Merge branch 'master' of github.com:jumpserver/jumpserver

Dockerfile

@@ -0,0 +1,37 @@
+FROM alpine
+MAINTAINER xRain <xrain@simcu.com>
+RUN apk add --update openssh sshpass python py-mysqldb py-psutil py-crypto && \
+	rm -rf /var/cache/apk/* 
+COPY . /jumpserver
+WORKDIR /jumpserver
+RUN python /jumpserver/install/docker/get-pip.py && \
+ 	pip install -r /jumpserver/install/docker/piprequires.txt && \
+	 rm -rf /jumpserver/docs && \
+ 	cp /jumpserver/install/docker/run.sh /run.sh && \
+  	rm -rf /etc/motd && chmod +x /run.sh && \
+  	rm -rf /jumpserver/keys && \
+  	rm -rf /jumpserver/logs && \
+  	rm -rf /home && \
+  	rm -rf /etc/ssh && \
+  	rm -rf /etc/shadow && \
+  	rm -rf /etc/passwd && \
+  	cp -r /jumpserver/install/docker/useradd /usr/sbin/useradd && \
+  	cp -r /jumpserver/install/docker/userdel /usr/sbin/userdel && \
+  	chmod +x /usr/sbin/useradd && \
+  	chmod +x /usr/sbin/userdel && \
+  	mkdir -p /data/home && \
+  	mkdir -p /data/logs && \
+  	mkdir -p /data/keys && \
+  	mkdir -p /data/ssh && \
+  	cp -r /jumpserver/install/docker/shadow /data/shadow && \
+  	cp -r /jumpserver/install/docker/passwd /data/passwd && \
+  	ln -s /data/logs /jumpserver/logs && \
+  	ln -s /data/keys /jumpserver/keys && \
+  	ln -s /data/home /home && \
+  	ln -s /data/ssh /etc/ssh && \
+  	ln -s /data/passwd /etc/passwd && \
+  	ln -s /data/shadow /etc/shadow && \
+  	chmod -R 777 /jumpserver
+VOLUME /data
+EXPOSE 80 22
+CMD /run.sh

README.md

@@ -69,7 +69,7 @@ Web批量执行命令
 
 [demo站点](http://demo.jumpserver.org)
 
-交流群: 399218702
+交流群: 552054376
 
 ### 团队
 

connect.py

@@ -249,7 +249,7 @@ class Tty(object):
                         allow_agent=False,
                         look_for_keys=False)
 
-        except paramiko.ssh_exception.AuthenticationException, paramiko.ssh_exception.SSHException:
+        except (paramiko.ssh_exception.AuthenticationException, paramiko.ssh_exception.SSHException):
             raise ServerError('认证失败 Authentication Error.')
         except socket.error:
             raise ServerError('端口可能不对 Connect SSH Socket Port Error, Please Correct it.')
@@ -585,7 +585,7 @@ class Nav(object):
                 print "请输入运行命令所关联系统用户的ID, q退出"
 
                 try:
-                    role_id = raw_input("\033[1;32mRole>:\033[0m ").strip()
+                    role_id = int(raw_input("\033[1;32mRole>:\033[0m ").strip())
                     if role_id == 'q':
                         break
                 except (IndexError, ValueError):

docker-compose.yaml

@@ -0,0 +1,17 @@
+version: '2'
+services:
+  jumpserver:
+    build: .
+    container_name: jumpserver
+    restart: always
+    ports:
+      - "8888:80"
+      - "2222:22"
+    # environment:
+    #   - ENGINE=mysql
+    #   - MYSQL_HOST=192.168.64.5
+    #   - MYSQL_PORT=3306
+    #   - MYSQL_USER=root
+    #   - MYSQL_PASS=love1314
+    #   - MYSQL_NAME=jumpserver
+    #   - MAIL_ENABLED=false

init.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
 #
 
 trap '' SIGINT

install/docker/config_tmpl.conf

@@ -0,0 +1,25 @@
+[base]
+url = 
+key = 941enj9neshd1wes
+ip = 0.0.0.0
+port = 80
+log = debug
+
+[db]
+engine = __ENGINE__
+host = __MYSQL_HOST__
+port = __MYSQL_PORT__
+user = __MYSQL_USER__
+password = __MYSQL_PASS__
+database = __DATEBASE__
+
+[mail]
+mail_enable = __MAIL_ENABLED__
+email_host = __MAIL_HOST__
+email_port = __MAIL_PORT__
+email_host_user = __MAIL_USER__
+email_host_password = __MAIL_PASS__
+email_use_tls = __MAIL_USE_TLS__
+
+[connect]
+nav_sort_by = ip

