0.9.9.1-alt1

- Fixed method call (Closes: 41994)
- Removed unnecessary replace
- Fixed declaration of variable

dist/gpupdate-remote-policy

@@ -0,0 +1,4 @@
+#%PAM-1.0
+#auth		optional	pam_mount.so
+session		required	pam_mkhomedir.so silent
+#session		optional	pam_mount.so

dist/gpupdate-user.service

@@ -4,7 +4,8 @@ Description=gpupdate in userspace
 
 # gpupdate on Windows runs once per hour
 [Service]
-Environment="PATH=/bin:/sbin:/usr/bin:/usr/sbin"
+Environment=PATH=/bin:/sbin:/usr/bin:/usr/sbin
+UnsetEnvironment=LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION
 Type=simple
 RestartSec=3600
 TimeoutSec=3000

dist/gpupdate.service

@@ -3,7 +3,8 @@ Description=Group policy update for machine
 After=syslog.target network-online.target sssd.service
 
 [Service]
-Environment="PATH=/bin:/sbin:/usr/bin:/usr/sbin"
+Environment=PATH=/bin:/sbin:/usr/bin:/usr/sbin
+UnsetEnvironment=LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION
 Type=simple
 RestartSec=3600
 TimeoutSec=3000

dist/system-policy-gpupdate

@@ -1,6 +1,6 @@
 #%PAM-1.0
 session		[success=2 perm_denied=ignore default=die]	pam_localuser.so
-session		required	pam_mkhomedir.so silent
+session		substack	gpupdate-remote-policy
 session		[default=1]	pam_permit.so
 session		[default=6]	pam_permit.so
 session		[success=1 default=ignore]	pam_succeed_if.so user ingroup users quiet

gpoa/frontend/appliers/control.py

@@ -19,7 +19,7 @@
 import subprocess
 import threading
 import logging
-from util.logging import slogm
+from util.logging import slogm, log
 
 def control_subst(preg_name):
     '''
@@ -55,10 +55,12 @@ class control:
         values = list()
 
         popen_call = ['/usr/sbin/control', self.control_name, 'list']
-        with subprocess.Popen(popen_call, stdout=subprocess.PIPE) as proc:
+        with subprocess.Popen(popen_call, stdout=subprocess.PIPE, stderr=subprocess.PIPE) as proc:
             values = proc.stdout.readline().decode('utf-8').split()
+            valErr = proc.stderr.readline().decode('utf-8')
+            if valErr:
+                raise ValueError(valErr)
             proc.wait()
-
         return values
 
     def _map_control_status(self, int_status):
@@ -68,7 +70,11 @@ class control:
         try:
             str_status = self.possible_values[int_status]
         except IndexError as exc:
-            logging.error(slogm('Error getting control ({}) value from {} by index {}'.format(self.control_name, self.possible_values, int_status)))
+            logdata = dict()
+            logdata['control'] = self.control_name
+            logdata['value from'] = self.possible_values
+            logdata['by index'] = int_status
+            log('E41', )
             str_status = None
 
         return str_status
@@ -93,20 +99,30 @@ class control:
         if type(self.control_value) == int:
             status = self._map_control_status(self.control_value)
             if status == None:
-                logging.error(slogm('\'{}\' is not in possible values for control {}'.format(self.control_value, self.control_name)))
+                logdata = dict()
+                logdata['control'] = self.control_name
+                logdata['inpossible values'] = self.self.control_value
+                log('E42', logdata)
                 return
         elif type(self.control_value) == str:
             if self.control_value not in self.possible_values:
-                logging.error(slogm('\'{}\' is not in possible values for control {}'.format(self.control_value, self.control_name)))
+                logdata = dict()
+                logdata['control'] = self.control_name
+                logdata['inpossible values'] = self.self.control_value
+                log('E59', logdata)
                 return
             status = self.control_value
-
-        logging.debug(slogm('Setting control {} to {}'.format(self.control_name, status)))
+        logdata = dict()
+        logdata['control'] = self.control_name
+        logdata['status'] = status
+        log('D68', logdata)
 
         try:
             popen_call = ['/usr/sbin/control', self.control_name, status]
             with subprocess.Popen(popen_call, stdout=subprocess.PIPE) as proc:
                 proc.wait()
         except:
-            logging.error(slogm('Unable to set {} to {}'.format(self.control_name, status)))
-
+            logdata = dict()
+            logdata['control'] = self.control_name
+            logdata['status'] = status
+            log('E43', logdata)

gpoa/frontend/appliers/folder.py

@@ -27,24 +27,25 @@ from gpt.folders import (
 from util.windows import expand_windows_var
 
 def remove_dir_tree(path, delete_files=False, delete_folder=False, delete_sub_folders=False):
+    content = list()
     for entry in path.iterdir():
-        if entry.is_file():
+        content.append(entry)
+        if entry.is_file() and delete_files:
             entry.unlink()
-        if entry.is_dir():
-            if delete_sub_folders:
-                remove_dir_tree(entry,
-                    delete_files,
-                    delete_folder,
-                    delete_sub_folders)
-
-    if delete_folder:
+            content.remove(entry)
+        if entry.is_dir() and delete_sub_folders:
+            content.remove(entry)
+            remove_dir_tree(entry, delete_files, delete_folder, delete_sub_folders)
+    if delete_folder and not content:
         path.rmdir()
 
+
 def str2bool(boolstr):
-    if boolstr.lower in ['true', 'yes', '1']:
+    if boolstr.lower() in ['true', 'yes', '1']:
         return True
     return False
 
+
 class Folder:
     def __init__(self, folder_object, username):
         self.folder_path = Path(expand_windows_var(folder_object.path, username).replace('\\', '/'))
@@ -57,10 +58,11 @@ class Folder:
         self.folder_path.mkdir(parents=True, exist_ok=True)
 
     def _delete_action(self):
-        remove_dir_tree(self.folder_path,
-            self.delete_files,
-            self.delete_folders,
-            self.delete_sub_folders)
+        if self.folder_path.exists():
+            remove_dir_tree(self.folder_path,
+                self.delete_files,
+                self.delete_folder,
+                self.delete_sub_folders)
 
     def act(self):
         if self.action == FileAction.CREATE:

gpoa/frontend/appliers/gsettings.py

@@ -21,7 +21,7 @@ import os
 import logging
 from gi.repository import Gio, GLib
 
-from util.logging import slogm
+from util.logging import slogm, log
 
 class system_gsetting:
     def __init__(self, schema, path, value, lock, helper_function=None):
@@ -59,18 +59,27 @@ class system_gsettings:
         self.override_file_path = override_file_path
 
     def append(self, schema, path, data, lock, helper):
-        self.gsettings.append(system_gsetting(schema, path, data, lock, helper))
+        if check_existing_gsettings(schema, path):
+            self.gsettings.append(system_gsetting(schema, path, data, lock, helper))
+        else:
+            logdata = dict()
+            logdata['schema'] = schema
+            logdata['path'] = path
+            logdata['data'] = data
+            logdata['lock'] = lock
+            log('D150', logdata)
 
     def apply(self):
         config = configparser.ConfigParser()
 
         for gsetting in self.gsettings:
+            logdata = dict()
+            logdata['gsetting.schema'] = gsetting.schema
+            logdata['gsetting.path'] = gsetting.path
+            logdata['gsetting.value'] = gsetting.value
+            logdata['gsetting.lock'] = gsetting.lock
             settings = Gio.Settings(schema=gsetting.schema)
-            logging.debug(slogm('Applying machine setting {}.{} to {} {}'.format(gsetting.schema,
-                                                                                 gsetting.path,
-                                                                                 gsetting.value,
-                                                                                 gsetting.value,
-                                                                                 'locked' if gsetting.lock else 'unlocked')))
+            log('D89', logdata)
             gsetting.apply(settings, config, self.locks)
 
         with open(self.override_file_path, 'w') as f:
@@ -114,6 +123,38 @@ def glib_value(schema, path, value, settings):
     # Build the new value with the determined type
     return glib_map(value, glib_value_type)
 
+def check_existing_gsettings (schema, path):
+    source = Gio.SettingsSchemaSource.get_default()
+    sourceSchema = (source.lookup(schema, False))
+    if bool(sourceSchema) and sourceSchema.has_key(path):
+        return True
+    else:
+        return False
+
+class user_gsettings:
+    def __init__(self):
+        self.gsettings = list()
+
+    def append(self, schema, path, value, helper=None):
+        if check_existing_gsettings(schema, path):
+            self.gsettings.append(user_gsetting(schema, path, value, helper))
+        else:
+            logdata = dict()
+            logdata['schema'] = schema
+            logdata['path'] = path
+            logdata['data'] = value
+            log('D151', logdata)
+
+    def apply(self):
+        for gsetting in self.gsettings:
+            logdata = dict()
+            logdata['gsetting.schema'] = gsetting.schema
+            logdata['gsetting.path'] = gsetting.path
+            logdata['gsetting.value'] = gsetting.value
+            log('D85', logdata)
+            gsetting.apply()
+
+
 class user_gsetting:
     def __init__(self, schema, path, value, helper_function=None):
         self.schema = schema

gpoa/frontend/appliers/polkit.py

@@ -20,7 +20,7 @@ import os
 import jinja2
 import logging
 
-from util.logging import slogm
+from util.logging import slogm, log
 
 class polkit:
     __template_path = '/usr/share/gpupdate/templates'
@@ -46,7 +46,13 @@ class polkit:
             with open(self.outfile, 'w') as f:
                 f.write(text)
 
-            logging.debug(slogm('Generated file {} with arguments {}'.format(self.outfile, self.args)))
+            logdata = dict()
+            logdata['file'] = self.outfile
+            logdata['arguments'] = self.args
+            log('D77', logdata)
         except Exception as exc:
-            logging.error(slogm('Unable to generate file {} from {}'.format(self.outfile, self.infilename)))
+            logdata = dict()
+            logdata['file'] = self.outfile
+            logdata['arguments'] = self.args
+            log('E44', logdata)
 

gpoa/frontend/appliers/systemd.py

@@ -19,7 +19,7 @@
 import dbus
 import logging
 
-from util.logging import slogm
+from util.logging import slogm, log
 
 class systemd_unit:
     def __init__(self, unit_name, state):
@@ -39,7 +39,9 @@ class systemd_unit:
             self.manager.UnmaskUnitFiles([self.unit_name], dbus.Boolean(False))
             self.manager.EnableUnitFiles([self.unit_name], dbus.Boolean(False), dbus.Boolean(True))
             self.manager.StartUnit(self.unit_name, 'replace')
-            logging.info(slogm('Starting systemd unit: {}'.format(self.unit_name)))
+            logdata = dict()
+            logdata['unit'] = self.unit_name
+            log('I6', logdata)
 
