Red Hat6.x下堡垒机Jumpserver Version 0.3.2环境部署安装
-
系统环境
[root@tiaoshiji ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.7 (Santiago)
[root@tiaoshiji ~]# python -V
Python 2.6.6
关闭 iptables,关闭 selinux
jumpserver:192.168.1.200 clients:192.168.1.210
ps:操作只针对 jumpserver,clients 不会进行操作,只是环境需求。
-
升级Python
(1)、python2.7安装
https://www.python.org/ftp/python/2.7.8/Python-2.7.8.tgz
# tar xvzf Python-2.7.8.tgz
# cd Python-2.7.8
# ./configure --prefix=/usr/local --build=x86_64
# make --jobs=`grep processor /proc/cpuinfo | wc -l`
# make install
## 将python头文件拷贝到标准目录,以避免编译ansible时,找不到所需的头文件
# cd /usr/local/include/python2.7
# cp -a ./* /usr/local/include/
## 备份旧版本的python,并符号链接新版本的python
# cd /usr/bin
# mv python python2.6
# ln -s /usr/local/bin/python
## 修改yum脚本,使其指向旧版本的python,已避免其无法运行
# vim /usr/bin/yum
#!/usr/bin/python 更改为 #!/usr/bin/python2.6
## 查看python版本
[root@tiaoshiji bin]# python -V
Python 2.7.8
-
安装Jumpserver基础包
[root@jumpserver ~]# yum -y install epel-release
说明:这里我使用的是163源,可查看http://wutengfei.blog.51cto.com/10942117/1974837
[root@jumpserver ~]# yum -y install git python-pip mysql-devel gcc automake autoconf python-devel vim sshpass lrzsz readline-devel unzip
-
下载和解压Jumpserver
[root@jumpserver ~]# cd /opt
[root@jumpserver opt]# git clone https://github.com/jumpserver/jumpserver.git
[root@jumpserver opt]# ls
master.zip
[root@jumpserver opt]# unzip master.zip
[root@jumpserver opt]# ls
jumpserver-master master.zip
-
重新对python编译
# cd Python-2.7.8
# ./configure --prefix=/usr/local --build=x86_64
# make --jobs=`grep processor /proc/cpuinfo | wc -l`
# make install
-
使用easy_install安装pip
[root@jump ~]# python distribute_setup.py
说明:distribute_setup.py脚本我会放在文章最后(参考博客:http://linuxsogood.org/816.html),执行完这个脚本会新生成一个easy_install,使用easy_install来安装pip。
[root@jump ~]# which easy_install
/usr/local/bin/easy_install
说明:如果系统里有pip,建议先卸载掉,命令如下:
[root@jump ~]# rpm -qa |grep pip |xargs rpm -e
[root@jump ~]# easy_install pip
[root@jump ~]# which pip
/usr/local/bin/pip
[root@jump ~]# ln -s /usr/local/bin/pip /usr/bin/pip
[root@jump ~]# pip -V
pip 9.0.1 from /usr/local/lib/python2.7/site-packages/pip-9.0.1-py2.7.egg (python 2.7)
说明:现在的pip是安装在python2.7中了!