install/docker/passwd

@@ -0,0 +1,29 @@
+root:x:0:0:root:/root:/bin/ash
+bin:x:1:1:bin:/bin:/sbin/nologin
+daemon:x:2:2:daemon:/sbin:/sbin/nologin
+adm:x:3:4:adm:/var/adm:/sbin/nologin
+lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
+sync:x:5:0:sync:/sbin:/bin/sync
+shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
+halt:x:7:0:halt:/sbin:/sbin/halt
+mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
+news:x:9:13:news:/usr/lib/news:/sbin/nologin
+uucp:x:10:14:uucp:/var/spool/uucppublic:/sbin/nologin
+operator:x:11:0:operator:/root:/bin/sh
+man:x:13:15:man:/usr/man:/sbin/nologin
+postmaster:x:14:12:postmaster:/var/spool/mail:/sbin/nologin
+cron:x:16:16:cron:/var/spool/cron:/sbin/nologin
+ftp:x:21:21::/var/lib/ftp:/sbin/nologin
+sshd:x:22:22:sshd:/dev/null:/sbin/nologin
+at:x:25:25:at:/var/spool/cron/atjobs:/sbin/nologin
+squid:x:31:31:Squid:/var/cache/squid:/sbin/nologin
+xfs:x:33:33:X Font Server:/etc/X11/fs:/sbin/nologin
+games:x:35:35:games:/usr/games:/sbin/nologin
+postgres:x:70:70::/var/lib/postgresql:/bin/sh
+nut:x:84:84:nut:/var/state/nut:/sbin/nologin
+cyrus:x:85:12::/usr/cyrus:/sbin/nologin
+vpopmail:x:89:89::/var/vpopmail:/sbin/nologin
+ntp:x:123:123:NTP:/var/empty:/sbin/nologin
+smmsp:x:209:209:smmsp:/var/spool/mqueue:/sbin/nologin
+guest:x:405:100:guest:/dev/null:/sbin/nologin
+nobody:x:65534:65534:nobody:/:/sbin/nologin

install/docker/piprequires.txt

@@ -0,0 +1,19 @@
+#sphinx-me==0.3
+django==1.6
+#pycrypto==2.4.1
+paramiko==1.16.0
+ecdsa==0.13
+#MySQL-python==1.2.5
+#django-uuidfield==0.5.0
+#psutil==3.3.0
+xlsxwriter==0.7.7
+xlrd==0.9.4
+django-bootstrap-form==3.2
+tornado==4.3
+ansible==1.9.4
+pyinotify==0.9.6
+passlib==1.6.5
+argparse==1.4.0
+django-crontab==0.6.0
+django-smtp-ssl==1.0
+pyte==0.5.2

