.recv(1024)
	print data
	sdata = data.split()
	if len(sdata) > 0:
		if sdata[0] != serverkey:
			conn.send('access denied')
			conn.close()
		else :
			if sdata[1] == 'create':
				if len(sdata) < 5:
					conn.send('Invalid parameters')
				else:
					username = sdata[2]
					password = sdata[3]
					quota = sdata[4]
					cmd = '/usr/sbin/useradd -G backup -s /bin/bash %s 2>&1' % (username)
					res = os.popen(cmd).read().rstrip()
					if len(res) == 0:
						cmd = '/bin/echo %s > /tmp/pw ; /usr/bin/passwd --stdin %s < /tmp/pw; /bin/rm -f /tmp/pw' % (password, username)
						res = os.popen(cmd).read()
						cmd = 'jk_jailuser -m -j /home/jail %s' % (username)
                                                res = os.popen(cmd).read()
						cmd = 'sed "s=/home/%s:/usr/sbin/jk_lsh=/home/%s:/bin/bash=g" /home/jail/etc/passwd > /home/jail/etc/passwd.new; rm -f /home/jail/etc/passwd; mv /home/jail/etc/passwd.new /home/jail/etc/passwd' % (username,username)
                                                res = os.popen(cmd).read()
						cmd= '/usr/sbin/setquota -u %s 0 %s 0 0 -a /dev/xvda3' % (username, quota)
						res = os.popen(cmd).read()
						conn.send('success')
					else:
						conn.send('username already exists')
			elif sdata[1] == 'terminate':
				username = sdata[2]
				cmd = '/usr/sbin/userdel -rf %s' % (username)
				res = os.popen(cmd).read().rstrip()
				cmd = 'cat /home/jail/etc/passwd | grep -v %s > /home/jail/etc/passwd.new; rm -f /home/jail/etc/passwd; mv /home/jail/etc/passwd.new /home/jail/etc/passwd' % (username)					res = os.popen(cmd).read().rstrip()
				cmd = 'cat /home/jail/etc/group | grep -v ^%s > /home/jail/etc/group.new; rm -f /home/jail/etc/group; mv /home/jail/etc/group.new /home/jail/etc/group' % (username)
				res = os.popen(cmd).read().rstrip()
				conn.send('success')
			elif sdata[1] == 'suspend':
				username = sdata[2]
				cmd = '/usr/bin/chsh -s /bin/false %s 2>&1' % (username)
				res = os.popen(cmd).read()
				conn.send('success')
			elif sdata[1] == 'unsuspend':
				username = sdata[2]
				cmd = '/usr/bin/chsh -s /bin/bash %s 2>&1' % (username)
				res = os.popen(cmd).read()
				conn.send('success')
			elif sdata[1] == 'chpw':
				username = sdata[2]
				password = sdata[3]
				cmd = '/bin/echo %s > /tmp/pw ; /usr/bin/passwd --stdin %s < /tmp/pw; /bin/rm -f /tmp/pw' % (password, username)
				res = os.popen(cmd).read()
				conn.send('success')
			elif sdata[1] == 'getuserusage':
				username = sdata[2]
				cmd = '/usr/bin/quota %s | /usr/bin/tail -1 | /bin/awk {\'print $2\'}' % (username)
				res = os.popen(cmd).read()
				conn.send(res)
			elif sdata[1] == 'getuserlimit':
                                username = sdata[2]
                                cmd = '/usr/bin/quota %s | /usr/bin/tail -1 | /bin/awk {\'print $4\'}' % (username)
                                res = os.popen(cmd).read()
                                conn.send(res)

			else:
				conn.send('access denied')

			conn.close()