             # In case the service has 'RestartSec' property set it
             # switches to 'activating (auto-restart)' state instead of
@@ -47,17 +49,23 @@ class systemd_unit:
             service_state = self._get_state()
 
             if not service_state in ['active', 'activating']:
-                logging.error(slogm('Unable to start systemd unit {}'.format(self.unit_name)))
+                logdata = dict()
+                logdata['unit'] = self.unit_name
+                log('E46', logdata)
         else:
             self.manager.StopUnit(self.unit_name, 'replace')
             self.manager.DisableUnitFiles([self.unit_name], dbus.Boolean(False))
             self.manager.MaskUnitFiles([self.unit_name], dbus.Boolean(False), dbus.Boolean(True))
-            logging.info(slogm('Stopping systemd unit: {}'.format(self.unit_name)))
+            logdata = dict()
+            logdata['unit'] = self.unit_name
+            log('I6', logdata)
 
             service_state = self._get_state()
 
             if not service_state in ['stopped']:
-                logging.error(slogm('Unable to stop systemd unit {}'.format(self.unit_name)))
+                logdata = dict()
+                logdata['unit'] = self.unit_name
+                log('E46', logdata)
 
     def _get_state(self):
         '''

gpoa/frontend/chromium_applier.py

@@ -25,7 +25,7 @@ import logging
 import json
 import os
 
-from util.logging import slogm
+from util.logging import slogm, log
 from util.util import is_machine_name
 
 class chromium_applier(applier_frontend):
@@ -83,7 +83,10 @@ class chromium_applier(applier_frontend):
     def set_policy(self, name, obj):
         if obj:
             self.policies[name] = obj
-            logging.info(slogm('Chromium policy \'{}\' set to {}'.format(name, obj)))
+            logdata = dict()
+            logdata['name'] = name
+            logdata['set to'] = obj
+            log('I8', logdata)
 
     def set_user_policy(self, name, obj):
         '''
@@ -101,16 +104,24 @@ class chromium_applier(applier_frontend):
                 with open(prefpath, 'r') as f:
                     settings = json.load(f)
             except FileNotFoundError as exc:
-                logging.error(slogm('Chromium preferences file {} does not exist at the moment'.format(prefpath)))
+                logdata = dict()
+                logdata['prefpath'] = prefpath
+                log('E51', logdata)
             except:
-                logging.error(slogm('Error during attempt to read Chromium preferences for user {}'.format(self.username)))
+                logdata = dict()
+                logdata['username'] = self.username
+                log('E51', logdata)
 
             if obj:
                 settings[name] = obj
 
                 with open(prefpath, 'w') as f:
                     json.dump(settings, f)
-                logging.info(slogm('Set user ({}) property \'{}\' to {}'.format(self.username, name, obj)))
+                logdata = dict()
+                logdata['user'] = self.username
+                logdata['name'] = name
+                logdata['set to'] = obj
+                log('I9', logdata)
 
     def get_home_page(self, hkcu=False):
         response = self.get_hklm_string_entry('HomepageLocation')
@@ -130,7 +141,9 @@ class chromium_applier(applier_frontend):
         os.makedirs(self.__managed_policies_path, exist_ok=True)
         with open(destfile, 'w') as f:
             json.dump(self.policies, f)
-            logging.debug(slogm('Wrote Chromium preferences to {}'.format(destfile)))
+            logdata = dict()
+            logdata['destfile'] = destfile
+            log('D97', logdata)
 
     def user_apply(self):
         '''
@@ -143,10 +156,10 @@ class chromium_applier(applier_frontend):
         All actual job done here.
         '''
         if self.__module_enabled:
-            logging.debug(slogm('Running Chromium applier for machine'))
+            log('D95')
             self.machine_apply()
         else:
-            logging.debug(slogm('Chromium applier for machine will not be started'))
+            log('D96')
         #if not self._is_machine_name:
         #    logging.debug('Running user applier for Chromium')
         #    self.user_apply()

gpoa/frontend/cifs_applier.py

@@ -29,7 +29,7 @@ from .applier_frontend import (
 )
 from gpt.drives import json2drive
 from util.util import get_homedir
-from util.logging import slogm
+from util.logging import slogm, log
 
 def storage_get_drives(storage, sid):
     drives = storage.get_drives(sid)
@@ -157,8 +157,8 @@ class cifs_applier_user(applier_frontend):
 
     def admin_context_apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running CIFS applier for user in administrator context'))
+            log('D146')
             self.__admin_context_apply()
         else:
-            logging.debug(slogm('CIFS applier for user in administrator context will not be started'))
+            log('D147')
 

gpoa/frontend/control_applier.py

@@ -21,7 +21,7 @@ from .applier_frontend import (
     , check_enabled
 )
 from .appliers.control import control
-from util.logging import slogm
+from util.logging import slogm, log
 
 import logging
 
@@ -46,12 +46,27 @@ class control_applier(applier_frontend):
             valuename = setting.hive_key.rpartition('\\')[2]
             try:
                 self.controls.append(control(valuename, int(setting.data)))
-                logging.info(slogm('Working with control {}'.format(valuename)))
+                logdata = dict()
+                logdata['control'] = valuename
+                logdata['value'] = setting.data
+                log('I3', logdata)
             except ValueError as exc:
-                self.controls.append(control(valuename, setting.data))
-                logging.info(slogm('Working with control {} with string value'.format(valuename)))
+                try:
+                    ctl = control(valuename, setting.data)
+                except Exception as exc:
+                    logdata = {'Exception': exc}
+                    log('I3', logdata)
+                    continue
+                self.controls.append(ctl)
+                logdata = dict()
+                logdata['control'] = valuename
+                logdata['with string value'] = setting.data
+                log('I3', logdata)
             except Exception as exc:
-                logging.info(slogm('Unable to work with control {}: {}'.format(valuename, exc)))
+                logdata = dict()
+                logdata['control'] = valuename
+                logdata['exc'] = exc
+                log('E39', logdata)
         #for e in polfile.pol_file.entries:
         #    print('{}:{}:{}:{}:{}'.format(e.type, e.data, e.valuename, e.keyname))
         for cont in self.controls:
@@ -62,8 +77,7 @@ class control_applier(applier_frontend):
         Trigger control facility invocation.
         '''
         if self.__module_enabled:
-            logging.debug(slogm('Running Control applier for machine'))
+            log('D67')
             self.run()
         else:
-            logging.debug(slogm('Control applier for machine will not be started'))
-
+            log('E40')

gpoa/frontend/cups_applier.py

@@ -28,7 +28,7 @@ from .applier_frontend import (
 )
 from gpt.printers import json2printer
 from util.rpm import is_rpm_installed
-from util.logging import slogm
+from util.logging import slogm, log
 
 def storage_get_printers(storage, sid):
     '''
@@ -79,7 +79,7 @@ class cups_applier(applier_frontend):
 
     def run(self):
         if not is_rpm_installed('cups'):
-            logging.warning(slogm('CUPS is not installed: no printer settings will be deployed'))
+            log('W9')
             return
 
         self.cups_connection = cups.Connection()
@@ -94,10 +94,10 @@ class cups_applier(applier_frontend):
         Perform configuration of printer which is assigned to computer.
         '''
         if self.__module_enabled:
-            logging.debug(slogm('Running CUPS applier for machine'))
+            log('D113')
             self.run()
         else:
-            logging.debug(slogm('CUPS applier for machine will not be started'))
+            log('D114')
 
 class cups_applier_user(applier_frontend):
     __module_name = 'CUPSApplierUser'
@@ -123,7 +123,7 @@ class cups_applier_user(applier_frontend):
 
     def run(self):
         if not is_rpm_installed('cups'):
-            logging.warning(slogm('CUPS is not installed: no printer settings will be deployed'))
+            log('W9')
             return
 
         self.cups_connection = cups.Connection()
@@ -138,8 +138,8 @@ class cups_applier_user(applier_frontend):
         Perform printer configuration assigned for user.
         '''
         if self.__module_enabled:
-            logging.debug(slogm('Running CUPS applier for user in administrator context'))
+            log('D115')
             self.run()
         else:
-            logging.debug(slogm('CUPS applier for user in administrator context will not be started'))
+            log('D116')
 

gpoa/frontend/envvar_applier.py

@@ -21,7 +21,7 @@ from .applier_frontend import (
     , check_enabled
 )
 from .appliers.envvar import Envvar
-from util.logging import slogm
+from util.logging import slogm, log
 
 import logging
 
@@ -38,11 +38,11 @@ class envvar_applier(applier_frontend):
 
     def apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Envvar applier for machine'))
+            log('D134')
             ev = Envvar(self.envvars, 'root')
             ev.act()
         else:
-            logging.debug(slogm('Envvar applier for machine will not be started'))
+            log('D135')
 
 class envvar_applier_user(applier_frontend):
     __module_name = 'EnvvarsApplierUser'
@@ -61,9 +61,9 @@ class envvar_applier_user(applier_frontend):
 
     def user_context_apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Envvar applier for user in user context'))
+            log('D136')
             ev = Envvar(self.envvars, self.username)
             ev.act()
         else:
-            logging.debug(slogm('Envvar applier for user in user context will not be started'))
+            log('D137')
 

gpoa/frontend/firefox_applier.py

@@ -34,7 +34,7 @@ from .applier_frontend import (
       applier_frontend
     , check_enabled
 )
-from util.logging import slogm
+from util.logging import slogm, log
 from util.util import is_machine_name
 
 class firefox_applier(applier_frontend):
@@ -98,7 +98,10 @@ class firefox_applier(applier_frontend):
         '''
         if obj:
             self.policies[name] = obj
-            logging.info(slogm('Firefox policy \'{}\' set to {}'.format(name, obj)))
+            logdata = dict()
+            logdata['name'] = name
+            logdata['set to'] = obj
+            log('I7', logdata)
 
     def get_home_page(self):
         '''
@@ -136,7 +139,10 @@ class firefox_applier(applier_frontend):
         obj = self.get_boolean_config(name)
         if obj is not None:
             self.policies[name] = obj
-            logging.info(slogm('Firefox policy \'{}\' set to {}'.format(name, obj)))
+            logdata = dict()
+            logdata['name'] = name
+            logdata['set to'] = obj
+            log('I7', logdata)
 
     def machine_apply(self):
         '''
@@ -183,27 +189,34 @@ class firefox_applier(applier_frontend):
         os.makedirs(self.__firefox_installdir1, exist_ok=True)
         with open(destfile, 'w') as f:
             json.dump(self.policies_json, f)
-            logging.debug(slogm('Wrote Firefox preferences to {}'.format(destfile)))
+            logdata = dict()
+            logdata['destfile'] = destfile
+            log('D91', logdata)
 
         destfile = os.path.join(self.__firefox_installdir2, 'policies.json')
         os.makedirs(self.__firefox_installdir2, exist_ok=True)
         with open(destfile, 'w') as f:
             json.dump(self.policies_json, f)
-            logging.debug(slogm('Wrote Firefox preferences to {}'.format(destfile)))
+            logdata = dict()
+            logdata['destfile'] = destfile
+            log('D91', logdata)
 
     def user_apply(self):
         profiles = self.get_profiles()
 
         profiledir = os.path.join(util.get_homedir(self.username), self.__user_settings_dir)
         for profile in profiles:
-            logging.debug(slogm('Found Firefox profile in {}/{}'.format(profiledir, profile)))
+            logdata = dict()
+            logdata['profiledir'] = profiledir
+            logdata['profile'] = profile
+            log('D92', logdata)
 
