import os
import logging
-import re
from ganeti import utils
from ganeti import errors
from ganeti import netutils
from ganeti import pathutils
from ganeti import vcluster
+from ganeti import compat
+
+
+def GetUserFiles(user, mkdir=False, dircheck=True, kind=constants.SSHK_DSA,
+ _homedir_fn=None):
+ """Return the paths of a user's SSH files.
+
+ @type user: string
+ @param user: Username
+ @type mkdir: bool
+ @param mkdir: Whether to create ".ssh" directory if it doesn't exist
+ @type dircheck: bool
+ @param dircheck: Whether to check if ".ssh" directory exists
+ @type kind: string
+ @param kind: One of L{constants.SSHK_ALL}
+ @rtype: tuple; (string, string, string)
+ @return: Tuple containing three file system paths; the private SSH key file,
+ the public SSH key file and the user's C{authorized_keys} file
+ @raise errors.OpExecError: When home directory of the user can not be
+ determined
+ @raise errors.OpExecError: Regardless of the C{mkdir} parameters, this
+ exception is raised if C{~$user/.ssh} is not a directory and C{dircheck}
+ is set to C{True}
+ """
+ if _homedir_fn is None:
+ _homedir_fn = utils.GetHomeDir
-def FormatParamikoFingerprint(fingerprint):
- """Format paramiko PKey fingerprint.
+ user_dir = _homedir_fn(user)
+ if not user_dir:
+ raise errors.OpExecError("Cannot resolve home of user '%s'" % user)
- @type fingerprint: str
- @param fingerprint: PKey fingerprint
- @return: The string hex representation of the fingerprint
+ if kind == constants.SSHK_DSA:
+ suffix = "dsa"
+ elif kind == constants.SSHK_RSA:
+ suffix = "rsa"
+ else:
+ raise errors.ProgrammerError("Unknown SSH key kind '%s'" % kind)
- """
- assert len(fingerprint) % 2 == 0
- return ":".join(re.findall(r"..", fingerprint.lower()))
+ ssh_dir = utils.PathJoin(user_dir, ".ssh")
+ if mkdir:
+ utils.EnsureDirs([(ssh_dir, constants.SECURE_DIR_MODE)])
+ elif dircheck and not os.path.isdir(ssh_dir):
+ raise errors.OpExecError("Path %s is not a directory" % ssh_dir)
+ return [utils.PathJoin(ssh_dir, base)
+ for base in ["id_%s" % suffix, "id_%s.pub" % suffix,
+ "authorized_keys"]]
-def GetUserFiles(user, mkdir=False):
- """Return the paths of a user's ssh files.
- The function will return a triplet (priv_key_path, pub_key_path,
- auth_key_path) that are used for ssh authentication. Currently, the
- keys used are DSA keys, so this function will return:
- (~user/.ssh/id_dsa, ~user/.ssh/id_dsa.pub,
- ~user/.ssh/authorized_keys).
+def GetAllUserFiles(user, mkdir=False, dircheck=True, _homedir_fn=None):
+ """Wrapper over L{GetUserFiles} to retrieve files for all SSH key types.
- If the optional parameter mkdir is True, the ssh directory will be
- created if it doesn't exist.
+ See L{GetUserFiles} for details.
- Regardless of the mkdir parameters, the script will raise an error
- if ~user/.ssh is not a directory.
+ @rtype: tuple; (string, dict with string as key, tuple of (string, string) as
+ value)
"""
- user_dir = utils.GetHomeDir(user)
- if not user_dir:
- raise errors.OpExecError("Cannot resolve home of user %s" % user)
+ helper = compat.partial(GetUserFiles, user, mkdir=mkdir, dircheck=dircheck,
+ _homedir_fn=_homedir_fn)
+ result = [(kind, helper(kind=kind)) for kind in constants.SSHK_ALL]
- ssh_dir = utils.PathJoin(user_dir, ".ssh")
- if mkdir:
- utils.EnsureDirs([(ssh_dir, constants.SECURE_DIR_MODE)])
- elif not os.path.isdir(ssh_dir):
- raise errors.OpExecError("Path %s is not a directory" % ssh_dir)
+ authorized_keys = [i for (_, (_, _, i)) in result]
- return [utils.PathJoin(ssh_dir, base)
- for base in ["id_dsa", "id_dsa.pub", "authorized_keys"]]
+ assert len(frozenset(authorized_keys)) == 1, \
+ "Different paths for authorized_keys were returned"
+
+ return (authorized_keys[0],
+ dict((kind, (privkey, pubkey))
+ for (kind, (privkey, pubkey, _)) in result))
class SshRunner:
if self.ipv6:
options.append("-6")
+ else:
+ options.append("-4")
return options
"else"
" echo \"$GANETI_HOSTNAME\";"
"fi")
- retval = self.Run(node, "root", cmd, quiet=False)
+ retval = self.Run(node, constants.SSH_LOGIN_USER, cmd, quiet=False)
if retval.failed:
msg = "ssh problem"
"""Writes the cluster-wide equally known_hosts file.
"""
- utils.WriteFile(file_name, mode=0600,
- data="%s ssh-rsa %s\n" % (cfg.GetClusterName(),
- cfg.GetHostKey()))
+ data = ""
+ if cfg.GetRsaHostKey():
+ data += "%s ssh-rsa %s\n" % (cfg.GetClusterName(), cfg.GetRsaHostKey())
+ if cfg.GetDsaHostKey():
+ data += "%s ssh-dss %s\n" % (cfg.GetClusterName(), cfg.GetDsaHostKey())
+
+ utils.WriteFile(file_name, mode=0600, data=data)
projects / ganeti-local / blobdiff