修复centos7安装报错-平台不支持 (#603 )

make sure logs directory exists (#374 )
Update connect.py
2025-12-16 00:52:41 +00:00 · 2017-08-07 16:44:11 +08:00 · 2017-04-20 16:51:52 +08:00 · 2017-03-13 18:30:23 +08:00 · 2016-11-22 17:44:20 +08:00 · 2016-11-17 10:54:23 +08:00
17 changed files with 84 additions and 32 deletions
--- a/connect.py
+++ b/connect.py
@@ -522,8 +522,12 @@ class Nav(object):
                asset_info = get_asset_info(asset)
                # 获取该资产包含的角色
                role = [str(role.name) for role in self.user_perm.get('asset').get(asset).get('role')]
-                print line % (index, asset.ip, asset_info.get('port'),
+                try:
-                              self.truncate_str(asset.hostname), str(role).replace("'", ''), asset.comment)
+                    print line % (index, asset.ip, asset_info.get('port'),
                                  self.truncate_str(asset.hostname), str(role).replace("'", ''), asset.comment)
                except:
                    print line % (index, asset.ip, asset_info.get('port'),
                                  self.truncate_str(asset.hostname), str(role).replace("'", ''), '')
        print
    def try_connect(self):
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -8,10 +8,18 @@ services:
      - "8888:80"
      - "2222:22"
    # environment:
-    #   - ENGINE=mysql
+    #   - USE_MYSQL=true
-    #   - MYSQL_HOST=192.168.64.5
+    #   - MYSQL_ENGINE=mysql
    #   - MYSQL_HOST=192.168.50.143
    #   - MYSQL_PORT=3306
-    #   - MYSQL_USER=root
+    #   - MYSQL_USER=jumpserver
    #   - MYSQL_PASS=love1314
    #   - MYSQL_NAME=jumpserver
-    #   - MAIL_ENABLED=false
+    #   - USE_MAIL=true
    #   - MAIL_ENABLED=1
    #   - MAIL_HOST=smtp.163.com
    #   - MAIL_PORT=25
    #   - MAIL_USER=jumpserver@163.com
    #   - MAIL_PASS=123456
    #   - MAIL_USE_TLS=False
    #   - MAIL_USE_SSL=False
--- a/install/docker/config_tmpl.conf
+++ b/install/docker/config_tmpl.conf
@@ -6,12 +6,12 @@ port = 80
 log = debug
 [db]
-engine = __ENGINE__
+engine = __MYSQL_ENGINE__
 host = __MYSQL_HOST__
 port = __MYSQL_PORT__
 user = __MYSQL_USER__
 password = __MYSQL_PASS__
-database = __DATEBASE__
+database = __MYSQL_NAME__
 [mail]
 mail_enable = __MAIL_ENABLED__
@@ -20,6 +20,7 @@ email_port = __MAIL_PORT__
 email_host_user = __MAIL_USER__
 email_host_password = __MAIL_PASS__
 email_use_tls = __MAIL_USE_TLS__
 email_use_ssl = __MAIL_USE_SSL__
 [connect]
 nav_sort_by = ip
--- a/install/docker/run.sh
+++ b/install/docker/run.sh
@@ -3,7 +3,7 @@ cp -r /jumpserver/install/docker/config_tmpl.conf /jumpserver/jumpserver.conf
 if [ ! -n "${USE_MYSQL}" ]; then
 sed -i "s/__USE_MYSQL__/false/" /jumpserver/jumpserver.conf
 else
-sed -i "s/__USE_MYSQL__/true/" /jumpserver/jumpserver.conf
+sed -i "s/__MYSQL_ENGINE__/${MYSQL_ENGINE}/" /jumpserver/jumpserver.conf
 sed -i "s/__MYSQL_HOST__/${MYSQL_HOST}/" /jumpserver/jumpserver.conf