[root@jump install]# pip freeze (查看安装的包)
-
安装Jumpserver
[root@jumpserver opt]# cd /opt/jumpserver-master/install/
[root@jumpserver install]# pip install -r requirements.txt
[root@jump install]# python install.py
[root@jump install]# python install.py
输入jumpserver的地址,默认为:”192.168.1.200”,回车即可。 是否安装MySQL:选择”y”进行安装
MySQL 启动后会要求用户输入 邮件服务器及账户(后期用来发送用户名、ssh pass、web pass、ssh key)163邮箱用授权密码,而不是登入密码 ,切记 。
继续 python install.py 进行安装,并且输入 web管理员用户名和管理员密码,ok
-
运行 crontab,定期处理失效连接,定期更新资产信息
cd /opt/jumpserver python manage.py crontab add
说明:
1)根据提示输入相关信息,完成安装,安装完成后,请访问web,继续查看后续文档;
2)如果启动失败,请返回上层目录,手动运行 ./service.sh start 启动;
3)如果 ./service.sh start 启动失败 cd /opt/jumpserver python manage.py runserver 0.0.0.0:80 python run_websocket.py;
4)如果启动失败,可能是由于8000或80端口和3000端口已经被占用,或者数据库账号密码不对,请检查。
-
web登入
-
distribute_setup.py脚本
-
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537
#!python"""Bootstrap distribute installationIf you want to use setuptools in your package's setup.py, just include thisfile in the same directory with it, and add this to the top of your setup.py::from distribute_setup import use_setuptoolsuse_setuptools()If you want to require a specific version of setuptools, set a downloadmirror, or use an alternate download directory, you can do so by supplyingthe appropriate options to ``use_setuptools()``.This file can also be run as a script to install or upgrade setuptools."""importosimportshutilimportsysimporttimeimportfnmatchimporttempfileimporttarfileimportoptparsefromdistutilsimportlogtry:fromsiteimportUSER_SITEexceptImportError:USER_SITE=Nonetry:importsubprocessdef_python_cmd(*args):args=(sys.executable,)+argsreturnsubprocess.call(args)==0exceptImportError:# will be used for python 2.3def_python_cmd(*args):args=(sys.executable,)+args# quoting arguments if windowsifsys.platform=='win32':defquote(arg):if' 'inarg:return'"%s"'%argreturnargargs=[quote(arg)forarginargs]returnos.spawnl(os.P_WAIT, sys.executable,*args)==0DEFAULT_VERSION="0.6.49"DEFAULT_URL="http://pypi.python.org/packages/source/d/distribute/"SETUPTOOLS_FAKED_VERSION="0.6c11"SETUPTOOLS_PKG_INFO="""\Metadata-Version: 1.0Name: setuptoolsVersion: %sSummary: xxxxHome-page: xxxAuthor: xxxAuthor-email: xxxLicense: xxxDescription: xxx"""%SETUPTOOLS_FAKED_VERSIONdef_install(tarball, install_args=()):# extracting the tarballtmpdir=tempfile.mkdtemp()log.warn('Extracting in %s', tmpdir)old_wd=os.getcwd()try:os.chdir(tmpdir)tar=tarfile.open(tarball)_extractall(tar)tar.close()# going in the directorysubdir=os.path.join(tmpdir, os.listdir(tmpdir)[0])os.chdir(subdir)log.warn('Now working in %s', subdir)# installinglog.warn('Installing Distribute')ifnot_python_cmd('setup.py','install',*install_args):log.warn('Something went wrong during the installation.')log.warn('See the error message above.')# exitcode will be 2return2finally:os.chdir(old_wd)shutil.rmtree(tmpdir)def_build_egg(egg, tarball, to_dir):# extracting the tarballtmpdir=tempfile.mkdtemp()log.warn('Extracting in %s', tmpdir)old_wd=os.getcwd()try:os.chdir(tmpdir)tar=tarfile.open(tarball)_extractall(tar)tar.close()# going in the directorysubdir=os.path.join(tmpdir, os.listdir(tmpdir)[0])os.chdir(subdir)log.warn('Now working in %s', subdir)# building an egglog.warn('Building a Distribute egg in %s', to_dir)_python_cmd('setup.py','-q','bdist_egg','--dist-dir', to_dir)finally:os.chdir(old_wd)shutil.rmtree(tmpdir)# returning the resultlog.warn(egg)ifnotos.path.exists(egg):raiseIOError('Could not build the egg.')def_do_download(version, download_base, to_dir, download_delay):egg=os.path.join(to_dir,'distribute-%s-py%d.