forked from saltstack-formulas/mysql-formula
-
Notifications
You must be signed in to change notification settings - Fork 0
/
import_users.py
executable file
·102 lines (90 loc) · 3.32 KB
/
import_users.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
#!/usr/bin/env python
"This script helps you to get mysql.user pillar from existent mysql server"
import argparse
import re
try:
import MySQLdb
except ImportError:
raise Exception("MySQLdb not found. Install MySQL-python package.")
__author__ = "Egor Potiomkin"
__version__ = "1.0"
__email__ = "eg13reg@gmail.com"
parser = argparse.ArgumentParser()
parser.add_argument('host', metavar='IP', help='host where you want to get users')
parser.add_argument('user', metavar='user', help='mysql user that can show grants')
parser.add_argument('-p', '--password', metavar='password', help='user password', required=False, default=None)
args = parser.parse_args()
# PARSE GRANTS
connection_config = {
"host": args.host,
"user": args.user,
"db": "mysql",
"use_unicode": True,
"charset": 'utf8'
}
if args.password: # some mysql environments (developer ones) use no password
connection_config['passwd'] = args.password
mysqlcon = MySQLdb.connect(
**connection_config
)
mysqlCur = mysqlcon.cursor(MySQLdb.cursors.DictCursor)
mysqlCur.execute(r'''select user,host from mysql.user;''')
rows = mysqlCur.fetchall()
users = []
for row in rows:
users.append({'name': row['user'], 'host': row['host']})
mysqlCur = mysqlcon.cursor()
grants = []
for user in users:
q = r'''show grants for '%s'@'%s';''' % (user['name'], user['host'])
try:
user['grants'] = []
mysqlCur.execute(q)
rows = mysqlCur.fetchall()
for row in rows:
mpass = re.search(
r"""GRANT USAGE ON \*\.\* TO .* IDENTIFIED BY PASSWORD '(\*[A-F0-9]*)\'""",
row[0])
if mpass is None:
mgrant = re.search(
r"""GRANT ([\s,A-Z_]+) ON `?([a-zA-Z0-9_\-*\\]*)`?\.`?([a-zA-Z0-9_\-*\\]*)`? TO .*""",
row[0])
if mgrant is not None:
user['grants'].append(
{
'grant': [x.strip() for x in mgrant.group(1).split(',')],
'database': mgrant.group(2).replace('\\', ''),
'table': mgrant.group(3).replace('\\', '')
}
)
else:
print("ERROR: CAN NOT PARSE GRANTS: ", row[0])
else:
user['password'] = mpass.group(1)
except MySQLdb.DatabaseError:
print(
"Error while getting grants for '%s'@'%s'" % (user['name'], user['host'])
)
""" PRINT EXAMPLE
mysql:
user:
username:
host: host
password_hash: '*2792A97371B2D17789364A22A9B35D180166571A'
databases:
- database: testbase
table: table1
grants: ['select']
"""
print("mysql:")
print(" user:")
for user in users:
print(" %s:" % user['name'])
print(" host: '%s'" % user['host'])
if ('password' in user):
print(" password_hash: '%s'" % user['password'])
print(" databases:")
for grant in user['grants']:
print(" - database: '%s'" % grant['database'])
print(" table: '%s'" % grant['table'])
print(" grants: ['%s']" % "','".join(grant['grant']).lower())