 sed -i "s/__MYSQL_PORT__/${MYSQL_PORT}/" /jumpserver/jumpserver.conf
 sed -i "s/__MYSQL_USER__/${MYSQL_USER}/" /jumpserver/jumpserver.conf
@@ -11,8 +11,8 @@ sed -i "s/__MYSQL_PASS__/${MYSQL_PASS}/" /jumpserver/jumpserver.conf
 sed -i "s/__MYSQL_NAME__/${MYSQL_NAME}/" /jumpserver/jumpserver.conf
 fi
-if [ ! -n "${MAIL_ENABLED}" ]; then
+if [ ! -n "${USE_MAIL}" ]; then
-sed -i "s/__MAIL_ENABLED__/false/" /jumpserver/jumpserver.conf
+sed -i "s/__USE_MAIL__/false/" /jumpserver/jumpserver.conf
 else
 sed -i "s/__MAIL_ENABLED__/${MAIL_ENABLED}/" /jumpserver/jumpserver.conf
 sed -i "s/__MAIL_HOST__/${MAIL_HOST}/" /jumpserver/jumpserver.conf
@@ -25,7 +25,11 @@ sed -i "s/__MAIL_USE_TLS__/false/" /jumpserver/jumpserver.conf
 else
 sed -i "s/__MAIL_USE_TLS__/${MAIL_USE_TLS}/" /jumpserver/jumpserver.conf
 fi
-
+if [ ! -n "${MAIL_USE_SSL}" ]; then
 sed -i "s/__MAIL_USE_SSL__/false/" /jumpserver/jumpserver.conf
 else
 sed -i "s/__MAIL_USE_SSL__/${MAIL_USE_SSL}/" /jumpserver/jumpserver.conf
 fi
 if [ ! -f "/etc/ssh/sshd_config" ]; then
 	cp -r /jumpserver/install/docker/sshd_config /etc/ssh/sshd_config
 fi
@@ -42,12 +46,16 @@ if [ ! -f "/etc/ssh/ssh_host_ed25519_key" ]; then
  ssh-keygen -t ed25519 -b 1024 -f /etc/ssh/ssh_host_ed25519_key -N ''
 fi
 # handle empty data directory
 mkdir -p /data/logs
 /usr/sbin/sshd -E /data/logs/jumpserver.log
 python /jumpserver/manage.py syncdb --noinput
 if [ ! -f "/home/init.locked" ]; then
-	python manage.py loaddata install/initial_data.yaml
+	python /jumpserver/manage.py loaddata install/initial_data.yaml
 	date > /home/init.locked
 fi
-python /jumpserver/run_server.py >> /data/logs/jumpserver.log &
+python /jumpserver/manage.py crontab add >> /data/logs/jumpserver.log &
 python /jumpserver/run_server.py >> /dev/null &
 chmod -R 777 /data/logs/jumpserver.log
 tail -f /data/logs/jumpserver.log
--- a/install/install.py
+++ b/install/install.py
@@ -85,12 +85,12 @@ class PreSetup(object):
    @property
    def _is_redhat(self):
-        if self.dist.startswith("centos") or self.dist.startswith("red") or self.dist == "fedora" or self.dist == "amazon linux ami":
+        if self.dist.startswith("centos") or self.dist.startswith("red") or self.dist == "fedora" or self.dist == "oracle" or self.dist == "amazon linux ami":
            return True
    @property
    def _is_centos7(self):
-        if self.dist.startswith("centos") and self.version.startswith("7"):
+        if self.dist.startswith("centos") or self.dist.startswith("centos linux") and self.version.startswith("7"):
            return True
    @property
@@ -104,8 +104,8 @@ class PreSetup(object):
            return True
    def check_platform(self):
-        if not (self._is_redhat or self._is_ubuntu):
+        if not (self._is_redhat or self._is_ubuntu or self._is_centos7):
-            print(u"支持的平台: CentOS, RedHat, Fedora, Debian, Ubuntu, Amazon Linux, 暂不支持其他平台安装.")
