Red Hat6.x下堡垒机Jumpserver Version 0.3.2环境部署安装
-
系统环境
[root@tiaoshiji ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.7 (Santiago)
[root@tiaoshiji ~]# python -V
Python 2.6.6
关闭 iptables,关闭 selinux
jumpserver:192.168.1.200 clients:192.168.1.210
ps:操作只针对 jumpserver,clients 不会进行操作,只是环境需求。
-
升级Python
(1)、python2.7安装
https://www.python.org/ftp/python/2.7.8/Python-2.7.8.tgz
# tar xvzf Python-2.7.8.tgz
# cd Python-2.7.8
# ./configure --prefix=/usr/local --build=x86_64
# make --jobs=`grep processor /proc/cpuinfo | wc -l`
# make install
## 将python头文件拷贝到标准目录,以避免编译ansible时,找不到所需的头文件
# cd /usr/local/include/python2.7
# cp -a ./* /usr/local/include/
## 备份旧版本的python,并符号链接新版本的python
# cd /usr/bin
# mv python python2.6
# ln -s /usr/local/bin/python
## 修改yum脚本,使其指向旧版本的python,已避免其无法运行
# vim /usr/bin/yum
#!/usr/bin/python 更改为 #!/usr/bin/python2.6
## 查看python版本
[root@tiaoshiji bin]# python -V
Python 2.7.8
-
安装Jumpserver基础包
[root@jumpserver ~]# yum -y install epel-release
说明:这里我使用的是163源,可查看http://wutengfei.blog.51cto.com/10942117/1974837
[root@jumpserver ~]# yum -y install git python-pip mysql-devel gcc automake autoconf python-devel vim sshpass lrzsz readline-devel unzip
-
下载和解压Jumpserver
[root@jumpserver ~]# cd /opt
[root@jumpserver opt]# git clone https://github.com/jumpserver/jumpserver.git
[root@jumpserver opt]# ls
master.zip
[root@jumpserver opt]# unzip master.zip
[root@jumpserver opt]# ls
jumpserver-master master.zip
-
重新对python编译
# cd Python-2.7.8
# ./configure --prefix=/usr/local --build=x86_64
# make --jobs=`grep processor /proc/cpuinfo | wc -l`
# make install
-
使用easy_install安装pip
[root@jump ~]# python distribute_setup.py
说明:distribute_setup.py脚本我会放在文章最后(参考博客:http://linuxsogood.org/816.html),执行完这个脚本会新生成一个easy_install,使用easy_install来安装pip。
[root@jump ~]# which easy_install
/usr/local/bin/easy_install
说明:如果系统里有pip,建议先卸载掉,命令如下:
[root@jump ~]# rpm -qa |grep pip |xargs rpm -e
[root@jump ~]# easy_install pip
[root@jump ~]# which pip
/usr/local/bin/pip
[root@jump ~]# ln -s /usr/local/bin/pip /usr/bin/pip
[root@jump ~]# pip -V
pip 9.0.1 from /usr/local/lib/python2.7/site-packages/pip-9.0.1-py2.7.egg (python 2.7)
说明:现在的pip是安装在python2.7中了!
[root@jump install]# pip freeze (查看安装的包)
-
安装Jumpserver
[root@jumpserver opt]# cd /opt/jumpserver-master/install/
[root@jumpserver install]# pip install -r requirements.txt
[root@jump install]# python install.py
[root@jump install]# python install.py
输入jumpserver的地址,默认为:”192.168.1.200”,回车即可。 是否安装MySQL:选择”y”进行安装
MySQL 启动后会要求用户输入 邮件服务器及账户(后期用来发送用户名、ssh pass、web pass、ssh key)163邮箱用授权密码,而不是登入密码 ,切记 。
继续 python install.py 进行安装,并且输入 web管理员用户名和管理员密码,ok
-
运行 crontab,定期处理失效连接,定期更新资产信息
cd /opt/jumpserver python manage.py crontab add
说明:
1)根据提示输入相关信息,完成安装,安装完成后,请访问web,继续查看后续文档;
2)如果启动失败,请返回上层目录,手动运行 ./service.sh start 启动;
3)如果 ./service.sh start 启动失败 cd /opt/jumpserver python manage.py runserver 0.0.0.0:80 python run_websocket.py;
4)如果启动失败,可能是由于8000或80端口和3000端口已经被占用,或者数据库账号密码不对,请检查。
-
web登入
-
distribute_setup.py脚本
-
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537
#!python
"""Bootstrap distribute installation
If you want to use setuptools in your package's setup.py, just include this
file in the same directory with it, and add this to the top of your setup.py::
from distribute_setup import use_setuptools
use_setuptools()
If you want to require a specific version of setuptools, set a download
mirror, or use an alternate download directory, you can do so by supplying
the appropriate options to ``use_setuptools()``.