install/docker/run.sh

@@ -0,0 +1,53 @@
+#!/bin/sh
+cp -r /jumpserver/install/docker/config_tmpl.conf /jumpserver/jumpserver.conf
+if [ ! -n "${USE_MYSQL}" ]; then
+sed -i "s/__USE_MYSQL__/false/" /jumpserver/jumpserver.conf
+else
+sed -i "s/__USE_MYSQL__/true/" /jumpserver/jumpserver.conf
+sed -i "s/__MYSQL_HOST__/${MYSQL_HOST}/" /jumpserver/jumpserver.conf
+sed -i "s/__MYSQL_PORT__/${MYSQL_PORT}/" /jumpserver/jumpserver.conf
+sed -i "s/__MYSQL_USER__/${MYSQL_USER}/" /jumpserver/jumpserver.conf
+sed -i "s/__MYSQL_PASS__/${MYSQL_PASS}/" /jumpserver/jumpserver.conf
+sed -i "s/__MYSQL_NAME__/${MYSQL_NAME}/" /jumpserver/jumpserver.conf
+fi
+
+if [ ! -n "${MAIL_ENABLED}" ]; then
+sed -i "s/__MAIL_ENABLED__/false/" /jumpserver/jumpserver.conf
+else
+sed -i "s/__MAIL_ENABLED__/${MAIL_ENABLED}/" /jumpserver/jumpserver.conf
+sed -i "s/__MAIL_HOST__/${MAIL_HOST}/" /jumpserver/jumpserver.conf
+sed -i "s/__MAIL_PORT__/${MAIL_PORT}/" /jumpserver/jumpserver.conf
+sed -i "s/__MAIL_USER__/${MAIL_USER}/" /jumpserver/jumpserver.conf
+sed -i "s/__MAIL_PASS__/${MAIL_PASS}/" /jumpserver/jumpserver.conf
+fi
+if [ ! -n "${MAIL_USE_TLS}" ]; then
+sed -i "s/__MAIL_USE_TLS__/false/" /jumpserver/jumpserver.conf
+else
+sed -i "s/__MAIL_USE_TLS__/${MAIL_USE_TLS}/" /jumpserver/jumpserver.conf
+fi
+
+if [ ! -f "/etc/ssh/sshd_config" ]; then
+	cp -r /jumpserver/install/docker/sshd_config /etc/ssh/sshd_config
+fi
+if [ ! -f "/etc/ssh/ssh_host_rsa_key" ]; then
+  ssh-keygen -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
+fi
+if [ ! -f "/etc/ssh/ssh_host_dsa_key" ]; then
+  ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ''
+fi
+if [ ! -f "/etc/ssh/ssh_host_ecdsa_key" ]; then
+  ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key -N ''
+fi
+if [ ! -f "/etc/ssh/ssh_host_ed25519_key" ]; then
+  ssh-keygen -t ed25519 -b 1024 -f /etc/ssh/ssh_host_ed25519_key -N ''
+fi
+
+/usr/sbin/sshd -E /data/logs/jumpserver.log
+python /jumpserver/manage.py syncdb --noinput
+if [ ! -f "/home/init.locked" ]; then
+	python manage.py loaddata install/initial_data.yaml
+	date > /home/init.locked
+fi
+python /jumpserver/run_server.py >> /data/logs/jumpserver.log &
+chmod -R 777 /data/logs/jumpserver.log
+tail -f /data/logs/jumpserver.log

install/docker/shadow

@@ -0,0 +1,29 @@
+root:::0:::::
+bin:!::0:::::
+daemon:!::0:::::
+adm:!::0:::::
+lp:!::0:::::
+sync:!::0:::::
+shutdown:!::0:::::
+halt:!::0:::::
+mail:!::0:::::
+news:!::0:::::
+uucp:!::0:::::
+operator:!::0:::::
+man:!::0:::::
+postmaster:!::0:::::
+cron:!::0:::::
+ftp:!::0:::::
+sshd:!::0:::::
+at:!::0:::::
+squid:!::0:::::
+xfs:!::0:::::
+games:!::0:::::
+postgres:!::0:::::
+nut:!::0:::::
+cyrus:!::0:::::
+vpopmail:!::0:::::
+ntp:!::0:::::
+smmsp:!::0:::::
+guest:!::0:::::
+nobody:!::0:::::

install/docker/sshd_config

@@ -0,0 +1,146 @@
+#	$OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options override the
+# default value.
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+# The default requires explicit activation of protocol 1
+#Protocol 2
+
+# HostKey for protocol version 1
+#HostKey /etc/ssh/ssh_host_key
+# HostKeys for protocol version 2
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_dsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
+
+# Lifetime and size of ephemeral version 1 server key
+#KeyRegenerationInterval 1h
+#ServerKeyBits 1024
+
+# Ciphers and keying
+#RekeyLimit default none
+
+# Logging
+# obsoletes QuietMode and FascistLogging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+#PermitRootLogin prohibit-password
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#RSAAuthentication yes
+#PubkeyAuthentication yes
+PasswordAuthentication no
+ChallengeResponseAuthentication no
+
+# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
+# but this is overridden so installations will only check .ssh/authorized_keys
+AuthorizedKeysFile	.ssh/authorized_keys
+
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#RhostsRSAAuthentication no
+# similar for protocol version 2
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# RhostsRSAAuthentication and HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+#PasswordAuthentication yes
+#PermitEmptyPasswords no
+
+# Change to no to disable s/key passwords
+#ChallengeResponseAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+#UsePAM no
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+#X11Forwarding no
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PermitTTY yes
+#PrintMotd yes
+#PrintLastLog yes
+#TCPKeepAlive yes
+#UseLogin no
+#UsePrivilegeSeparation sandbox
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#UseDNS no
+#PidFile /run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+#VersionAddendum none
+
+# no default banner path
+#Banner none
+
+# override default of no subsystems
+Subsystem	sftp	/usr/lib/ssh/sftp-server
+
+# the following are HPN related configuration options
+# tcp receive buffer polling. disable in non autotuning kernels
+#TcpRcvBufPoll yes
+
+# disable hpn performance boosts
+#HPNDisabled no
+
+# buffer size for hpn to non-hpn connections
+#HPNBufferSize 2048
+
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+#	X11Forwarding no
+#	AllowTcpForwarding no
+#	PermitTTY no
+#	ForceCommand cvs server