%d.egg'%(version, sys.version_info[0], sys.version_info[1]))ifnotos.path.exists(egg):tarball=download_setuptools(version, download_base,to_dir, download_delay)_build_egg(egg, tarball, to_dir)sys.path.insert(0, egg)importsetuptoolssetuptools.bootstrap_install_from=eggdefuse_setuptools(version=DEFAULT_VERSION, download_base=DEFAULT_URL,to_dir=os.curdir, download_delay=15, no_fake=True):# making sure we use the absolute pathto_dir=os.path.abspath(to_dir)was_imported='pkg_resources'insys.modulesor\'setuptools'insys.modulestry:try:importpkg_resources# Setuptools 0.7b and later is a suitable (and preferable)# substitute for any Distribute version.try:pkg_resources.require("setuptools>=0.7b")returnexcept(pkg_resources.DistributionNotFound,pkg_resources.VersionConflict):passifnothasattr(pkg_resources,'_distribute'):ifnotno_fake:_fake_setuptools()raiseImportErrorexceptImportError:return_do_download(version, download_base, to_dir, download_delay)try:pkg_resources.require("distribute>="+version)returnexceptpkg_resources.VersionConflict:e=sys.exc_info()[1]ifwas_imported:sys.stderr.write("The required version of distribute (>=%s) is not available,\n""and can't be installed while this script is running. Please\n""install a more recent version first, using\n""'easy_install -U distribute'.""\n\n(Currently using %r)\n"%(version, e.args[0]))sys.exit(2)else:delpkg_resources, sys.modules['pkg_resources']# reload okreturn_do_download(version, download_base, to_dir,download_delay)exceptpkg_resources.DistributionNotFound:return_do_download(version, download_base, to_dir,download_delay)finally:ifnotno_fake:_create_fake_setuptools_pkg_info(to_dir)defdownload_setuptools(version=DEFAULT_VERSION, download_base=DEFAULT_URL,to_dir=os.curdir, delay=15):"""Download distribute from a specified location and return its filename`version` should be a valid distribute version number that is availableas an egg for download under the `download_base` URL (which should endwith a '/'). `to_dir` is the directory where the egg will be downloaded.`delay` is the number of seconds to pause before an actual downloadattempt."""# making sure we use the absolute pathto_dir=os.path.abspath(to_dir)try:fromurllib.requestimporturlopenexceptImportError:fromurllib2importurlopentgz_name="distribute-%s.tar.gz"%versionurl=download_base+tgz_namesaveto=os.path.join(to_dir, tgz_name)src=dst=Noneifnotos.path.exists(saveto):# Avoid repeated downloadstry:log.warn("Downloading %s", url)src=urlopen(url)# Read/write all in one block, so we don't create a corrupt file# if the download is interrupted.data=src.read()dst=open(saveto,"wb")dst.write(data)finally:ifsrc:src.close()ifdst:dst.close()returnos.path.realpath(saveto)def_no_sandbox(function):def__no_sandbox(*args,**kw):try:fromsetuptools.sandboximportDirectorySandboxifnothasattr(DirectorySandbox,'_old'):defviolation(*args):passDirectorySandbox._old=DirectorySandbox._violationDirectorySandbox._violation=violationpatched=Trueelse:patched=FalseexceptImportError:patched=Falsetry:returnfunction(*args,**kw)finally:ifpatched:DirectorySandbox._violation=DirectorySandbox._olddelDirectorySandbox._oldreturn__no_sandboxdef_patch_file(path, content):"""Will backup the file then patch it"""f=open(path)existing_content=f.read()f.close()ifexisting_content==content:# already patchedlog.warn('Already patched.')returnFalselog.warn('Patching...')_rename_path(path)f=open(path,'w')try:f.write(content)finally:f.close()returnTrue_patch_file=_no_sandbox(_patch_file)def_same_content(path, content):f=open(path)existing_content=f.read()f.close()returnexisting_content==contentdef_rename_path(path):new_name=path+'.OLD.