This file can also be run as a script to install or upgrade setuptools.
"""
import
os
import
shutil
import
sys
import
time
import
fnmatch
import
tempfile
import
tarfile
import
optparse
from
distutils
import
log
try
:
from
site
import
USER_SITE
except
ImportError:
USER_SITE
=
None
try
:
import
subprocess
def
_python_cmd(
*
args):
args
=
(sys.executable,)
+
args
return
subprocess.call(args)
=
=
0
except
ImportError:
# will be used for python 2.3
def
_python_cmd(
*
args):
args
=
(sys.executable,)
+
args
# quoting arguments if windows
if
sys.platform
=
=
'win32'
:
def
quote(arg):
if
' '
in
arg:
return
'"%s"'
%
arg
return
arg
args
=
[quote(arg)
for
arg
in
args]
return
os.spawnl(os.P_WAIT, sys.executable,
*
args)
=
=
0
DEFAULT_VERSION
=
"0.6.49"
DEFAULT_URL
=
"http://pypi.python.org/packages/source/d/distribute/"
SETUPTOOLS_FAKED_VERSION
=
"0.6c11"
SETUPTOOLS_PKG_INFO
=
"""\
Metadata-Version: 1.0
Name: setuptools
Version: %s
Summary: xxxx
Home-page: xxx
Author: xxx
Author-email: xxx
License: xxx
Description: xxx
"""
%
SETUPTOOLS_FAKED_VERSION
def
_install(tarball, install_args
=
()):
# extracting the tarball
tmpdir
=
tempfile.mkdtemp()
log.warn(
'Extracting in %s'
, tmpdir)
old_wd
=
os.getcwd()
try
:
os.chdir(tmpdir)
tar
=
tarfile.
open
(tarball)
_extractall(tar)
tar.close()
# going in the directory
subdir
=
os.path.join(tmpdir, os.listdir(tmpdir)[
0
])
os.chdir(subdir)
log.warn(
'Now working in %s'
, subdir)
# installing
log.warn(
'Installing Distribute'
)
if
not
_python_cmd(
'setup.py'
,
'install'
,
*
install_args):
log.warn(
'Something went wrong during the installation.'
)
log.warn(
'See the error message above.'
)
# exitcode will be 2
return
2
finally
:
os.chdir(old_wd)
shutil.rmtree(tmpdir)
def
_build_egg(egg, tarball, to_dir):
# extracting the tarball
tmpdir
=
tempfile.mkdtemp()
log.warn(
'Extracting in %s'
, tmpdir)
old_wd
=
os.getcwd()
try
:
os.chdir(tmpdir)
tar
=
tarfile.
open
(tarball)
_extractall(tar)
tar.close()
# going in the directory
subdir
=
os.path.join(tmpdir, os.listdir(tmpdir)[
0
])
os.chdir(subdir)
log.warn(
'Now working in %s'
, subdir)
# building an egg
log.warn(
'Building a Distribute egg in %s'
, to_dir)
_python_cmd(
'setup.py'
,
'-q'
,
'bdist_egg'
,
'--dist-dir'
, to_dir)
finally
:
os.chdir(old_wd)
shutil.rmtree(tmpdir)
# returning the result
log.warn(egg)
if
not
os.path.exists(egg):
raise
IOError(
'Could not build the egg.'
)
def
_do_download(version, download_base, to_dir, download_delay):
egg
=
os.path.join(to_dir,
'distribute-%s-py%d.%d.egg'
%
(version, sys.version_info[
0
], sys.version_info[
1
]))
if
not
os.path.exists(egg):
tarball
=
download_setuptools(version, download_base,
to_dir, download_delay)
_build_egg(egg, tarball, to_dir)
sys.path.insert(
0
, egg)
import
setuptools
setuptools.bootstrap_install_from
=
egg
def
use_setuptools(version
=
DEFAULT_VERSION, download_base
=
DEFAULT_URL,
to_dir
=
os.curdir, download_delay
=
15
, no_fake
=
True
):
# making sure we use the absolute path
to_dir
=
os.path.abspath(to_dir)
was_imported
=
'pkg_resources'
in
sys.modules
or
\
'setuptools'
in
sys.modules
try
:
try
:
import
pkg_resources
# Setuptools 0.7b and later is a suitable (and preferable)
# substitute for any Distribute version.
try
:
pkg_resources.require(
"setuptools>=0.7b"
)
return
except
(pkg_resources.DistributionNotFound,
pkg_resources.VersionConflict):
pass
if
not
hasattr
(pkg_resources,
'_distribute'
):
if
not
no_fake:
_fake_setuptools()
raise
ImportError
except
ImportError:
return
_do_download(version, download_base, to_dir, download_delay)
try
:
pkg_resources.require(
"distribute>="
+
version)
return
except
pkg_resources.VersionConflict:
e
=
sys.exc_info()[
1
]
if
was_imported:
sys.stderr.write(
"The required version of distribute (>=%s) is not available,\n"
"and can't be installed while this script is running. Please\n"
"install a more recent version first, using\n"
"'easy_install -U distribute'."
"\n\n(Currently using %r)\n"
%
(version, e.args[
0
]))
sys.exit(
2
)
else
:
del
pkg_resources, sys.modules[
'pkg_resources'
]
# reload ok
return
_do_download(version, download_base, to_dir,
download_delay)
except
pkg_resources.DistributionNotFound:
return
_do_download(version, download_base, to_dir,
download_delay)
finally
:
if
not
no_fake:
_create_fake_setuptools_pkg_info(to_dir)
def
download_setuptools(version
=
DEFAULT_VERSION, download_base
=
DEFAULT_URL,
to_dir
=
os.curdir, delay
=
15
):
"""Download distribute from a specified location and return its filename
`version` should be a valid distribute version number that is available
as an egg for download under the `download_base` URL (which should end
with a '/'). `to_dir` is the directory where the egg will be downloaded.
`delay` is the number of seconds to pause before an actual download
attempt.
"""
# making sure we use the absolute path
to_dir
=
os.path.abspath(to_dir)
try
:
from
urllib.request
import
urlopen
except
ImportError:
from
urllib2
import
urlopen
tgz_name
=
"distribute-%s.tar.gz"
%
version
url
=
download_base
+
tgz_name
saveto
=
os.path.join(to_dir, tgz_name)
src
=
dst
=
None
if
not
os.path.exists(saveto):
# Avoid repeated downloads
try
:
log.warn(
"Downloading %s"
, url)
src
=
urlopen(url)
# Read/write all in one block, so we don't create a corrupt file
# if the download is interrupted.
data
=
src.read()
dst
=
open
(saveto,
"wb"
)
dst.write(data)
finally
:
if
src:
src.close()
if
dst:
dst.close()
return
os.path.realpath(saveto)
def
_no_sandbox(function):
def
__no_sandbox(
*
args,
*
*
kw):
try
:
from
setuptools.sandbox
import
DirectorySandbox
if
not
hasattr
(DirectorySandbox,
'_old'
):
def
violation(
*
args):
pass
DirectorySandbox._old
=
DirectorySandbox._violation
DirectorySandbox._violation
=
violation
patched
=
True
else
:
patched
=
False
except
ImportError:
patched
=
False
try
:
return
function(
*
args,
*
*
kw)
finally
:
if
patched:
DirectorySandbox._violation
=
DirectorySandbox._old
del
DirectorySandbox._old
return
__no_sandbox
def
_patch_file(path, content):
"""Will backup the file then patch it"""
f
=
open
(path)
existing_content
=
f.read()
f.close()
if
existing_content
=
=
content:
# already patched
log.warn(
'Already patched.'
)
return
False
log.warn(
'Patching...'
)
_rename_path(path)
f
=
open
(path,
'w'
)
try
:
f.write(content)
finally
:
f.close()
return
True
_patch_file
=
_no_sandbox(_patch_file)
def
_same_content(path, content):
f
=
open
(path)
existing_content
=
f.read()
f.close()
return
existing_content
=
=
content
def
_rename_path(path):
new_name
=
path
+
'.OLD.%s'
%
time.time()
log.warn(
'Renaming %s to %s'
, path, new_name)
os.rename(path, new_name)
return
new_name
def
_remove_flat_installation(placeholder):
if
not
os.path.isdir(placeholder):
log.warn(
'Unkown installation at %s'
, placeholder)
return
False
found
=
False
for
file
in
os.listdir(placeholder):
if
fnmatch.fnmatch(
file
,
'setuptools*.egg-info'
):
found
=
True
break
if
not
found:
log.warn(
'Could not locate setuptools*.egg-info'
)
return
log.warn(
'Moving elements out of the way...'