install/docker/useradd

@@ -0,0 +1,2 @@
+#!/bin/sh
+adduser $@

install/docker/userdel

@@ -0,0 +1,2 @@
+#!/bin/sh
+deluser --remove-home $3

install/install.py

@@ -80,8 +80,8 @@ class PreSetup(object):
         self.ip = ''
         self.key = ''.join(random.choice(string.ascii_lowercase + string.digits) \
                            for _ in range(16))
-        self.dist = platform.linux_distribution(supported_dists=['system'])[0].lower()
+        self.dist = platform.linux_distribution()[0].lower()
-        self.version = platform.linux_distribution(supported_dists=['system'])[1]
+        self.version = platform.linux_distribution()[1]
 
     @property
     def _is_redhat(self):

install/next.py

@@ -96,7 +96,7 @@ class Setup(object):
         cmd = 'bash %s start' % os.path.join(jms_dir, 'service.sh')
         shlex.os.system(cmd)
         print
-        color_print('安装成功，请访问web, 祝你使用愉快。\n请访问 https://github.com/jumpserver/jumpserver/wiki 查看文档', 'green')
+        color_print('安装成功，Web登录请访问http://ip:8000, 祝你使用愉快。\n请访问 https://github.com/jumpserver/jumpserver/wiki 查看文档', 'green')
 
     def start(self):
         print "开始安装Jumpserver ..."

jlog/views.py

@@ -274,7 +274,7 @@ class TermLogRecorder(object):
         self.filename = filename
         filepath = os.path.join(path, 'tty', date, filename + '.zip')
         if not os.path.isdir(os.path.join(path, 'tty', date)):
-            os.makedirs(os.path.join(path, 'tty', date), mode=0777)
+            mkdir(os.path.join(path, 'tty', date), mode=777)
         while os.path.isfile(filepath):
             filename = str(uuid.uuid4())
             filepath = os.path.join(path, 'tty', date, filename + '.zip')

jperm/ansible_api.py

@@ -493,8 +493,8 @@ if __name__ == "__main__":
                  # # "ansible_become_user": "root",
                  # "ansible_become_pass": "yusky0902",
                  }]
-    cmd = Command(resource)
+    cmd.run('ls',pattern='*')
-    print cmd.run('ls')
+    print cmd.results_raw
 
     # resource = [{"hostname": "192.168.10.148", "port": "22", "username": "root", "password": "xxx"}]
     # task = Tasks(resource)

jumpserver.conf

@@ -6,6 +6,7 @@ port = 8000
 log = debug
 
 [db]
+engine = mysql
 host = 127.0.0.1
 port = 3306
 user = jumpserver
@@ -18,7 +19,7 @@ email_host =
 email_port = 587
 email_host_user = 
 email_host_password = 
-email_use_tls = True
+email_use_tls = False
 email_use_ssl = False
 
 [connect]

jumpserver/settings.py

@@ -19,12 +19,6 @@ BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
 config.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
 KEY_DIR = os.path.join(BASE_DIR, 'keys')
 
-
-DB_HOST = config.get('db', 'host')
-DB_PORT = config.getint('db', 'port')
-DB_USER = config.get('db', 'user')
-DB_PASSWORD = config.get('db', 'password')
-DB_DATABASE = config.get('db', 'database')
 AUTH_USER_MODEL = 'juser.User'
 # mail config
 MAIL_ENABLE = config.get('mail', 'mail_enable')
@@ -104,24 +98,37 @@ WSGI_APPLICATION = 'jumpserver.wsgi.application'
 