+            print(u"支持的平台: CentOS, RedHat, Fedora, Oracle Linux, Debian, Ubuntu, Amazon Linux, 暂不支持其他平台安装.")
            exit()
    @staticmethod
--- a/jperm/ansible_api.py
+++ b/jperm/ansible_api.py
@@ -409,6 +409,17 @@ class MyTask(MyRunner):
        self.run("script", module_args1, become=True)
        return self.results
    def recyle_cmd_alias(self, role_name):
        """
        recyle sudo cmd alias
        :return:
        """
        if role_name == 'root':
            return {"status": "failed", "msg": "can't recyle root privileges"}
        module_args = "sed -i 's/^%s.*//' /etc/sudoers" % role_name
        self.run("command", module_args, become=True)
        return self.results
 class CustomAggregateStats(callbacks.AggregateStats):
    """                                                                             
--- a/jperm/views.py
+++ b/jperm/views.py
@@ -81,6 +81,7 @@ def perm_rule_detail(request):
    return my_render('jperm/perm_rule_detail.html', locals(), request)
@require_role('admin')
 def perm_rule_add(request):
    """
    add rule page
@@ -533,6 +534,8 @@ def perm_role_push(request):
            sudo_list = set([sudo for sudo in role.sudo.all()])  # set(sudo1, sudo2, sudo3)
            if sudo_list:
                ret['sudo'] = task.push_sudo_file([role], sudo_list)
            else:
                ret['sudo'] = task.recyle_cmd_alias(role.name)
        logger.debug('推送role结果: %s' % ret)
        success_asset = {}
@@ -576,7 +579,7 @@ def perm_role_push(request):
        if not failed_asset:
            msg = u'系统用户 %s 推送成功[ %s ]' % (role.name, ','.join(success_asset.keys()))
        else:
-            error = u'系统用户 %s 推送失败 [ %s ], 推送成功 [ %s ] 进入系统用户详情，查看失败原因' % (role.name,
+            error = u'系统用户 %s 推送失败 [ %s ], 推送成功 [ %s ] 请点系统用户->点对应名称->点失败，查看失败原因' % (role.name,
                                                                ','.join(failed_asset.keys()),
                                                                ','.join(success_asset.keys()))
    return my_render('jperm/perm_role_push.html', locals(), request)
--- a/juser/user_api.py
+++ b/juser/user_api.py
@@ -151,7 +151,7 @@ def server_add_user(username, ssh_key_pwd=''):
    add a system user in jumpserver
    在jumpserver服务器上添加一个用户
    """
-    bash("adduser -s '%s' '%s'" % (os.path.join(BASE_DIR, 'init.sh'), username))
+    bash("useradd -s '%s' '%s'" % (os.path.join(BASE_DIR, 'init.sh'), username))
    gen_ssh_key(username, ssh_key_pwd)
--- a/juser/views.py
+++ b/juser/views.py
@@ -10,6 +10,7 @@ from django.shortcuts import get_object_or_404
 from django.db.models import Q
 from juser.user_api import *
 from jperm.perm_api import get_group_user_perm
 import re
 MAIL_FROM = EMAIL_HOST_USER
@@ -142,7 +143,7 @@ def user_add(request):
    group_all = UserGroup.objects.all()
    if request.method == 'POST':
-        username = request.POST.get('username', '')
+        username = request.POST.get('username', '')      
        password = PyCrypt.gen_rand_pass(16)
        name = request.POST.get('name', '')
        email = request.POST.get('email', '')
@@ -159,15 +160,23 @@ def user_add(request):
            if '' in [username, password, ssh_key_pwd, name, role]:
                error = u'带*内容不能为空'
                raise ServerError
            check_user_is_exist = User.objects.filter(username=username)