     def apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Firefox applier for machine'))
+            log('D93')
             self.machine_apply()
         else:
-            logging.debug(slogm('Firefox applier for machine will not be started'))
+            log('D94')
         #if not self._is_machine_name:
         #    logging.debug('Running user applier for Firefox')
         #    self.user_apply()

gpoa/frontend/firewall_applier.py

@@ -20,7 +20,7 @@
 import logging
 import subprocess
 
-from util.logging import slogm
+from util.logging import slogm, log
 from .applier_frontend import (
       applier_frontend
     , check_enabled
@@ -52,14 +52,14 @@ class firewall_applier(applier_frontend):
 
     def apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Firewall applier for machine'))
+            log('D117')
             if '1' == self.firewall_enabled:
-                logging.debug(slogm('Firewall is enabled'))
+                log('D118')
                 self.run()
             else:
-                logging.debug(slogm('Firewall is disabled, settings will be reset'))
+                log('D119')
                 proc = subprocess.Popen(self.__firewall_reset_cmd)
                 proc.wait()
         else:
-            logging.debug(slogm('Firewall applier will not be started'))
+            log('D120')
 

gpoa/frontend/folder_applier.py

@@ -23,8 +23,9 @@ from .applier_frontend import (
     , check_enabled
 )
 from .appliers.folder import Folder
-from util.logging import slogm
-
+from util.logging import slogm, log
+from util.windows import expand_windows_var
+import re
 import logging
 
 class folder_applier(applier_frontend):
@@ -40,12 +41,17 @@ class folder_applier(applier_frontend):
 
     def apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Folder applier for machine'))
+            log('D107')
             for directory_obj in self.folders:
+                check = expand_windows_var(directory_obj.path).replace('\\', '/')
+                win_var = re.findall(r'%.+?%', check)
+                drive = re.findall(r'^[a-z A-Z]\:',check)
+                if drive or win_var:
+                    continue
                 fld = Folder(directory_obj)
                 fld.action()
         else:
-            logging.debug(slogm('Folder applier for machine will not be started'))
+            log('D108')
 
 class folder_applier_user(applier_frontend):
     __module_name = 'FoldersApplierUser'
@@ -65,20 +71,25 @@ class folder_applier_user(applier_frontend):
 
     def run(self):
         for directory_obj in self.folders:
+            check = expand_windows_var(directory_obj.path, self.username).replace('\\', '/')
+            win_var = re.findall(r'%.+?%', check)
+            drive = re.findall(r'^[a-z A-Z]\:',check)
+            if drive or win_var:
+                continue
             fld = Folder(directory_obj, self.username)
             fld.act()
 
     def admin_context_apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Folder applier for user in administrator context'))
+            log('D109')
             self.run()
         else:
-            logging.debug(slogm('Folder applier for user in administrator context will not be started'))
+            log('D110')
 
     def user_context_apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Folder applier for user in user context'))
+            log('D111')
             self.run()
         else:
-            logging.debug(slogm('Folder applier for user administrator context will not be started'))
+            log('D112')
 

gpoa/frontend/gsettings_applier.py

@@ -33,9 +33,9 @@ from .applier_frontend import (
 )
 from .appliers.gsettings import (
     system_gsettings,
-    user_gsetting
+    user_gsettings
 )
-from util.logging import slogm
+from util.logging import slogm ,log
 
 def uri_fetch(schema, path, value, cache):
     '''
@@ -49,7 +49,7 @@ def uri_fetch(schema, path, value, cache):
     try:
         retval = cache.get(value)
         logdata['dst'] = retval
-        logging.debug(slogm('Getting cached file for URI: {}'.format(logdata)))
+        log('D90', logdata)
     except Exception as exc:
         pass
 
@@ -91,7 +91,7 @@ class gsettings_applier(applier_frontend):
         except Exception as exc:
             logdata = dict()
             logdata['exception'] = str(exc)
-            logging.debug(slogm('Unable to cache specified URI for machine: {}'.format(logdata)))
+            log('D145', logdata)
 
     def uri_fetch_helper(self, schema, path, value):
         return uri_fetch(schema, path, value, self.file_cache)
@@ -103,7 +103,7 @@ class gsettings_applier(applier_frontend):
 
         # Cleanup settings from previous run
         if os.path.exists(self.override_file):
-            logging.debug(slogm('Removing GSettings policy file from previous run'))
+            log('D82')
             os.remove(self.override_file)
 
         # Get all configured gsettings locks
@@ -134,20 +134,20 @@ class gsettings_applier(applier_frontend):
         try:
             proc = subprocess.run(args=['/usr/bin/glib-compile-schemas', self.__global_schema], capture_output=True, check=True)
         except Exception as exc:
-            logging.debug(slogm('Error recompiling global GSettings schemas'))
+            log('E48')
 
         # Update desktop configuration system backend
         try:
             proc = subprocess.run(args=['/usr/bin/dconf', "update"], capture_output=True, check=True)
         except Exception as exc:
-            logging.debug(slogm('Error update desktop configuration system backend'))
+            log('E49')
 
     def apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running GSettings applier for machine'))
+            log('D80')
             self.run()
         else:
-            logging.debug(slogm('GSettings applier for machine will not be started'))
+            log('D81')
 
 class GSettingsMapping:
     def __init__(self, hive_key, gsettings_schema, gsettings_key):
@@ -165,7 +165,7 @@ class GSettingsMapping:
             logdata['hive_key'] = self.hive_key
             logdata['gsettings_schema'] = self.gsettings_schema
             logdata['gsettings_key'] = self.gsettings_key
-            logging.warning(slogm('Unable to resolve GSettings parameter {}.{}'.format(self.gsettings_schema, self.gsettings_key)))
+            log('W6', logdata)
 
     def preg2gsettings(self):
         '''
@@ -195,8 +195,8 @@ class gsettings_applier_user(applier_frontend):
         self.username = username
         gsettings_filter = '{}%'.format(self.__registry_branch)
         self.gsettings_keys = self.storage.filter_hkcu_entries(self.sid, gsettings_filter)
-        self.gsettings = list()
-        self.__module_enabled = check_enabled(self.storage, self.__module_name, self.__module_enabled)
+        self.gsettings = user_gsettings()
+        self.__module_enabled = check_enabled(self.storage, self.__module_name, self.__module_experimental)
         self.__windows_mapping_enabled = check_windows_mapping_enabled(self.storage)
 
         self.__windows_settings = dict()
@@ -237,10 +237,13 @@ class gsettings_applier_user(applier_frontend):
         for setting_key in self.__windows_settings.keys():
             value = self.storage.get_hkcu_entry(self.sid, setting_key)
             if value:
-                logging.debug(slogm('Found GSettings windows mapping {} to {}'.format(setting_key, value.data)))
+                logdata = dict()
+                logdata['setting_key'] = setting_key
+                logdata['value.data'] = value.data
+                log('D86', logdata)
                 mapping = self.__windows_settings[setting_key]
                 try:
-                    self.gsettings.append(user_gsetting(mapping.gsettings_schema, mapping.gsettings_key, value.data))
+                    self.gsettings.append(mapping.gsettings_schema, mapping.gsettings_key, value.data)
                 except Exception as exc:
                     print(exc)
 
@@ -258,10 +261,10 @@ class gsettings_applier_user(applier_frontend):
 
         # Calculate all mapped gsettings if mapping enabled
         if self.__windows_mapping_enabled:
-            logging.debug(slogm('Mapping Windows policies to GSettings policies'))
+            log('D83')
             self.windows_mapping_append()
         else:
-            logging.debug(slogm('GSettings windows policies mapping not enabled'))
+            log('D84')
 
         # Calculate all configured gsettings
         for setting in self.gsettings_keys:
@@ -273,21 +276,17 @@ class gsettings_applier_user(applier_frontend):
             helper = self.uri_fetch_helper if setting.hive_key.lower() == self.__wallpaper_entry.lower() else None
             if setting.hive_key.lower() == self.__vino_authentication_methods_entry.lower():
                 data = [setting.data]
-            self.gsettings.append(user_gsetting(schema, path, data, helper))
+            self.gsettings.append(schema, path, data, helper)
 
         # Create GSettings policy with highest available priority
-        for gsetting in self.gsettings:
-            logging.debug(slogm('Applying user setting {}.{} to {}'.format(gsetting.schema,
-                                                                           gsetting.path,
-                                                                           gsetting.value)))
-            gsetting.apply()
+        self.gsettings.apply()
 
     def user_context_apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running GSettings applier for user in user context'))
+            log('D87')
             self.run()
         else:
-            logging.debug(slogm('GSettings applier for user in user context will not be started'))
+            log('D88')
 
     def admin_context_apply(self):
         # Cache files on remote locations
@@ -299,5 +298,6 @@ class gsettings_applier_user(applier_frontend):
         except Exception as exc:
             logdata = dict()
             logdata['exception'] = str(exc)
-            logging.debug(slogm('Unable to cache specified URI for user: {}'.format(logdata)))
+            log('E50', logdata)
+
 

gpoa/frontend/ntp_applier.py

@@ -26,7 +26,7 @@ from .applier_frontend import (
       applier_frontend
     , check_enabled
 )
-from util.logging import slogm
+from util.logging import slogm, log
 
 
 class NTPServerType(Enum):
@@ -77,20 +77,24 @@ class ntp_applier(applier_frontend):
         srv = None
         if server:
             srv = server.data.rpartition(',')[0]
-            logging.debug(slogm('NTP server is configured to {}'.format(srv)))
+            logdata = dict()
+            logdata['srv'] = srv
+            log('D122', logdata)
 
         start_command = ['/usr/bin/systemctl', 'start', 'chronyd']
         chrony_set_server = ['/usr/bin/chronyc', 'add', 'server', srv]
         chrony_disconnect_all = ['/usr/bin/chronyc', 'offline']
         chrony_connect = ['/usr/bin/chronyc', 'online', srv]
 
-        logging.debug(slogm('Starting Chrony daemon'))
+        log('D123')
 
         proc = subprocess.Popen(start_command)
         proc.wait()
 
         if srv:
-            logging.debug(slogm('Setting reference NTP server to {}'.format(srv)))
+            logdata = dict()
+            logdata['srv'] = srv
+            log('D124', logdata)
 
             proc = subprocess.Popen(chrony_disconnect_all)
             proc.wait()
@@ -103,9 +107,7 @@ class ntp_applier(applier_frontend):
 
     def _stop_chrony_client(self):
         stop_command = ['/usr/bin/systemctl', 'stop', 'chronyd']
-
-        logging.debug(slogm('Stopping Chrony daemon'))
-
+        log('D125')
         proc = subprocess.Popen(stop_command)
         proc.wait()
 