)
pkg_info
=
os.path.join(placeholder,
file
)
if
os.path.isdir(pkg_info):
patched
=
_patch_egg_dir(pkg_info)
else
:
patched
=
_patch_file(pkg_info, SETUPTOOLS_PKG_INFO)
if
not
patched:
log.warn(
'%s already patched.'
, pkg_info)
return
False
# now let's move the files out of the way
for
element
in
(
'setuptools'
,
'pkg_resources.py'
,
'site.py'
):
element
=
os.path.join(placeholder, element)
if
os.path.exists(element):
_rename_path(element)
else
:
log.warn(
'Could not find the %s element of the '
'Setuptools distribution'
, element)
return
True
_remove_flat_installation
=
_no_sandbox(_remove_flat_installation)
def
_after_install(dist):
log.warn(
'After install bootstrap.'
)
placeholder
=
dist.get_command_obj(
'install'
).install_purelib
_create_fake_setuptools_pkg_info(placeholder)
def
_create_fake_setuptools_pkg_info(placeholder):
if
not
placeholder
or
not
os.path.exists(placeholder):
log.warn(
'Could not find the install location'
)
return
pyver
=
'%s.%s'
%
(sys.version_info[
0
], sys.version_info[
1
])
setuptools_file
=
'setuptools-%s-py%s.egg-info'
%
\
(SETUPTOOLS_FAKED_VERSION, pyver)
pkg_info
=
os.path.join(placeholder, setuptools_file)
if
os.path.exists(pkg_info):
log.warn(
'%s already exists'
, pkg_info)
return
log.warn(
'Creating %s'
, pkg_info)
try
:
f
=
open
(pkg_info,
'w'
)
except
EnvironmentError:
log.warn(
"Don't have permissions to write %s, skipping"
, pkg_info)
return
try
:
f.write(SETUPTOOLS_PKG_INFO)
finally
:
f.close()
pth_file
=
os.path.join(placeholder,
'setuptools.pth'
)
log.warn(
'Creating %s'
, pth_file)
f
=
open
(pth_file,
'w'
)
try
:
f.write(os.path.join(os.curdir, setuptools_file))
finally
:
f.close()
_create_fake_setuptools_pkg_info
=
_no_sandbox(
_create_fake_setuptools_pkg_info
)
def
_patch_egg_dir(path):
# let's check if it's already patched
pkg_info
=
os.path.join(path,
'EGG-INFO'
,
'PKG-INFO'
)
if
os.path.exists(pkg_info):
if
_same_content(pkg_info, SETUPTOOLS_PKG_INFO):
log.warn(
'%s already patched.'
, pkg_info)
return
False
_rename_path(path)
os.mkdir(path)
os.mkdir(os.path.join(path,
'EGG-INFO'
))
pkg_info
=
os.path.join(path,
'EGG-INFO'
,
'PKG-INFO'
)
f
=
open
(pkg_info,
'w'
)
try
:
f.write(SETUPTOOLS_PKG_INFO)
finally
:
f.close()
return
True
_patch_egg_dir
=
_no_sandbox(_patch_egg_dir)
def
_before_install():
log.warn(
'Before install bootstrap.'
)
_fake_setuptools()
def
_under_prefix(location):
if
'install'
not
in
sys.argv:
return
True
args
=
sys.argv[sys.argv.index(
'install'
)
+
1
:]
for
index, arg
in
enumerate
(args):
for
option
in
(
'--root'
,
'--prefix'
):
if
arg.startswith(
'%s='
%
option):
top_dir
=
arg.split(
'root='
)[
-
1
]
return
location.startswith(top_dir)
elif
arg
=
=
option:
if
len
(args) > index:
top_dir
=
args[index
+
1
]
return
location.startswith(top_dir)
if
arg
=
=
'--user'
and
USER_SITE
is
not
None
:
return
location.startswith(USER_SITE)
return
True
def
_fake_setuptools():
log.warn(
'Scanning installed packages'
)
try
:
import
pkg_resources
except
ImportError:
# we're cool
log.warn(
'Setuptools or Distribute does not seem to be installed.'