            if check_user_is_exist:
                error = u'用户 %s 已存在' % username
                raise ServerError
            if username in ['root']:
                error = u'用户不能为root'
                raise ServerError
        except ServerError:
            pass
        else:
            try:
                if not re.match(r"^\w+$",username):
                    error = u'用户名不合法'
                    raise ServerError(error)
                user = db_add_user(username=username, name=name,
                                   password=password,
                                   email=email, role=role, uuid=uuid_r,
--- a/run_server.py
+++ b/run_server.py
@@ -416,7 +416,7 @@ class WebTerminalHandler(tornado.websocket.WebSocketHandler):
            data = ''
            pre_timestamp = time.time()
            while True:
-                r, w, e = select.select([self.channel, sys.stdin], [], [])
+                r, w, e = select.select([self.channel], [], [])
                if self.channel in r:
                    recv = self.channel.recv(1024)
                    if not len(recv):
@@ -494,7 +494,7 @@ def main():
        [
            (r'/ws/monitor', MonitorHandler),
            (r'/ws/terminal', WebTerminalHandler),
-            (r'/kill', WebTerminalKillHandler),
+            (r'/ws/kill', WebTerminalKillHandler),
            (r'/ws/exec', ExecHandler),
            (r"/static/(.*)", tornado.web.StaticFileHandler,
             dict(path=os.path.join(os.path.dirname(__file__), "static"))),
--- a/service.sh
+++ b/service.sh
@@ -28,6 +28,11 @@ PROC_NAME="jumpserver"
 lockfile=/var/lock/subsys/${PROC_NAME}
 start() {
        if [ $(whoami) != 'root' ];then
            echo "Sorry, JMS must be run as root"
            exit 1
        fi
        jump_start=$"Starting ${PROC_NAME} service:"
        if [ -f $lockfile ];then
             echo -n "jumpserver is running..."
--- a/static/js/webterminal.js
+++ b/static/js/webterminal.js
@@ -13,7 +13,7 @@ WSSHClient.prototype._generateEndpoint = function (options) {
        var protocol = 'ws://';
    }
-    var endpoint = protocol + document.URL.match(RegExp('//(.*?)/'))[1] + '/ws/terminal' + document.URL.match(/(\?.*)/);
+    var endpoint = protocol + document.URL.match(RegExp('//(.*?)/'))[1] + '/ws/terminal' + document.URL.match(/\?.*/);
    return endpoint;
 };
 WSSHClient.prototype.connect = function (options) {
@@ -151,4 +151,4 @@ $(document).ready(function () {
    $(".terminal").mouseenter(function () {
        $(".termChangBar").slideUp();
    })
-});
+});
--- a/templates/jlog/log_online.html
+++ b/templates/jlog/log_online.html
@@ -215,7 +215,7 @@
   function cut(num, login_type){
       var protocol = window.location.protocol;
-       var endpoint = protocol + '//' +  document.URL.match(RegExp('//(.*?)/'))[1] + '/kill';
+       var endpoint = protocol + '//' +  document.URL.match(RegExp('//(.*?)/'))[1] + '/ws/kill';
       if (login_type=='web'){
           var g_url = endpoint + '?id=' + num;
           console.log(g_url);
--- a/templates/jperm/perm_role_add.html
+++ b/templates/jperm/perm_role_add.html
@@ -37,6 +37,7 @@
                                <label for="role_name" class="col-sm-2 control-label">用户名称<span class="red-fonts">*</span></label>
                                <div class="col-sm-8">