@@ -116,32 +118,34 @@ class ntp_applier(applier_frontend):
         ntp_client_enabled = self.storage.get_hklm_entry(self.ntp_client_enabled)
 
         if NTPServerType.NTP.value != server_type.data:
-            logging.warning(slogm('Unsupported NTP server type: {}'.format(server_type)))
+            logdata = dict()
+            logdata['server_type'] = server_type
+            log('W10', logdata)
         else:
-            logging.debug(slogm('Configuring NTP server...'))
+            log('D126')
             if '1' == ntp_server_enabled.data:
-                logging.debug(slogm('NTP server is enabled'))
+                log('D127')
                 self._start_chrony_client(server_address)
                 self._chrony_as_server()
             elif '0' == ntp_server_enabled.data:
-                logging.debug(slogm('NTP server is disabled'))
+                log('D128')
                 self._chrony_as_client()
             else:
-                logging.debug(slogm('NTP server is not configured'))
+                log('D129')
 
             if '1' == ntp_client_enabled.data:
-                logging.debug(slogm('NTP client is enabled'))
+                log('D130')
                 self._start_chrony_client()
             elif '0' == ntp_client_enabled.data:
-                logging.debug(slogm('NTP client is disabled'))
+                log('D131')
                 self._stop_chrony_client()
             else:
-                logging.debug(slogm('NTP client is not configured'))
+                log('D132')
 
     def apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running NTP applier for machine'))
+            log('D121')
             self.run()
         else:
-            logging.debug(slogm('NTP applier for machine will not be started'))
+            log('D133')
 

gpoa/frontend/package_applier.py

@@ -17,7 +17,8 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import logging
-from util.logging import slogm
+import subprocess
+from util.logging import slogm, log
 from util.rpm import (
       update
     , install_rpm
@@ -35,6 +36,7 @@ class package_applier(applier_frontend):
     __module_enabled = False
     __install_key_name = 'Install'
     __remove_key_name = 'Remove'
+    __sync_key_name = 'Sync'
     __hklm_branch = 'Software\\BaseALT\\Policies\\Packages'
 
     def __init__(self, storage):
@@ -42,37 +44,49 @@ class package_applier(applier_frontend):
  
         install_branch = '{}\\{}%'.format(self.__hklm_branch, self.__install_key_name)
         remove_branch = '{}\\{}%'.format(self.__hklm_branch, self.__remove_key_name)
-
+        sync_branch = '{}\\{}%'.format(self.__hklm_branch, self.__sync_key_name)
+        self.fulcmd = list()
+        self.fulcmd.append('/usr/libexec/gpupdate/pkcon_runner')
+        self.fulcmd.append('--loglevel')
+        logger = logging.getLogger()
+        self.fulcmd.append(str(logger.level))
         self.install_packages_setting = self.storage.filter_hklm_entries(install_branch)
         self.remove_packages_setting = self.storage.filter_hklm_entries(remove_branch)
+        self.sync_packages_setting = self.storage.filter_hklm_entries(sync_branch)
+        self.flagSync = True
 
         self.__module_enabled = check_enabled(
               self.storage
             , self.__module_name
             , self.__module_experimental
         )
-
     def run(self):
-        if 0 < self.install_packages_setting.count() or 0 < self.remove_packages_setting.count():
-            update()
-            for package in self.install_packages_setting:
-                try:
-                    install_rpm(package.data)
-                except Exception as exc:
-                    logging.error(exc)
+        for flag in self.sync_packages_setting:
+            if flag.data:
+                self.flagSync = bool(int(flag.data))
 
-            for package in self.remove_packages_setting:
+        if 0 < self.install_packages_setting.count() or 0 < self.remove_packages_setting.count():
+            if self.flagSync:
                 try:
-                    remove_rpm(package.data)
+                    subprocess.check_call(self.fulcmd)
                 except Exception as exc:
-                    logging.error(exc)
+                    logdata = dict()
+                    logdata['msg'] = str(exc)
+                    log('E55', logdata)
+            else:
+                try:
+                    subprocess.Popen(self.fulcmd,close_fds=False)
+                except Exception as exc:
+                    logdata = dict()
+                    logdata['msg'] = str(exc)
+                    log('E61', logdata)
 
     def apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Package applier for machine'))
+            log('D138')
             self.run()
         else:
-            logging.debug(slogm('Package applier for machine will not be started'))
+            log('D139')
 
 
 class package_applier_user(applier_frontend):
@@ -81,18 +95,29 @@ class package_applier_user(applier_frontend):
     __module_enabled = False
     __install_key_name = 'Install'
     __remove_key_name = 'Remove'
+    __sync_key_name = 'Sync'
     __hkcu_branch = 'Software\\BaseALT\\Policies\\Packages'
 
     def __init__(self, storage, sid, username):
         self.storage = storage
         self.sid = sid
         self.username = username
+        self.fulcmd = list()
+        self.fulcmd.append('/usr/libexec/gpupdate/pkcon_runner')
+        self.fulcmd.append('--sid')
+        self.fulcmd.append(self.sid)
+        self.fulcmd.append('--loglevel')
+        logger = logging.getLogger()
+        self.fulcmd.append(str(logger.level))
 
         install_branch = '{}\\{}%'.format(self.__hkcu_branch, self.__install_key_name)
         remove_branch = '{}\\{}%'.format(self.__hkcu_branch, self.__remove_key_name)
+        sync_branch = '{}\\{}%'.format(self.__hkcu_branch, self.__sync_key_name)
 
         self.install_packages_setting = self.storage.filter_hkcu_entries(self.sid, install_branch)
         self.remove_packages_setting = self.storage.filter_hkcu_entries(self.sid, remove_branch)
+        self.sync_packages_setting = self.storage.filter_hkcu_entries(self.sid, sync_branch)
+        self.flagSync = False
 
         self.__module_enabled = check_enabled(self.storage, self.__module_name, self.__module_enabled)
 
@@ -103,19 +128,25 @@ class package_applier_user(applier_frontend):
         pass
 
     def run(self):
-        if 0 < self.install_packages_setting.count() or 0 < self.remove_packages_setting.count():
-            update()
-            for package in self.install_packages_setting:
-                try:
-                    install_rpm(package.data)
-                except Exception as exc:
-                    logging.debug(exc)
+        for flag in self.sync_packages_setting:
+            if flag.data:
+                self.flagSync = bool(int(flag.data))
 
-            for package in self.remove_packages_setting:
+        if 0 < self.install_packages_setting.count() or 0 < self.remove_packages_setting.count():
+            if self.flagSync:
                 try:
-                    remove_rpm(package.data)
+                    subprocess.check_call(self.fulcmd)
                 except Exception as exc:
-                    logging.debug(exc)
+                    logdata = dict()
+                    logdata['msg'] = str(exc)
+                    log('E60', logdata)
+            else:
+                try:
+                    subprocess.Popen(self.fulcmd,close_fds=False)
+                except Exception as exc:
+                    logdata = dict()
+                    logdata['msg'] = str(exc)
+                    log('E62', logdata)
 
     def admin_context_apply(self):
         '''
@@ -123,8 +154,8 @@ class package_applier_user(applier_frontend):
         which computer he uses to log into system.
         '''
         if self.__module_enabled:
-            logging.debug(slogm('Running Package applier for user in administrator context'))
+            log('D140')
             self.run()
         else:
-            logging.debug(slogm('Package applier for user in administrator context will not be started'))
+            log('D141')
 

gpoa/frontend/polkit_applier.py

@@ -21,7 +21,7 @@ from .applier_frontend import (
     , check_enabled
 )
 from .appliers.polkit import polkit
-from util.logging import slogm
+from util.logging import slogm, log
 
 import logging
 
@@ -41,10 +41,12 @@ class polkit_applier(applier_frontend):
         template_file = self.__polkit_map[self.__deny_all][0]
         template_vars = self.__polkit_map[self.__deny_all][1]
         if deny_all:
-            logging.debug(slogm('Deny_All setting found: {}'.format(deny_all.data)))
+            logdata = dict()
+            logdata['Deny_All'] = deny_all.data
+            log('D69', logdata)
             self.__polkit_map[self.__deny_all][1]['Deny_All'] = deny_all.data
         else:
-            logging.debug(slogm('Deny_All setting not found'))
+            log('D71')
         self.policies = []
         self.policies.append(polkit(template_file, template_vars))
         self.__module_enabled = check_enabled(
@@ -58,11 +60,11 @@ class polkit_applier(applier_frontend):
         Trigger control facility invocation.
         '''
         if self.__module_enabled:
-            logging.debug(slogm('Running Polkit applier for machine'))
+            log('D73')
             for policy in self.policies:
                 policy.generate()
         else:
-            logging.debug(slogm('Polkit applier for machine will not be started'))
+            log('D75')
 
 class polkit_applier_user(applier_frontend):
     __module_name = 'PolkitApplierUser'
@@ -83,11 +85,14 @@ class polkit_applier_user(applier_frontend):
         template_file = self.__polkit_map[self.__deny_all][0]
         template_vars = self.__polkit_map[self.__deny_all][1]
         if deny_all:
-            logging.debug(slogm('Deny_All setting for user {} found: {}'.format(self.username, deny_all.data)))
+            logdata = dict()
+            logdata['user'] = self.username
+            logdata['Deny_All'] = deny_all.data
+            log('D70', logdata)
             self.__polkit_map[self.__deny_all][1]['Deny_All'] = deny_all.data
             self.__polkit_map[self.__deny_all][1]['User'] = self.username
         else:
-            logging.debug(slogm('Deny_All setting not found'))
+            log('D72')
         self.policies = []
         self.policies.append(polkit(template_file, template_vars, self.username))
         self.__module_enabled = check_enabled(
@@ -104,9 +109,10 @@ class polkit_applier_user(applier_frontend):
         Trigger control facility invocation.
         '''
         if self.__module_enabled:
-            logging.debug(slogm('Running Polkit applier for user in administrator context'))
+            log('D74')
             for policy in self.policies:
                 policy.generate()
         else:
-            logging.debug(slogm('Polkit applier for user in administrator context will not be started'))
+            log('D76')
+
 

gpoa/frontend/shortcut_applier.py

@@ -25,7 +25,7 @@ from .applier_frontend import (
 )
 from gpt.shortcuts import json2sc
 from util.windows import expand_windows_var
-from util.logging import slogm
+from util.logging import slogm, log
 from util.util import (
         get_homedir,
         homedir_exists
@@ -55,8 +55,10 @@ def apply_shortcut(shortcut, username=None):
     dest_abspath = shortcut.dest
     if not dest_abspath.startswith('/') and not dest_abspath.startswith('%'):
         dest_abspath = '%HOME%/' + dest_abspath
-
-    logging.debug(slogm('Try to expand path for shortcut: {} for {}'.format(dest_abspath, username)))
+    logdata = dict()
+    logdata['shortcut'] = dest_abspath
+    logdata['for'] = username
+    log('D105', logdata)
     dest_abspath = expand_windows_var(dest_abspath, username).replace('\\', '/') + '.desktop'
 