)
return
ws
=
pkg_resources.working_set
try
:
setuptools_dist
=
ws.find(
pkg_resources.Requirement.parse(
'setuptools'
, replacement
=
False
)
)
except
TypeError:
# old distribute API
setuptools_dist
=
ws.find(
pkg_resources.Requirement.parse(
'setuptools'
)
)
if
setuptools_dist
is
None
:
log.warn(
'No setuptools distribution found'
)
return
# detecting if it was already faked
setuptools_location
=
setuptools_dist.location
log.warn(
'Setuptools installation detected at %s'
, setuptools_location)
# if --root or --preix was provided, and if
# setuptools is not located in them, we don't patch it
if
not
_under_prefix(setuptools_location):
log.warn(
'Not patching, --root or --prefix is installing Distribute'
' in another location'
)
return
# let's see if its an egg
if
not
setuptools_location.endswith(
'.egg'
):
log.warn(
'Non-egg installation'
)
res
=
_remove_flat_installation(setuptools_location)
if
not
res:
return
else
:
log.warn(
'Egg installation'
)
pkg_info
=
os.path.join(setuptools_location,
'EGG-INFO'
,
'PKG-INFO'
)
if
(os.path.exists(pkg_info)
and
_same_content(pkg_info, SETUPTOOLS_PKG_INFO)):
log.warn(
'Already patched.'
)
return
log.warn(
'Patching...'
)
# let's create a fake egg replacing setuptools one
res
=
_patch_egg_dir(setuptools_location)
if
not
res:
return
log.warn(
'Patching complete.'
)
_relaunch()
def
_relaunch():
log.warn(
'Relaunching...'
)
# we have to relaunch the process
# pip marker to avoid a relaunch bug
_cmd1
=
[
'-c'
,
'install'
,
'--single-version-externally-managed'
]
_cmd2
=
[
'-c'
,
'install'
,
'--record'
]
if
sys.argv[:
3
]
=
=
_cmd1
or
sys.argv[:
3
]
=
=
_cmd2:
sys.argv[
0
]
=
'setup.py'
args
=
[sys.executable]
+
sys.argv
sys.exit(subprocess.call(args))
def
_extractall(
self
, path
=
"."
, members
=
None
):
"""Extract all members from the archive to the current working
directory and set owner, modification time and permissions on
directories afterwards. `path' specifies a different directory
to extract to. `members' is optional and must be a subset of the
list returned by getmembers().
"""
import
copy
import
operator
from
tarfile
import
ExtractError
directories
=
[]
if
members
is
None
:
members
=
self
for
tarinfo
in
members:
if
tarinfo.isdir():
# Extract directories with a safe mode.
directories.append(tarinfo)
tarinfo
=
copy.copy(tarinfo)
tarinfo.mode
=
448
# decimal for oct 0700
self
.extract(tarinfo, path)
# Reverse sort directories.
if
sys.version_info < (
2
,
4
):
def
sorter(dir1, dir2):
return
cmp
(dir1.name, dir2.name)
directories.sort(sorter)
directories.reverse()
else
:
directories.sort(key
=
operator.attrgetter(
'name'
), reverse
=
True
)
# Set correct owner, mtime and filemode on directories.
for
tarinfo
in
directories:
dirpath
=
os.path.join(path, tarinfo.name)
try
:
self
.chown(tarinfo, dirpath)
self
.utime(tarinfo, dirpath)
self
.chmod(tarinfo, dirpath)
except
ExtractError:
e
=
sys.exc_info()[
1
]
if
self
.errorlevel >
1
:
raise
else
:
self
._dbg(
1
,
"tarfile: %s"
%
e)
def
_build_install_args(options):
"""
Build the arguments to 'python setup.py install' on the distribute package
"""
install_args
=
[]
if
options.user_install:
if
sys.version_info < (
2
,
6
):
log.warn(
"--user requires Python 2.6 or later"
)
raise
SystemExit(
1
)
install_args.append(
'--user'
)
return
install_args
def
_parse_args():
"""
Parse the command line for options
"""
parser
=
optparse.OptionParser()
parser.add_option(
'--user'
, dest
=
'user_install'
, action
=
'store_true'
, default
=
False
,
help
=
'install in user site package (requires Python 2.6 or later)'
)
parser.add_option(
'--download-base'
, dest
=
'download_base'
, metavar
=
"URL"
,
default
=
DEFAULT_URL,
help
=
'alternative URL from where to download the distribute package'
)
options, args
=
parser.parse_args()
# positional arguments are ignored
return
options
def
main(version
=
DEFAULT_VERSION):
"""Install or upgrade setuptools and EasyInstall"""
options
=
_parse_args()
tarball
=
download_setuptools(download_base
=
options.download_base)
return
_install(tarball, _build_install_args(options))
if
__name__
=
=
'__main__'
:
sys.exit(main())