                                    <input id="role_name" name="role_name" placeholder="Role Name" type="text" class="form-control">
                                    <span class="help-block m-b-none">如果客户端是网络设备，填写已配置的SSH登录用户，支持SSH协议V2.0以上 </span>
                                </div>
                            </div>
                            <div class="hr-line-dashed"></div>
@@ -44,7 +45,7 @@
                                <label for="role_password" class="col-sm-2 control-label">用户密码</label>
                                <div class="col-sm-8">
                                    <input id="role_password" name="role_password" placeholder="Role Password" type="password" class="form-control">
-                                    <span class="help-block m-b-none">如果不添加密码，会自动生成</span>
+                                    <span class="help-block m-b-none">如果客户端是网络设备这里必填，如果客户端是服务器，密码不会被推送，不会修改客户端原有的用户密码，请忽略这里</span>
                                </div>
                            </div>
                            <div class="form-group">
--- a/templates/jperm/perm_role_push.html
+++ b/templates/jperm/perm_role_push.html
@@ -66,10 +66,11 @@
                            <div class="row">
                                <div class="form-group">
                                    <label for="j_group" class="col-sm-2 control-label">使用密钥</label>
-                                    <div class="col-sm-1">
+                                    <div class="col-sm-8">
                                        <div class="radio i-checks">
                                            <label>
                                                <input type="checkbox" value="1" id="use_publicKey" name="use_publicKey" checked>
                                                <span class="help-block m-b-none">如果资产是网络设备，请取消复选框(模拟推送)，如果资产是服务器，要选种复选框 </span>
                                            </label>
                                        </div>
                                    </div>
--- a/templates/juser/user_add.html
+++ b/templates/juser/user_add.html
@@ -126,6 +126,7 @@ $('#userForm').validator({
    timely: 2,
    theme: "yellow_right_effect",
    rules: {
        check_name: [/(?!^root$)^[\w.]{2,20}$/i, '大小写字母数字和下划线小数点,2-20位,并且非root'],
        check_username: [/^[\w.]{3,20}$/, '大小写字母数字和下划线小数点'],
        type_m: function(element){
                    return  $("#M").is(":checked");
@@ -133,7 +134,7 @@ $('#userForm').validator({
    },
    fields: {
        "username": {
-            rule: "required;check_username",
+            rule: "required;check_username;check_name",
            tip: "输入用户名",
            ok: "",
            msg: {required: "必须填写!"}
@@ -174,4 +175,4 @@ $('#userForm').validator({
 {#})#}
 </script>
-{% endblock %}
+{% endblock %}
--- a/templates/setting.html
+++ b/templates/setting.html
@@ -49,7 +49,7 @@
                                                <input name="setting" value="default" style="display: none">
                                                <div class="col-sm-8">
                                                    <input id="username" name="username" placeholder="Username" type="text" value="{{ setting_default.field1 }}" class="form-control">
-                                                    <span class="help-block m-b-none"> 管理账号是服务器存在的root等高权限账号(或拥有NOPASSWD: ALL sudo权限)，用来推送新建系统用户</span>