     # Check that we're working for user, not on global system level
@@ -66,21 +68,33 @@ def apply_shortcut(shortcut, username=None):
         if dest_abspath.startswith(get_homedir(username)):
             # Don't try to operate on non-existent directory
             if not homedir_exists(username):
-                logging.warning(slogm('No home directory exists for user {}: will not apply link {}'.format(username, dest_abspath)))
+                logdata = dict()
+                logdata['user'] = username
+                logdata['dest_abspath'] = dest_abspath
+                log('W7', logdata)
                 return None
         else:
-            logging.warning(slogm('User\'s shortcut not placed to home directory for {}: bad path {}'.format(username, dest_abspath)))
+            logdata = dict()
+            logdata['user'] = username
+            logdata['bad path'] = dest_abspath
+            log('W8', logdata)
             return None
 
     if '%' in dest_abspath:
-        logging.debug(slogm('Fail for applying shortcut to file with \'%\': {}'.format(dest_abspath)))
+        logdata = dict()
+        logdata['dest_abspath'] = dest_abspath
+        log('E53', logdata)
         return None
 
     if not dest_abspath.startswith('/'):
-        logging.debug(slogm('Fail for applying shortcut to not absolute path \'%\': {}'.format(dest_abspath)))
+        logdata = dict()
+        logdata['dest_abspath'] = dest_abspath
+        log('E54', logdata)
         return None
-
-    logging.debug(slogm('Applying shortcut file to {} with action {}'.format(dest_abspath, shortcut.action)))
+    logdata = dict()
+    logdata['file'] = dest_abspath
+    logdata['with_action'] = shortcut.action
+    log('D106', logdata)
     shortcut.apply_desktop(dest_abspath)
 
 class shortcut_applier(applier_frontend):
@@ -108,14 +122,16 @@ class shortcut_applier(applier_frontend):
                 # /usr/local/share/applications
                 subprocess.check_call(['/usr/bin/update-desktop-database'])
         else:
-            logging.debug(slogm('No shortcuts to process for {}'.format(self.storage.get_info('machine_sid'))))
+            logdata = dict()
+            logdata['machine_sid'] = self.storage.get_info('machine_sid')
+            log('D100', logdata)
 
     def apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Shortcut applier for machine'))
+            log('D98')
             self.run()
         else:
-            logging.debug(slogm('Shortcut applier for machine will not be started'))
+            log('D99')
 
 class shortcut_applier_user(applier_frontend):
     __module_name = 'ShortcutsApplierUser'
@@ -137,19 +153,21 @@ class shortcut_applier_user(applier_frontend):
                 if not in_usercontext and not sc.is_usercontext():
                     apply_shortcut(sc, self.username)
         else:
-            logging.debug(slogm('No shortcuts to process for {}'.format(self.sid)))
+            logdata = dict()
+            logdata['sid'] = self.sid
+            log('D100', logdata)
 
     def user_context_apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Shortcut applier for user in user context'))
+            log('D101')
             self.run(True)
         else:
-            logging.debug(slogm('Shortcut applier for user in user context will not be started'))
+            log('D102')
 
     def admin_context_apply(self):
         if self.__module_enabled:
-            logging.debug(slogm('Running Shortcut applier for user in administrator context'))
+            log('D103')
             self.run(False)
         else:
-            logging.debug(slogm('Shortcut applier for user in administrator context will not be started'))
+            log('D104')
 

gpoa/frontend/systemd_applier.py

@@ -21,7 +21,7 @@ from .applier_frontend import (
     , check_enabled
 )
 from .appliers.systemd import systemd_unit
-from util.logging import slogm
+from util.logging import slogm, log
 
 import logging
 
@@ -46,24 +46,31 @@ class systemd_applier(applier_frontend):
             valuename = setting.hive_key.rpartition('\\')[2]
             try:
                 self.units.append(systemd_unit(valuename, int(setting.data)))
-                logging.info(slogm('Working with systemd unit {}'.format(valuename)))
+                logdata = dict()
+                logdata['unit'] = format(valuename)
+                log('I4', logdata)
             except Exception as exc:
-                logging.info(slogm('Unable to work with systemd unit {}: {}'.format(valuename, exc)))
+                logdata = dict()
+                logdata['unit'] = format(valuename)
+                logdata['exc'] = exc
+                log('I5', logdata)
         for unit in self.units:
             try:
                 unit.apply()
             except:
-                logging.error(slogm('Failed applying unit {}'.format(unit.unit_name)))
+                logdata = dict()
+                logdata['unit'] = unit.unit_name
+                log('E45', logdata)
 
     def apply(self):
         '''
         Trigger control facility invocation.
         '''
         if self.__module_enabled:
-            logging.debug(slogm('Running systemd applier for machine'))
+            log('D78')
             self.run()
         else:
-            logging.debug(slogm('systemd applier for machine will not be started'))
+            log('D79')
 
 class systemd_applier_user(applier_frontend):
     __module_name = 'SystemdApplierUser'

gpoa/gpt/folders.py

@@ -50,7 +50,7 @@ def folder_int2bool(val):
     if type(value) == str:
         value = int(value)
 
-    if value == 0:
+    if value == 1:
         return True
 
     return False

gpoa/gpupdate

@@ -74,6 +74,10 @@ def parse_cli_arguments():
         default=None,
         type=str,
         help='Specify if it is needed to update user\'s or computer\'s policies')
+    argparser.add_argument('--loglevel',
+        type=int,
+        default=5,
+        help='Set logging verbosity level')
 
     return argparser.parse_args()
 
@@ -99,7 +103,7 @@ def runner_factory(args, target):
         # itself (os.getusername()).
         username = pwd.getpwuid(os.getuid()).pw_name
         if args.user != username:
-            logdata = dict({'username': args.user})
+            logdata = dict({'username': username})
             log('W2', logdata)
 
     if is_oddjobd_gpupdate_accessible():
@@ -134,7 +138,7 @@ def main():
     locale.bindtextdomain('gpoa', '/usr/lib/python3/site-packages/gpoa/locale')
     gettext.bindtextdomain('gpoa', '/usr/lib/python3/site-packages/gpoa/locale')
     gettext.textdomain('gpoa')
-    set_loglevel(0)
+    set_loglevel(args.loglevel)
     gpo_appliers = runner_factory(args, process_target(args.target))
 
     if gpo_appliers:

gpoa/locale/ru_RU/LC_MESSAGES/gpoa.po

@@ -41,6 +41,27 @@ msgstr "Получен объект групповой политики"
 msgid "Unknown info code"
 msgstr "Неизвестный код информационного сообщения"
 
+msgid "Working with control"
+msgstr "Применение настроек control"
+
+msgid "Working with systemd"
+msgstr "Работа с systemd"
+
+msgid "Unable to work with systemd unit"
+msgstr "Невозможно создать оъект для unit systemd"
+
+msgid "Starting systemd unit"
+msgstr "Запуск unit systemd"
+
+msgid "Firefox policy"
+msgstr "Политика Firefox"
+
+msgid "Chromium policy"
+msgstr "Политика Chromium"
+
+msgid "Set user property to"
+msgstr "Установка свойств  для пользователя"
+
 # Error
 msgid "Insufficient permissions to run gpupdate"
 msgstr "Недостаточно прав для запуска gpupdate"
@@ -132,6 +153,77 @@ msgstr "Ошибка слияния пользовательской части
 msgid "Unknown error code"
 msgstr "Неизвестный код ошибки"
 
+msgid "Unable to work with control"
+msgstr "Не удалось применить настройки control"
+
+msgid "Control applier for machine will not be started"
+msgstr "Приминение Control для машины не удалось"
+
+msgid "Error getting control"
+msgstr "Ошибка установки control"
+
+msgid "Is not in possible values for control"
+msgstr "Не входит в возможные значения для control"
+
+msgid "Unable to set"
+msgstr "Невозможно установить"
+
+msgid "Unable to generate file"
+msgstr "Невозможно создать файл"
+
+msgid "Failed applying unit"
+msgstr "Не удалось применить настройки"
+
+msgid "Unable to start systemd unit"
+msgstr "Невозможно запустить systemd unit"
+
+msgid "Unable to cache specified URI"
+msgstr "Невозможно кэшировать указанный URI"
+
+msgid "Unable to cache specified URI for machine"
+msgstr "Невозможно кэшировать указанный URI для компьютера"
+
+msgid "Error recompiling global GSettings schemas"
+msgstr "Ошибка перекомпиляции глобальных GSettings schemas"
+
+msgid "Error update configuration dconf"
+msgstr "Ошибка обновления конфигурации dconf"
+
+msgid "Unable to cache specified URI for user"
+msgstr "Невозможно кэшировать указанный URI для пользователя"
+
+msgid "Chromium preferences file does not exist at the moment"
+msgstr "Файл настроек Chromium в данный момент не существует"
+
+msgid "Error during attempt to read Chromium preferences for user"
+msgstr "Ошибка при попытке прочитать настройки Chromium для пользователя"
+
+msgid "Fail for applying shortcut to file with %"
+msgstr "Не удалось применить ярлык к файлу с %"
+
+msgid "Fail for applying shortcut to not absolute path"
+msgstr "Не удалось применить ярлык к не абсолютному пути"
+
+msgid "Error running pkcon_runner sync for machine"
+msgstr "Ошибка при запуске pkcon_runner синхронно для компьютера"
+
+msgid "Package install error"
+msgstr "Ошибка установки пакета"
+
+msgid "Package remove error"
+msgstr "Ошибка удаления пакета"
+
+msgid "Error running pkcon_runner sync for user"
+msgstr "Ошибка при запуске pkcon_runner синхронно для пользователя"
+
+msgid "Error running pkcon_runner async for machine"
+msgstr "Ошибка при запуске pkcon_runner асинхронно для компьютера"
+
+msgid "Error running pkcon_runner async for user"
+msgstr "Ошибка при запуске pkcon_runner асинхронно для пользователя"
+
+# Error_end
+
 # Debug
 msgid "The GPOA process was started for user"
 msgstr "Произведён запуск GPOA для обновления политик пользователя"
@@ -295,6 +387,275 @@ msgstr "Сохранение информации о переменных окр
 msgid "Unknown debug code"
 msgstr "Неизвестный отладочный код"
 
