Skip to content
Snippets Groups Projects
Select Git revision
  • 760d49b08248f4b50c1ad25abbfa37718089483f
  • master default protected
2 results

setup.py

Blame
    • import_users.py 2.46 KiB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79 
    

    

    

    #!/usr/bin/env python
"This script helps you to get mysql.user pillar from existent mysql server"

import argparse
import MySQLdb
import re

__author__ = "Egor Potiomkin"
__version__ = "1.0"
__email__ = "eg13reg@gmail.com"

parser = argparse.ArgumentParser()
parser.add_argument('host', metavar='IP', help='host where you want to get users')
parser.add_argument('user', metavar='user', help='mysql user that can show grants')
parser.add_argument('password', metavar='password', help='user password')
args = parser.parse_args()

# PARSE GRANTS 
mysqlcon = MySQLdb.connect(host=args.host,user=args.user,passwd=args.password,db="mysql",use_unicode=True, charset='utf8')
mysqlCur = mysqlcon.cursor(MySQLdb.cursors.DictCursor)

mysqlCur.execute(r'''select user,host from mysql.user;''')
rows = mysqlCur.fetchall()
users = []

for row in rows:
	users.append({'name': row['user'], 'host': row['host']});

mysqlCur = mysqlcon.cursor()
grants = []
for user in users:
	q = r'''show grants for '%s'@'%s';''' % (user['name'], user['host'])
	try:
		user['grants'] = []
		mysqlCur.execute(q)
		rows = mysqlCur.fetchall()
		for row in rows:
			mpass = re.search(
				r"""GRANT USAGE ON \*\.\* TO .* IDENTIFIED BY PASSWORD '(\*[A-F0-9]*)\'""",
				row[0])
			if mpass is None:
				mgrant = re.search(
					r"""GRANT ([\s,A-Z]+) ON `?([a-zA-Z0-9_\-*\\]*)`?\.`?([a-zA-Z0-9_\-*\\]*)`? TO .*""",
					row[0])
				if mgrant is not None:					
					user['grants'].append({'grant': [x.strip() for x in mgrant.group(1).split(',')], 'database': mgrant.group(2).replace('\\',''), 'table': mgrant.group(3).replace('\\','')})
				else:
					print "ERROR: CAN NOT PARSE GRANTS: ",row[0]
			else:
				user['password'] = mpass.group(1)

	except MySQLdb.DatabaseError:
		print "Error while getting grants for '%s'@'%s'" % (user['name'], user['host'])
#raise SystemExit
# PRINT RESULT
""" PRINT EXAMPLE
mysql:
  user:
    username:
      host: host
      password_hash: '*2792A97371B2D17789364A22A9B35D180166571A'
      databases:
        - database: testbase
          table: table1
          grants: ['select']
"""
print "mysql:"
print "  user:"
for user in users:
	print "    %s:" % user['name']
	print "      host: '%s'" % user['host']
	if ('password' in user):
		print "      password_hash: '%s'" % user['password']
	print "      databases:"
	for grant in user['grants']:
		print "        - database: '%s'" % grant['database']
		print "          table: '%s'" % grant['table']
		print "          grants: ['%s']" % "','".join(grant['grant']).lower()