+                                                    <span class="help-block m-b-none"> 管理用户是指客户端上的如root等高权限账号(或拥有NOPASSWD: ALL sudo权限)，用来推送新建系统用户</span>
                                                </div>
                                            </div>
                                            <div class="hr-line-dashed"></div>
@@ -147,4 +147,4 @@
            }
    })
 </script>
-{% endblock %}
+{% endblock %}
Author	SHA1	Message	Date
vincent927	a114e173e0	修复centos7安装报错-平台不支持 (#603 )	2017-08-07 16:44:11 +08:00
Leon Chan	402df81048	make sure logs directory exists (#374 )	2017-04-20 16:51:52 +08:00
老广	2a51eeef10	Update connect.py	2017-03-13 18:30:23 +08:00
假想控	4b593e56f9	添加系统用户推送，使用密钥说明文案添加系统用户推送，使用密钥说明文案	2016-11-22 17:44:20 +08:00
紫川秀	9f3c83b052	修复普通用户能添加授权bug (#324 ) * 修复sudo别名取消后不回收bug * 修复普通用户能添加授权bug	2016-11-17 10:54:23 +08:00
紫川秀	a864c38238	修复sudo别名取消后不回收bug (#322 )	2016-11-16 10:10:04 +08:00
假想控	547408222d	网页连接主机 js regx bug #292 ws://jumpserver.com/ws/terminal?id=1&role=admin,?id=1&role=admin 而期望的结果应该是ws://jumpserver.com/ws/terminal?id=1&role=admin 所以document.URL.match(/(\?.)/)里的正则表达式应该去掉分组，变为 document.URL.match(/\?./)	2016-11-09 13:39:45 +08:00
假想控	0ad26254ef	修改系统用户推送失败，进入系统用户详情说明文案修改系统用户推送失败，进入系统用户详情说明文案	2016-11-09 12:34:26 +08:00
假想控	b7e138f919	修改添加系统用户，用户名说明文案修改添加系统用户，用户名说明文案	2016-11-09 11:28:16 +08:00
假想控	2ec415fd84	修改添加系统用户，密码说明文案修改添加系统用户，密码说明文案	2016-11-09 10:59:34 +08:00
假想控	b3c12e8861	修复使用mysql未初始化问题 1.修复使用mysql未初始化问题 2.crontab add	2016-11-07 13:39:12 +08:00
假想控	da8f30fc72	修改用户密码说明文案修改用户密码说明文案	2016-11-04 21:07:21 +08:00
假想控	cddb0ce537	Merge pull request #310 from MoonTails83/patch-1 Update install.py	2016-11-04 20:00:58 +08:00
peter17919	124e26fa32	fix #311 (#313 ) * Update views.py * Update views.py * Update views.py * Update views.py * Update views.py	2016-11-03 18:33:38 +08:00
假想控	59c689cd61	Update run.sh 1.更改sed -i "s/__MYSQL_ENGINE__/${MYSQL_ENGINE}/" /jumpserver/jumpserver.conf 2.新增MAIL_USE_SSL	2016-11-03 14:33:16 +08:00
假想控	0cc36b1302	Update docker-compose.yaml # environment: - USE_MAIL=true	2016-11-03 14:14:10 +08:00
假想控	0ac9d19252	修改 [db]&[mail] 1.[db] engine = __MYSQL_ENGINE__ database = __MYSQL_NAME__ 2.[mail] email_use_ssl = __MAIL_USE_SSL__	2016-11-03 14:03:52 +08:00
假想控	d9e497e8be	修改 environment 修改 environment: - USE_MYSQL=true - MYSQL_ENGINE=mysql - MYSQL_HOST=192.168.50.143 - MYSQL_PORT=3306 - MYSQL_USER=jumpserver - MYSQL_PASS=love1314 - MYSQL_NAME=jumpserver - USE_ENABLED=true - MAIL_ENABLED=1 - MAIL_HOST=smtp.163.com - MAIL_PORT=25 - MAIL_USER=evilsmall@163.com - MAIL_PASS=Fuck123 - MAIL_USE_TLS=False - MAIL_USE_SSL=False	2016-11-03 13:59:21 +08:00
假想控	e18ae7f82c	Update user_add.html 禁止创建root用户	2016-10-27 17:53:43 +08:00
老广	e5286686b9	Update views.py check valid user when username == 'root'	2016-10-27 17:08:46 +08:00
MoonTails83	332316b0af	Update install.py	2016-10-09 11:25:25 +08:00
老广	8f666785d2	Modify select pop stdin #283 More see this issue	2016-09-05 19:05:12 +08:00
假想控	0ed4b84b63	Update setting.html 修改管理用户说明将服务器改为客户端	2016-08-08 16:03:05 +08:00
老广	97591e6f03	Update service.sh	2016-08-05 13:39:34 +08:00
老广	5d5d8ab32a	run service.sh using root user	2016-08-04 10:23:57 +08:00
老广	5489f3ae36	Modify server_add_user function Change adduser to useradd. Make compatible will debian, ubuntu	2016-08-04 10:08:46 +08:00
liuzheng712	ce7a3d1f33	change uri /kill to /ws/kill	2016-07-31 10:29:17 +08:00