+msgid "Running Control applier for machine"
+msgstr "Начато применение Control для машины"
+
+msgid "Setting control"
+msgstr "Установка control"
+
+msgid "Deny_All setting found"
+msgstr "Deny_All настройка найдена"
+
+msgid "Deny_All setting for user"
+msgstr "Deny_All настройка для пользователя"
+
+msgid "Deny_All setting not found"
+msgstr "Deny_All настройка не найдена"
+
+msgid "Deny_All setting not found for user"
+msgstr "Deny_All настройка не найдена для пользователя"
+
+msgid "Running Polkit applier for machine"
+msgstr "Начато применение настроек Polkit для машины"
+
+msgid "Running Polkit applier for user in administrator context"
+msgstr "Начато применение настроек Polkit пользователя в контексте администратора"
+
+msgid "Polkit applier for machine will not be started"
+msgstr "Polkit для машины не запускается"
+
+msgid "Polkit applier for user in administrator context will not be started"
+msgstr "Polkit для пользователя в контексте администратора не запускается"
+
+msgid "Generated file"
+msgstr "Созданный файл"
+
+msgid "Running systemd applier for machine"
+msgstr "Начато применение настроек systemd для машины"
+
+msgid "Running systemd applier for machine will not be started"
+msgstr "Применение настроек systemd для машины не удалось"
+
+msgid "Running GSettings applier for machine"
+msgstr "Запуск применение настроек GSettings для машины"
+
+msgid "GSettings applier for machine will not be started"
+msgstr "Применение настроек GSettings для машины не удалось"
+
+msgid "Removing GSettings policy file from previous run"
+msgstr "Удаление файла политики GSettings от предыдущего запуска"
+
+msgid "Mapping Windows policies to GSettings policies"
+msgstr "Сопоставление политик Windows с политиками GSettings"
+
+msgid "GSettings windows policies mapping not enabled"
+msgstr "Сопоставление политик Windows GSettings не включено"
+
+msgid "Applying user setting"
+msgstr "Применение пользовательских настроек"
+
+msgid "Found GSettings windows mapping"
+msgstr "Найдены соответствия настроек windows-GSettings"
+
+msgid "Running GSettings applier for user in user context"
+msgstr "Запуск применение настроек GSettings в контексте пользователя"
+
+msgid "GSettings applier for user in user context will not be started"
+msgstr "GSettings в контексте пользователя не запускается"
+
+msgid "Applying machine setting"
+msgstr "Применение настроек машины"
+
+msgid "Path not resolved as UNC URI"
+msgstr "Путь не разрешен"
+
+msgid "Getting cached file for URI"
+msgstr "Получение кешированного файла для URI"
+
+msgid "Wrote Firefox preferences to"
+msgstr "Настройки Firefox записаны в"
+
+msgid "Found Firefox profile in"
+msgstr "Найден профиль Firefox в"
+
+msgid "Running Firefox applier for machine"
+msgstr "Запуск применение настроек Firefox для машины"
+
+msgid "Firefox applier for machine will not be started"
+msgstr "Применение настроек Firefox для компьютера не запускается"
+
+msgid "Running Chromium applier for machine"
+msgstr "Запуск применение настроек Chromium для машины"
+
+msgid "Chromium applier for machine will not be started"
+msgstr "Применение настроек Chromium для компьютера не запускается"
+
+msgid "Wrote Chromium preferences to"
+msgstr "Настройки Chromium записаны в"
+
+msgid "Running Shortcut applier for machine"
+msgstr "Запуск применение ярлыков для машины"
+
+msgid "Shortcut applier for machine will not be started"
+msgstr "Применение ярлыков для компьютера не запускается"
+
+msgid "No shortcuts to process for"
+msgstr "Нет ярлыков для обработки"
+
+msgid "Running Shortcut applier for user in user context"
+msgstr "Запуск применение ярлыков  в контексте пользователя"
+
+msgid "Shortcut applier for user in user context will not be started"
+msgstr "Применение ярлыков в контексте пользователя не запускается"
+
+msgid "Running Shortcut applier for user in administrator context"
+msgstr "Запуск применение ярлыков в контексте администратора"
+
+msgid "Shortcut applier for user in administrator context will not be started"
+msgstr "Применение ярлыков в контексте администратора не запускается"
+
+msgid "Try to expand path for shortcut"
+msgstr "Попытка расширить путь для ярлыка"
+
+msgid "Applying shortcut file to"
+msgstr "Применение ярлыка к файлу"
+
+msgid "Running Folder applier for machine"
+msgstr "Запуск применение папок для машины"
+
+msgid "Folder applier for machine will not be started"
+msgstr "Применение папок для машины не запускается"
+
+msgid "Running Folder applier for user in administrator context"
+msgstr "Запуск применение папок для пользователя в контексте администратора"
+
+msgid "Folder applier for user in administrator context will not be started"
+msgstr "Применение папок для пользователя в контексте администратора не запускается"
+
+msgid "Running Folder applier for user in user context"
+msgstr "Запуск применение папок для пользователя в контексте пользователя"
+
+msgid "Folder applier for user in user context will not be started"
+msgstr "Применение папок для пользователя в контексте пользователя не запускается"
+
+msgid "Running CUPS applier for machine"
+msgstr "Запуск применение настроек CUPS для машины"
+
+msgid "CUPS applier for machine will not be started"
+msgstr "Применение настроек CUPS для машины не запускается"
+
+msgid "Running CUPS applier for user in administrator context"
+msgstr "Запуск применение настроек CUPS для пользователя в контексте администратора"
+
+msgid "CUPS applier for user in administrator context will not be started"
+msgstr "Применение настроек CUPS для пользователя в контексте администратора не запускается"
+
+msgid "Running Firewall applier for machine"
+msgstr "Запуск применение настроек Firewall для машины"
+
+msgid "Firewall is enabled"
+msgstr "Firewall включен"
+
+msgid "Firewall is disabled, settings will be reset"
+msgstr "Firewall отключен, настройки будут сброшены"
+
+msgid "Firewall applier will not be started"
+msgstr "Применение настроек Firewall не запускается"
+
+msgid "Running NTP applier for machine"
+msgstr "Запуск применение настроек NTP для машины"
+
+msgid "NTP server is configured to"
+msgstr "Сервер NTP настроен на"
+
+msgid "Starting Chrony daemon"
+msgstr "Запуск демона Chrony"
+
+msgid "Setting reference NTP server to"
+msgstr "Установка эталонного сервера NTP на"
+
+msgid "Stopping Chrony daemon"
+msgstr "Остановка демона Chrony"
+
+msgid "Configuring NTP server..."
+msgstr "Настройка NTP-сервера ..."
+
+msgid "NTP server is enabled"
+msgstr "Сервер NTP включен"
+
+msgid "NTP server is disabled"
+msgstr "NTP сервер отключен"
+
+msgid "NTP server is not configured"
+msgstr "NTP сервер не настроен"
+
+msgid "NTP client is enabled"
+msgstr "Клиент NTP включен"
+
+msgid "NTP client is disabled"
+msgstr "Клиент NTP отключен"
+
+msgid "NTP client is not configured"
+msgstr "NTP клиент не настроен"
+
+msgid "NTP applier for machine will not be started"
+msgstr "Применение настроек NTP для машины не запускается"
+
+msgid "Running Envvar applier for machine"
+msgstr "Запуск применение настроек Envvar для машины"
+
+msgid "Envvar applier for machine will not be started"
+msgstr "Применение настроек Envvar для машины не запускается"
+
+msgid "Running Envvar applier for user in user context"
+msgstr "Запуск применение настроек Envvar для пользователя в контексте пользователя"
+
+msgid "Envvar applier for user in user context will not be started"
+msgstr "Применение настроек Envvar для пользователя в контексте пользователя не запускается"
+
+msgid "Running Package applier for machine"
+msgstr "Запуск установки пакетов для машины"
+
+msgid "Package applier for machine will not be started"
+msgstr "Применение установки пакетов для машины не запускается"
+
+msgid "Running Package applier for user in administrator context"
+msgstr "Запуск установки пакетов для пользователя в контексте администратора"
+
+msgid "Package applier for user in administrator context will not be started"
+msgstr "Применение установки пакетов для пользователя в контексте администратора не запускается"
+
+msgid "Running pkcon_runner to install and remove packages"
+msgstr "Запуск pkcon_runner для установки и удаления пакетов"
+
+msgid "Run apt-get update"
+msgstr "Запускаем apt-get update"
+
+msgid "Error run apt-get update"
+msgstr "Ошибка запуска apt-get update"
+
+msgid "Run user context applier with dropped privileges"
+msgstr "Запуск из контекста пользователя с удаленными привилегиями"
+
+msgid "Run forked process with droped privileges"
+msgstr "Запустить разветвленный процесс с удаленными привилегиями"
+
+msgid "Found connection by org.freedesktop.DBus.GetConnectionUnixProcessID"
+msgstr "Найдено соединение org.freedesktop.DBus.GetConnectionUnixProcessID"
+
+msgid "Kill dbus-daemon and dconf-service in user context"
+msgstr "Остановка dbus-daemon и dconf-service в контексте пользователя"
+
+msgid "Running CIFS applier for user in administrator context"
+msgstr "Запуск применение настроек CIFS для пользователя в контексте администратора"
+
+msgid "CIFS applier for user in administrator context will not be started"
+msgstr "Применение настроек CIFS для пользователя в контексте администратора не запускается"
+
+msgid "Installing the package"
+msgstr "Установка пакета"
+
+msgid "Removing a package"
+msgstr "Удаление пакета"
+
+msgid "Failed to found gsettings for machine"
+msgstr "Не удалось найти настройки gsettings для машины"
+
+msgid "Failed to found user gsettings"
+msgstr "Не удалось найти настройки gsettings пользователя"
+
+# Debug_end
+
 # Warning
 msgid "Unable to perform gpupdate for non-existent user, will update machine settings"
 msgstr "Невозможно запустить gpupdate для несуществующего пользователя, будут обновлены настройки машины"
@@ -315,6 +676,21 @@ msgstr "Пакет ADP не установлен, плагин не будет
 msgid "Unknown warning code"
 msgstr "Неизвестный код предупреждения"
 
+msgid "Unable to resolve GSettings parameter"
+msgstr "Не удалось установить параметр GSettings"
+
+msgid "No home directory exists for user"
+msgstr "Для пользователя не существует домашнего каталога"
+
+msgid "User's shortcut not placed to home directory"
+msgstr "Ярлык пользователя не помещен в домашний каталог"
+
+msgid "CUPS is not installed: no printer settings will be deployed"
+msgstr "CUPS не установлен: настройки принтера не будут развернуты"
+
+msgid "Unsupported NTP server type"
+msgstr "Неподдерживаемый тип сервера NTP"
+
 # Fatal
 msgid "Unable to refresh GPO list"
 msgstr "Невозможно обновить список объектов групповых политик"

gpoa/messages/__init__.py

@@ -23,6 +23,13 @@ def info_code(code):
     info_ids = dict()
     info_ids[1] = 'Got GPO list for username'
     info_ids[2] = 'Got GPO'
+    info_ids[3] = 'Working with control'
+    info_ids[4] = 'Working with systemd'
+    info_ids[5] = 'Unable to work with systemd unit'
+    info_ids[6] = 'Starting systemd unit'
+    info_ids[7] = 'Firefox policy'
+    info_ids[8] = 'Chromium policy'
+    info_ids[9] = 'Set user property to'
 
     return info_ids.get(code, 'Unknown info code')
 