 # Database
 # https://docs.djangoproject.com/en/1.7/ref/settings/#databases
-
+DATABASES = {}
-DATABASES = {
+if config.get('db', 'engine') == 'mysql': 
-    'default': {
+    DB_HOST = config.get('db', 'host')
-        'ENGINE': 'django.db.backends.mysql',
+    DB_PORT = config.getint('db', 'port')
-        'NAME': DB_DATABASE,
+    DB_USER = config.get('db', 'user')
-        'USER': DB_USER,
+    DB_PASSWORD = config.get('db', 'password')
-        'PASSWORD': DB_PASSWORD,
+    DB_DATABASE = config.get('db', 'database')
-        'HOST': DB_HOST,
+    DATABASES = {
-        'PORT': DB_PORT,
+        'default': {
+            'ENGINE': 'django.db.backends.mysql',
+            'NAME': DB_DATABASE,
+            'USER': DB_USER,
+            'PASSWORD': DB_PASSWORD,
+            'HOST': DB_HOST,
+            'PORT': DB_PORT,
+        }
+    }
+elif config.get('db', 'engine') == 'sqlite':
+    DATABASES = {
+        'default': {
+            'ENGINE': 'django.db.backends.sqlite3',
+            'NAME': config.get('db', 'database'),
+        }
+    }
+else:
+    DATABASES = {
+        'default': {
+            'ENGINE': 'django.db.backends.sqlite3',
+            'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+        }
     }
-}
-
-# DATABASES = {
-#     'default': {
-#         'ENGINE': 'django.db.backends.sqlite3',
-#         'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
-#     }
-# }
 TEMPLATE_CONTEXT_PROCESSORS = (
     'django.contrib.auth.context_processors.auth',
     'django.core.context_processors.debug',

juser/user_api.py

@@ -151,7 +151,7 @@ def server_add_user(username, ssh_key_pwd=''):
     add a system user in jumpserver
     在jumpserver服务器上添加一个用户
     """
-    bash("useradd -s '%s' '%s'" % (os.path.join(BASE_DIR, 'init.sh'), username))
+    bash("adduser -s '%s' '%s'" % (os.path.join(BASE_DIR, 'init.sh'), username))
     gen_ssh_key(username, ssh_key_pwd)
 
 
@@ -183,6 +183,7 @@ def server_del_user(username):
     bash('userdel -r -f %s' % username)
     logger.debug('rm -f %s/%s_*.pem' % (os.path.join(KEY_DIR, 'user'), username))
     bash('rm -f %s/%s_*.pem' % (os.path.join(KEY_DIR, 'user'), username))
+    bash('rm -f %s/%s.pem*' % (os.path.join(KEY_DIR, 'user'), username))
 
 
 def get_display_msg(user, password='', ssh_key_pwd='', send_mail_need=False):

juser/views.py

@@ -323,7 +323,7 @@ def reset_password(request):
         else:
             user = get_object(User, uuid=uuid_r)
             if user:
-                user.password = PyCrypt.md5_crypt(password)
+                user.set_password(password)
                 user.save()
                 return http_success(request, u'密码重设成功')
             else:
@@ -419,7 +419,9 @@ def change_info(request):
             error = '不能为空'
 
         if not error:
-            User.objects.filter(id=user_id).update(name=name, email=email)
+            user.name = name
+            user.email = email
+            user.save()
             if len(password) > 0:
                 user.set_password(password)
                 user.save()

run_server.py

@@ -502,7 +502,7 @@ def main():
         ], **setting)
 
     server = tornado.httpserver.HTTPServer(tornado_app)
-    server.listen(options.port)
+    server.listen(options.port, address=IP)
 
     tornado.ioloop.IOLoop.instance().start()
 

templates/footer.html

@@ -1,6 +1,6 @@
 <div class="footer fixed">
     <div class="pull-right">
-        Version <strong>0.3.1</strong> GPL.
+        Version <strong>0.3.2</strong> GPL.
     </div>
     <div>
         <strong>Copyright</strong> Jumpserver.org Team &copy; 2014-2015

templates/jasset/group_edit.html

@@ -153,6 +153,7 @@
 });
 
     function on_submit(id){
+        search_ip('', 'asset_select', 'asset_select_total')  //提交之前清空过滤框
         $('#'+id+' option').each(
             function(){
                 $(this).prop('selected', true)

templates/jperm/perm_role_edit.html

@@ -94,7 +94,7 @@ $('#roleForm').validator({
     timely: 2,
     theme: "yellow_right_effect",
     rules: {
-        check_name: [/(?!^root$)^\w{2,20}$/i, '大小写字母数字和下划线,2-20位,并且非root'],
+        check_name: [/(?!^root$)^[\w.]{2,20}$/i, '大小写字母数字和下划线小数点,2-20位,并且非root'],
         check_begin: [/^[\-]+BEGIN RSA PRIVATE KEY[\-]+/gm, 'RSA Key填写有误，请检查'],
 
     },

templates/juser/group_add.html

@@ -55,6 +55,7 @@
                                 <div class="col-sm-3">
                                     <div>
                                         <select id="users_selected" name="users_selected" class="form-control m-b" size="12"  multiple>
+                                    
                                         </select>
                                     </div>
                                 </div>