%s'%time.time()log.warn('Renaming %s to %s', path, new_name)os.rename(path, new_name)returnnew_namedef_remove_flat_installation(placeholder):ifnotos.path.isdir(placeholder):log.warn('Unkown installation at %s', placeholder)returnFalsefound=Falseforfileinos.listdir(placeholder):iffnmatch.fnmatch(file,'setuptools*.egg-info'):found=Truebreakifnotfound:log.warn('Could not locate setuptools*.egg-info')returnlog.warn('Moving elements out of the way...')pkg_info=os.path.join(placeholder,file)ifos.path.isdir(pkg_info):patched=_patch_egg_dir(pkg_info)else:patched=_patch_file(pkg_info, SETUPTOOLS_PKG_INFO)ifnotpatched:log.warn('%s already patched.', pkg_info)returnFalse# now let's move the files out of the wayforelementin('setuptools','pkg_resources.py','site.py'):element=os.path.join(placeholder, element)ifos.path.exists(element):_rename_path(element)else:log.warn('Could not find the %s element of the ''Setuptools distribution', element)returnTrue_remove_flat_installation=_no_sandbox(_remove_flat_installation)def_after_install(dist):log.warn('After install bootstrap.')placeholder=dist.get_command_obj('install').install_purelib_create_fake_setuptools_pkg_info(placeholder)def_create_fake_setuptools_pkg_info(placeholder):ifnotplaceholderornotos.path.exists(placeholder):log.warn('Could not find the install location')returnpyver='%s.%s'%(sys.version_info[0], sys.version_info[1])setuptools_file='setuptools-%s-py%s.egg-info'%\(SETUPTOOLS_FAKED_VERSION, pyver)pkg_info=os.path.join(placeholder, setuptools_file)ifos.path.exists(pkg_info):log.warn('%s already exists', pkg_info)returnlog.warn('Creating %s', pkg_info)try:f=open(pkg_info,'w')exceptEnvironmentError:log.warn("Don't have permissions to write %s, skipping", pkg_info)returntry:f.write(SETUPTOOLS_PKG_INFO)finally:f.close()pth_file=os.path.join(placeholder,'setuptools.pth')log.warn('Creating %s', pth_file)f=open(pth_file,'w')try:f.write(os.path.join(os.curdir, setuptools_file))finally:f.close()_create_fake_setuptools_pkg_info=_no_sandbox(_create_fake_setuptools_pkg_info)def_patch_egg_dir(path):# let's check if it's already patchedpkg_info=os.path.join(path,'EGG-INFO','PKG-INFO')ifos.path.exists(pkg_info):if_same_content(pkg_info, SETUPTOOLS_PKG_INFO):log.warn('%s already patched.', pkg_info)returnFalse_rename_path(path)os.mkdir(path)os.mkdir(os.path.join(path,'EGG-INFO'))pkg_info=os.path.join(path,'EGG-INFO','PKG-INFO')f=open(pkg_info,'w')try:f.write(SETUPTOOLS_PKG_INFO)finally:f.close()returnTrue_patch_egg_dir=_no_sandbox(_patch_egg_dir)def_before_install():log.warn('Before install bootstrap.')_fake_setuptools()def_under_prefix(location):if'install'notinsys.argv:returnTrueargs=sys.argv[sys.argv.index('install')+1:]forindex, arginenumerate(args):foroptionin('--root','--prefix'):ifarg.startswith('%s='%option):top_dir=arg.split('root=')[-1]returnlocation.startswith(top_dir)elifarg==option:iflen(args) > index:top_dir=args[index+1]returnlocation.startswith(top_dir)ifarg=='--user'andUSER_SITEisnotNone:returnlocation.startswith(USER_SITE)returnTruedef_fake_setuptools():log.warn('Scanning installed packages')try:importpkg_resourcesexceptImportError:# we're coollog.warn('Setuptools or Distribute does not seem to be installed.')returnws=pkg_resources.working_settry:setuptools_dist=ws.find(pkg_resources.Requirement.parse('setuptools', replacement=False))exceptTypeError:# old distribute APIsetuptools_dist=ws.find(pkg_resources.Requirement.parse('setuptools'))ifsetuptools_distisNone:log.warn('No