@@ -66,6 +73,31 @@ def error_code(code):
     error_ids[36] = 'Error getting cached file for URI'
     error_ids[37] = 'Error caching file URIs'
     error_ids[38] = 'Unable to cache specified URI'
+    error_ids[39] = 'Unable to work with control'
+    error_ids[40] = 'Control applier for machine will not be started'
+    error_ids[41] = 'Error getting control'
+    error_ids[42] = 'Is not in possible values for control'
+    error_ids[43] = 'Unable to set'
+    error_ids[44] = 'Unable to generate file'
+    error_ids[45] = 'Failed applying unit'
+    error_ids[46] = 'Unable to start systemd unit'
+    error_ids[47] = 'Unable to cache specified URI for machine'
+    error_ids[48] = 'Error recompiling global GSettings schemas'
+    error_ids[49] = 'Error update configuration dconf'
+    error_ids[50] = 'Unable to cache specified URI for user'
+    error_ids[51] = 'Chromium preferences file does not exist at the moment'
+    error_ids[52] = 'Error during attempt to read Chromium preferences for user'
+    error_ids[53] = 'Fail for applying shortcut to file with \'%\''
+    error_ids[54] = 'Fail for applying shortcut to not absolute path'
+    error_ids[55] = 'Error running pkcon_runner sync for machine'
+    error_ids[56] = 'Error run apt-get update'
+    error_ids[57] = 'Package install error'
+    error_ids[58] = 'Package remove error'
+    error_ids[59] = 'Is not in possible values for control'
+    error_ids[60] = 'Error running pkcon_runner sync for user'
+    error_ids[61] = 'Error running pkcon_runner async for machine'
+    error_ids[62] = 'Error running pkcon_runner async for user'
+
 
     return error_ids.get(code, 'Unknown error code')
 
@@ -137,6 +169,91 @@ def debug_code(code):
     debug_ids[64] = 'Delete HKCU branch key'
     debug_ids[65] = 'Delete HKLM branch key error'
     debug_ids[66] = 'Delete HKCU branch key error'
+    debug_ids[67] = 'Running Control applier for machine'
+    debug_ids[68] = 'Setting control'
+    debug_ids[69] = 'Deny_All setting found'
+    debug_ids[70] = 'Deny_All setting for user'
+    debug_ids[71] = 'Deny_All setting not found'
+    debug_ids[72] = 'Deny_All setting not found for user'
+    debug_ids[73] = 'Running Polkit applier for machine'
+    debug_ids[74] = 'Running Polkit applier for user in administrator context'
+    debug_ids[75] = 'Polkit applier for machine will not be started'
+    debug_ids[76] = 'Polkit applier for user in administrator context will not be started'
+    debug_ids[77] = 'Generated file'
+    debug_ids[78] = 'Running systemd applier for machine'
+    debug_ids[79] = 'Running systemd applier for machine will not be started'
+    debug_ids[80] = 'Running GSettings applier for machine'
+    debug_ids[81] = 'GSettings applier for machine will not be started'
+    debug_ids[82] = 'Removing GSettings policy file from previous run'
+    debug_ids[83] = 'Mapping Windows policies to GSettings policies'
+    debug_ids[84] = 'GSettings windows policies mapping not enabled'
+    debug_ids[85] = 'Applying user setting'
+    debug_ids[86] = 'Found GSettings windows mapping'
+    debug_ids[87] = 'Running GSettings applier for user in user context'
+    debug_ids[88] = 'GSettings applier for user in user context will not be started'
+    debug_ids[89] = 'Applying machine setting'
+    debug_ids[90] = 'Getting cached file for URI'
+    debug_ids[91] = 'Wrote Firefox preferences to'
+    debug_ids[92] = 'Found Firefox profile in'
+    debug_ids[93] = 'Running Firefox applier for machine'
+    debug_ids[94] = 'Firefox applier for machine will not be started'
+    debug_ids[95] = 'Running Chromium applier for machine'
+    debug_ids[96] = 'Chromium applier for machine will not be started'
+    debug_ids[97] = 'Wrote Chromium preferences to'
+    debug_ids[98] = 'Running Shortcut applier for machine'
+    debug_ids[99] = 'Shortcut applier for machine will not be started'
+    debug_ids[100] = 'No shortcuts to process for'
+    debug_ids[101] = 'Running Shortcut applier for user in user context'
+    debug_ids[102] = 'Shortcut applier for user in user context will not be started'
+    debug_ids[103] = 'Running Shortcut applier for user in administrator context'
+    debug_ids[104] = 'Shortcut applier for user in administrator context will not be started'
+    debug_ids[105] = 'Try to expand path for shortcut'
+    debug_ids[106] = 'Applying shortcut file to'
+    debug_ids[107] = 'Running Folder applier for machine'
+    debug_ids[108] = 'Folder applier for machine will not be started'
+    debug_ids[109] = 'Running Folder applier for user in administrator context'
+    debug_ids[110] = 'Folder applier for user in administrator context will not be started'
+    debug_ids[111] = 'Running Folder applier for user in user context'
+    debug_ids[112] = 'Folder applier for user in user context will not be started'
+    debug_ids[113] = 'Running CUPS applier for machine'
+    debug_ids[114] = 'CUPS applier for machine will not be started'
+    debug_ids[115] = 'Running CUPS applier for user in administrator context'
+    debug_ids[116] = 'CUPS applier for user in administrator context will not be started'
+    debug_ids[117] = 'Running Firewall applier for machine'
+    debug_ids[118] = 'Firewall is enabled'
+    debug_ids[119] = 'Firewall is disabled, settings will be reset'
+    debug_ids[120] = 'Firewall applier will not be started'
+    debug_ids[121] = 'Running NTP applier for machine'
+    debug_ids[122] = 'NTP server is configured to'
+    debug_ids[123] = 'Starting Chrony daemon'
+    debug_ids[124] = 'Setting reference NTP server to'
+    debug_ids[125] = 'Stopping Chrony daemon'
+    debug_ids[126] = 'Configuring NTP server...'
+    debug_ids[127] = 'NTP server is enabled'
+    debug_ids[128] = 'NTP server is disabled'
+    debug_ids[129] = 'NTP server is not configured'
+    debug_ids[130] = 'NTP client is enabled'
+    debug_ids[131] = 'NTP client is disabled'
+    debug_ids[132] = 'NTP client is not configured'
+    debug_ids[133] = 'NTP applier for machine will not be started'
+    debug_ids[134] = 'Running Envvar applier for machine'
+    debug_ids[135] = 'Envvar applier for machine will not be started'
+    debug_ids[136] = 'Running Envvar applier for user in user context'
+    debug_ids[137] = 'Envvar applier for user in user context will not be started'
+    debug_ids[138] = 'Running Package applier for machine'
+    debug_ids[139] = 'Package applier for machine will not be started'
+    debug_ids[140] = 'Running Package applier for user in administrator context'
+    debug_ids[141] = 'Package applier for user in administrator context will not be started'
+    debug_ids[142] = 'Running pkcon_runner to install and remove packages'
+    debug_ids[143] = 'Run apt-get update'
+    debug_ids[144] = 'Unable to cache specified URI'
+    debug_ids[145] = 'Unable to cache specified URI for machine'
+    debug_ids[146] = 'Running CIFS applier for user in administrator context'
+    debug_ids[147] = 'CIFS applier for user in administrator context will not be started'
+    debug_ids[148] = 'Installing the package'
+    debug_ids[149] = 'Removing a package'
+    debug_ids[150] = 'Failed to found gsettings for machine'
+    debug_ids[151] = 'Failed to found user gsettings'
 
     return debug_ids.get(code, 'Unknown debug code')
 
@@ -153,6 +270,12 @@ def warning_code(code):
     warning_ids[3] = 'oddjobd is inaccessible'
     warning_ids[4] = 'No SYSVOL entry assigned to GPO'
     warning_ids[5] = 'ADP package is not installed - plugin will not be initialized'
+    warning_ids[6] = 'Unable to resolve GSettings parameter'
+    warning_ids[7] = 'No home directory exists for user'
+    warning_ids[8] = 'User\'s shortcut not placed to home directory'
+    warning_ids[9] = 'CUPS is not installed: no printer settings will be deployed'
+    warning_ids[10] = 'Unsupported NTP server type'
+    warning_ids[11] = 'Unable to refresh GPO list'
 
     return warning_ids.get(code, 'Unknown warning code')
 

gpoa/pkcon_runner

@@ -0,0 +1,150 @@
+#!/usr/bin/python3
+#
+# GPOA - GPO Applier for Linux
+#
+# Copyright (C) 2019-2020 BaseALT Ltd.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import rpm
+import subprocess
+from gpoa.storage import registry_factory
+import logging
+from util.logging import log
+import argparse
+import gettext
+import locale
+from messages import message_with_code
+from util.arguments import (
+    set_loglevel
+)
+
+
+def is_rpm_installed(rpm_name):
+    '''
+    Check if the package named 'rpm_name' is installed
+    '''
+    ts = rpm.TransactionSet()
+    pm = ts.dbMatch('name', rpm_name)
+    if pm.count() > 0:
+        return True
+
+    return False
+
+class Pkcon_applier:
+
+    def __init__(self, sid = None):
+        self.__install_key_name = 'Install'
+        self.__remove_key_name = 'Remove'
+        self.__hkcu_branch = 'Software\\BaseALT\\Policies\\Packages'
+        self.__hklm_branch = 'Software\\BaseALT\\Policies\\Packages'
+        self.__install_command = ['/usr/bin/pkcon', '-y', 'install']
+        self.__remove_command = ['/usr/bin/pkcon', '-y', 'remove']
+        self.__reinstall_command = ['/usr/bin/pkcon', '-y', 'reinstall']
+        self.install_packages = set()
+        self.remove_packages = set()
+        self.storage = registry_factory('registry')
+        if sid:
+            install_branch_user = '{}\\{}%'.format(self.__hkcu_branch, self.__install_key_name)
+            remove_branch_user = '{}\\{}%'.format(self.__hkcu_branch, self.__remove_key_name)
+            self.install_packages_setting = self.storage.filter_hkcu_entries(sid, install_branch_user)
+            self.remove_packages_setting = self.storage.filter_hkcu_entries(sid, remove_branch_user)
+        else:
+            install_branch = '{}\\{}%'.format(self.__hklm_branch, self.__install_key_name)
+            remove_branch = '{}\\{}%'.format(self.__hklm_branch, self.__remove_key_name)
+            self.install_packages_setting = self.storage.filter_hklm_entries(install_branch)
+            self.remove_packages_setting = self.storage.filter_hklm_entries(remove_branch)
+        for package in self.install_packages_setting:
+            if not is_rpm_installed(package.data):
+                self.install_packages.add(package.data)
+        for package in self.remove_packages_setting:
+            if package.data in self.install_packages:
+                self.install_packages.remove(package.data)
+            if is_rpm_installed(package.data):
+                self.remove_packages.add(package.data)
+
+    def apply(self):
+        log('D142')
+        self.update()
+        for package in self.remove_packages:
+            try:
+                logdata = dict()
+                logdata['name'] = package
+                log('D149', logdata)
+                self.remove_pkg(package)
+            except Exception as exc:
+                logdata = dict()
+                logdata['exc'] = exc
+                log('E58', logdata)
+
+        for package in self.install_packages:
+           try:
+                logdata = dict()
+                logdata['name'] = package
+                log('D148', logdata)
+                self.install_pkg(package)
+           except Exception as exc:
+                logdata = dict()
+                logdata['exc'] = exc
+                log('E57', logdata)
+
+
+    def install_pkg(self, package_name):
+        fullcmd = list(self.__install_command)
+        fullcmd.append(package_name)
+        return subprocess.check_output(fullcmd)
+
+    def reinstall_pkg(self, package_name):
+        pass
+
+    def remove_pkg(self, package_name):
+        fullcmd = self.__remove_command
+        fullcmd.append(package_name)
+        return subprocess.check_output(fullcmd)
+
+    def update(self):
+        '''
+        Update APT-RPM database.
+        '''
+        try:
+            res =  subprocess.check_output(['/usr/bin/apt-get', 'update'], encoding='utf-8')
+            msg =  str(res).split('\n')
+            logdata = dict()
+            for mslog in msg:
+                ms =  str(mslog).split(' ')
+                if ms:
+                    logdata = {ms[0]: ms[1:-1]}
+                log('D143', logdata)
+        except Exception as exc:
+            logdata = dict()
+            logdata['msg'] = exc
+            log('E56',logdata)
+
+if __name__ == '__main__':
+    locale.bindtextdomain('gpoa', '/usr/lib/python3/site-packages/gpoa/locale')
+    gettext.bindtextdomain('gpoa', '/usr/lib/python3/site-packages/gpoa/locale')
+    gettext.textdomain('gpoa')
+    logger = logging.getLogger()
+    parser = argparse.ArgumentParser(description='Package applier')
+    parser.add_argument('--sid', type = str, help = 'sid', nargs = '?', default = None)
+    parser.add_argument('--loglevel', type = int, help = 'loglevel', nargs = '?', default = 30)
+
+    args = parser.parse_args()
+    logger.setLevel(args.loglevel)
+    if args.sid:
+        applier = Pkcon_applier(args.sid)
+    else:
+        applier = Pkcon_applier()
+    applier.apply()
+

gpoa/storage/fs_file_cache.py

@@ -50,7 +50,7 @@ class fs_file_cache:
                 file_path))
         except Exception as exc:
             logdata = dict({'exception': str(exc)})
-            log('E38', logdata)
+            log('D144', logdata)
             raise exc
 
         if not destdir.exists():

gpoa/templates/autofs_auto.j2

@@ -16,5 +16,5 @@
  # You should have received a copy of the GNU General Public License
  # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  #}
-{{ home_dir }}/net	{{ mount_file }}	-t 120
+{{ home_dir }}/net	{{ mount_file }}	-t 120  --browse
 

gpoa/util/dbus.py

@@ -58,8 +58,8 @@ class dbus_runner:
                         self._object_path,
                         self._interface_name,
                         'gpupdatefor',
-                        (username),
-                        (dbus.String(self.username)),
+                        's',
+                        [self.username],
                         timeout=self._synchronous_timeout)
                     print_dbus_result(result)
                 except dbus.exceptions.DBusException as exc:
@@ -74,7 +74,7 @@ class dbus_runner:
                         self._interface_name,
                         'gpupdate',
                         None,
-                        (),
+                        [],
                         timeout=self._synchronous_timeout)
                     print_dbus_result(result)
                 except dbus.exceptions.DBusException as exc:
@@ -91,7 +91,7 @@ class dbus_runner:
                     None,
                     # The following positional parameter is called "args".
                     # There is no official documentation for it.
-                    (),
+                    [],
                     timeout=self._synchronous_timeout)
                 print_dbus_result(result)
             except dbus.exceptions.DBusException as exc:

gpoa/util/logging.py

@@ -49,16 +49,8 @@ class slogm(object):
     def __str__(self):
         now = str(datetime.datetime.now().isoformat(sep=' ', timespec='milliseconds'))
         args = dict()
-        #args.update(dict({'timestamp': now, 'message': str(self.message)}))
         args.update(self.kwargs)
-
-        kwa = dict()
-        try:
-            kwa = encoder().encode(args)
-        except Exception as exc:
-            pass
-
-        result = '{}|{}|{}'.format(now, self.message, kwa)
+        result = '{}|{}|{}'.format(now, self.message, args)
 
         return result
 

gpoa/util/system.py

@@ -21,7 +21,7 @@ import sys
 import pwd
 import signal
 import subprocess
-
+import locale
 from .logging import log
 from .dbus import dbus_session
 
@@ -30,11 +30,13 @@ def set_privileges(username, uid, gid, groups, home):
     '''
     Set current process privileges
     '''
-
+    defaultlocale = locale.getdefaultlocale()
     os.environ.clear()
     os.environ['HOME'] = home
     os.environ['USER'] = username
     os.environ['USERNAME'] = username
+    if defaultlocale[0] and defaultlocale[1]:
+        os.environ["LANG"] = '.'.join(defaultlocale)
 
     try:
         os.setgid(gid)

gpoa/util/windows.py

@@ -21,7 +21,7 @@ import os
 import pwd
 
 from samba import getopt as options
-
+from samba import NTSTATUSError
 from samba.gpclass import get_dc_hostname, check_refresh_gpo_list
 from samba.netcmd.common import netcmd_get_domain_infos_via_cldap
 import samba.gpo
@@ -117,20 +117,34 @@ class smbcreds (smbopts):
     def update_gpos(self, username):
         gpos = self.get_gpos(username)
 
-        try:
-            log('D49')
-            check_refresh_gpo_list(self.selected_dc, self.lp, self.creds, gpos)
-            log('D50')
-        except Exception as exc:
+        list_selected_dc = set()
+        list_selected_dc.add(self.selected_dc)
+
+        while list_selected_dc:
             logdata = dict()
             logdata['username'] = username
             logdata['dc'] = self.selected_dc
-            logdata['err'] = str(exc)
-            log('F1')
-            raise exc
+            try:
+                log('D49', logdata)
+                check_refresh_gpo_list(self.selected_dc, self.lp, self.creds, gpos)
+                log('D50', logdata)
+                list_selected_dc.clear()
+            except NTSTATUSError as smb_exc:
+                logdata['smb_exc'] = str(smb_exc)
+                self.selected_dc = get_dc_hostname(self.creds, self.lp)
+                if self.selected_dc not in list_selected_dc:
+                    logdata['action'] = 'Search another dc'
+                    log('W11', logdata)
+                    list_selected_dc.add(self.selected_dc)
+                else:
+                    log('F1', logdata)
+                    raise smb_exc
+            except Exception as exc:
+                logdata['exc'] = str(exc)
+                log('F1', logdata)
+                raise exc
         return gpos
 
-
 def wbinfo_getsid(domain, user):
     '''
     Get SID using wbinfo
@@ -186,6 +200,8 @@ def expand_windows_var(text, username=None):
     '''
     variables = dict()
     variables['HOME'] = '/etc/skel'
+    variables['HOMEPATH'] = '/etc/skel'
+    variables['HOMEDRIVE'] = '/'
     variables['SystemRoot'] = '/'
     variables['StartMenuDir'] = '/usr/share/applications'
     variables['SystemDrive'] = '/'
@@ -194,6 +210,7 @@ def expand_windows_var(text, username=None):
     if username:
         variables['LogonUser'] = username
         variables['HOME'] = get_homedir(username)
+        variables['HOMEPATH'] = get_homedir(username)
 
         variables['StartMenuDir'] = os.path.join(
             variables['HOME'], '.local', 'share', 'applications')

gpupdate.spec

@@ -1,8 +1,8 @@
 %define _unpackaged_files_terminate_build 1
 
 Name: gpupdate
-Version: 0.9.8
-Release: alt0.dev1
+Version: 0.9.9.1
+Release: alt1
 
 Summary: GPT applier
 License: GPLv3+
@@ -60,6 +60,12 @@ ln -s %python3_sitelibdir/gpoa/gpupdate \
 ln -s %python3_sitelibdir/gpoa/gpupdate-setup \
 	%buildroot%_sbindir/gpupdate-setup
 
+mkdir -p \
+	%buildroot%_prefix/libexec/%name
+
+ln -s %python3_sitelibdir/gpoa/pkcon_runner \
+	%buildroot%_prefix/libexec/%name/pkcon_runner
+
 mkdir -p %buildroot%_datadir/%name
 mv %buildroot%python3_sitelibdir/gpoa/templates \
 	%buildroot%_datadir/%name/
@@ -70,6 +76,7 @@ touch %buildroot%_sysconfdir/%name/environment
 install -Dm0644 dist/%name.service %buildroot%_unitdir/%name.service
 install -Dm0644 dist/%name-user.service %buildroot/usr/lib/systemd/user/%name-user.service
 install -Dm0644 dist/system-policy-%name %buildroot%_sysconfdir/pam.d/system-policy-%name
+install -Dm0644 dist/%name-remote-policy %buildroot%_sysconfdir/pam.d/%name-remote-policy
 install -Dm0644 dist/%name.ini %buildroot%_sysconfdir/%name/%name.ini
 install -Dm0644 doc/gpoa.1 %buildroot/%_man1dir/gpoa.1
 install -Dm0644 doc/gpupdate.1 %buildroot/%_man1dir/gpupdate.1
@@ -102,9 +109,11 @@ fi
 %_sbindir/gpoa
 %_sbindir/gpupdate-setup
 %_bindir/gpupdate
+%_prefix/libexec/%name/pkcon_runner
 %attr(755,root,root) %python3_sitelibdir/gpoa/gpoa
 %attr(755,root,root) %python3_sitelibdir/gpoa/gpupdate
 %attr(755,root,root) %python3_sitelibdir/gpoa/gpupdate-setup
+%attr(755,root,root) %python3_sitelibdir/gpoa/pkcon_runner
 %python3_sitelibdir/gpoa
 %_datadir/%name
 %_unitdir/%name.service
@@ -116,6 +125,7 @@ fi
 %config(noreplace) %_sysconfdir/%name/environment
 %config(noreplace) %_sysconfdir/%name/%name.ini
 %config(noreplace) %_sysconfdir/pam.d/system-policy-%name
+%config(noreplace) %_sysconfdir/pam.d/%name-remote-policy
 %dir %attr(0700, root, root) %_cachedir/%name
 %dir %attr(0755, root, root) %_cachedir/%{name}_file_cache
 %dir %attr(0700, root, root) %_cachedir/%name/creds
@@ -125,6 +135,24 @@ fi
 %exclude %python3_sitelibdir/gpoa/test
 
 %changelog
+* Thu Mar 03 2022 Valery Sinelnikov <greh@altlinux.org> 0.9.9.1-alt1
+- Fixed method call (Closes: 41994)
+- Removed unnecessary replace
+- Fixed declaration of variable
+
+* Fri Feb 18 2022 Evgeny Sinelnikov <sin@altlinux.org> 0.9.9-alt1
+- Add gpupdate-remote-policy PAM substack (for pam_mount support)
+- Added lookup for possible dc if first found is unreadable
+- Correct folder applier (still experimental)
+- Update logging and translations
+- Fix error when control facilites not exists
+- Add check for the presence of Gsettings schema and keys exists
+- Add support of package applier via pkcon (still experimental)
+
+* Mon Oct 25 2021 Evgeny Sinelnikov <sin@altlinux.org> 0.9.8-alt1
+- Added exception for org.gnome.Vino authentication-methods
+- Fixed bug for alternative-port in org.gnome.Vino
+
 * Wed Sep 29 2021 Evgeny Sinelnikov <sin@altlinux.org> 0.9.7-alt1
 - Fix regression with kestroy for user credential cache
 - Update system-policy-gpupdate PAM-rules to ignore applying group policies