setuptools distribution found')return# detecting if it was already fakedsetuptools_location=setuptools_dist.locationlog.warn('Setuptools installation detected at %s', setuptools_location)# if --root or --preix was provided, and if# setuptools is not located in them, we don't patch itifnot_under_prefix(setuptools_location):log.warn('Not patching, --root or --prefix is installing Distribute'' in another location')return# let's see if its an eggifnotsetuptools_location.endswith('.egg'):log.warn('Non-egg installation')res=_remove_flat_installation(setuptools_location)ifnotres:returnelse:log.warn('Egg installation')pkg_info=os.path.join(setuptools_location,'EGG-INFO','PKG-INFO')if(os.path.exists(pkg_info)and_same_content(pkg_info, SETUPTOOLS_PKG_INFO)):log.warn('Already patched.')returnlog.warn('Patching...')# let's create a fake egg replacing setuptools oneres=_patch_egg_dir(setuptools_location)ifnotres:returnlog.warn('Patching complete.')_relaunch()def_relaunch():log.warn('Relaunching...')# we have to relaunch the process# pip marker to avoid a relaunch bug_cmd1=['-c','install','--single-version-externally-managed']_cmd2=['-c','install','--record']ifsys.argv[:3]==_cmd1orsys.argv[:3]==_cmd2:sys.argv[0]='setup.py'args=[sys.executable]+sys.argvsys.exit(subprocess.call(args))def_extractall(self, path=".", members=None):"""Extract all members from the archive to the current workingdirectory and set owner, modification time and permissions ondirectories afterwards. `path' specifies a different directoryto extract to. `members' is optional and must be a subset of thelist returned by getmembers()."""importcopyimportoperatorfromtarfileimportExtractErrordirectories=[]ifmembersisNone:members=selffortarinfoinmembers:iftarinfo.isdir():# Extract directories with a safe mode.directories.append(tarinfo)tarinfo=copy.copy(tarinfo)tarinfo.mode=448# decimal for oct 0700self.extract(tarinfo, path)# Reverse sort directories.ifsys.version_info < (2,4):defsorter(dir1, dir2):returncmp(dir1.name, dir2.name)directories.sort(sorter)directories.reverse()else:directories.sort(key=operator.attrgetter('name'), reverse=True)# Set correct owner, mtime and filemode on directories.fortarinfoindirectories:dirpath=os.path.join(path, tarinfo.name)try:self.chown(tarinfo, dirpath)self.utime(tarinfo, dirpath)self.chmod(tarinfo, dirpath)exceptExtractError:e=sys.exc_info()[1]ifself.errorlevel >1:raiseelse:self._dbg(1,"tarfile: %s"%e)def_build_install_args(options):"""Build the arguments to 'python setup.py install' on the distribute package"""install_args=[]ifoptions.user_install:ifsys.version_info < (2,6):log.warn("--user requires Python 2.6 or later")raiseSystemExit(1)install_args.append('--user')returninstall_argsdef_parse_args():"""Parse the command line for options"""parser=optparse.OptionParser()parser.add_option('--user', dest='user_install', action='store_true', default=False,help='install in user site package (requires Python 2.6 or later)')parser.add_option('--download-base', dest='download_base', metavar="URL",default=DEFAULT_URL,help='alternative URL from where to download the distribute package')options, args=parser.parse_args()# positional arguments are ignoredreturnoptionsdefmain(version=DEFAULT_VERSION):"""Install or upgrade setuptools and EasyInstall"""options=_parse_args()tarball=download_setuptools(download_base=options.download_base)return_install(tarball, _build_install_args(options))if__name__=='__main__':sys.exit(main())
本文转自品鉴初心51CTO博客,原文链接:http://blog.51cto.com/wutengfei/1975003,如需转载请自行联系原作者
