Revision 70d9e3d8 lib/backend.py
| b/lib/backend.py | ||
|---|---|---|
| 88 | 88 |
- adds the ssh public key to the users' authorized_keys file |
| 89 | 89 |
|
| 90 | 90 |
""" |
| 91 |
user_dir = utils.GetHomeDir(constants.GANETI_RUNAS) |
|
| 92 |
if not user_dir: |
|
| 93 |
logger.Error("Cannot find home of run-as user %s" % constants.GANETI_RUNAS)
|
|
| 94 |
return False |
|
| 95 |
|
|
| 96 |
sshd_keys = [("ssh_host_rsa_key", rsa, 0600),
|
|
| 97 |
("ssh_host_rsa_key.pub", rsapub, 0644),
|
|
| 98 |
("ssh_host_dsa_key", dsa, 0600),
|
|
| 99 |
("ssh_host_dsa_key.pub", dsapub, 0644)]
|
|
| 91 |
sshd_keys = [(constants.SSH_HOST_RSA_PRIV, rsa, 0600), |
|
| 92 |
(constants.SSH_HOST_RSA_PUB, rsapub, 0644), |
|
| 93 |
(constants.SSH_HOST_DSA_PRIV, dsa, 0600), |
|
| 94 |
(constants.SSH_HOST_DSA_PUB, dsapub, 0644)] |
|
| 100 | 95 |
for name, content, mode in sshd_keys: |
| 101 |
utils.WriteFile(os.path.join(constants.SSH_CONFIG_DIR, name), |
|
| 102 |
data=content, mode=mode) |
|
| 103 |
|
|
| 104 |
user_ssh_dir = os.path.join(user_dir, ".ssh") |
|
| 96 |
utils.WriteFile(name, data=content, mode=mode) |
|
| 105 | 97 |
|
| 106 |
if not os.path.isdir(user_ssh_dir): |
|
| 107 |
os.mkdir(user_ssh_dir) |
|
| 98 |
try: |
|
| 99 |
priv_key, pub_key, auth_keys = ssh.GetUserFiles(constants.GANETI_RUNAS, |
|
| 100 |
mkdir=True) |
|
| 101 |
except errors.OpExecError, err: |
|
| 102 |
logger.Error("Error while processing user ssh files: %s" % err)
|
|
| 103 |
return False |
|
| 108 | 104 |
|
| 109 |
for name, content in [("id_dsa", sshkey), ("id_dsa.pub", sshpub)]:
|
|
| 110 |
utils.WriteFile(os.path.join(user_ssh_dir, name), data=content, mode=0600)
|
|
| 105 |
for name, content in [(priv_key, sshkey), (pub_key, sshpub)]:
|
|
| 106 |
utils.WriteFile(name, data=content, mode=0600)
|
|
| 111 | 107 |
|
| 112 |
utils.AddAuthorizedKey(os.path.join(user_ssh_dir, "authorized_keys"), sshpub)
|
|
| 108 |
utils.AddAuthorizedKey(auth_keys, sshpub)
|
|
| 113 | 109 |
|
| 114 | 110 |
utils.RunCmd([constants.SSH_INITD_SCRIPT, "restart"]) |
| 115 | 111 |
|
| ... | ... | |
| 126 | 122 |
if os.path.isfile(full_name) and not os.path.islink(full_name): |
| 127 | 123 |
utils.RemoveFile(full_name) |
| 128 | 124 |
|
| 129 |
user_dir = utils.GetHomeDir(constants.GANETI_RUNAS) |
|
| 130 |
if not user_dir: |
|
| 131 |
logger.Error("Cannot find home of run-as user %s" % constants.GANETI_RUNAS)
|
|
| 132 |
return |
|
| 133 |
|
|
| 134 |
user_ssh_dir = os.path.join(user_dir, ".ssh") |
|
| 135 | 125 |
|
| 136 |
if not os.path.isdir(user_ssh_dir): |
|
| 137 |
logger.Error("User's ssh dir '%s' does not exist?!" % user_ssh_dir)
|
|
| 126 |
try: |
|
| 127 |
priv_key, pub_key, auth_keys = ssh.GetUserFiles(constants.GANETI_RUNAS) |
|
| 128 |
except errors.OpExecError, err: |
|
| 129 |
logger.Error("Error while processing ssh files: %s" % err)
|
|
| 138 | 130 |
return |
| 139 | 131 |
|
| 140 |
f = open(os.path.join(user_ssh_dir, "id_dsa.pub"), 'r')
|
|
| 132 |
f = open(pub_key, 'r')
|
|
| 141 | 133 |
try: |
| 142 |
utils.RemoveAuthorizedKey(os.path.join(user_ssh_dir, "authorized_keys"), |
|
| 143 |
f.read(8192)) |
|
| 134 |
utils.RemoveAuthorizedKey(auth_keys, f.read(8192)) |
|
| 144 | 135 |
finally: |
| 145 | 136 |
f.close() |
| 146 | 137 |
|
| 147 |
|
|
| 148 |
utils.RemoveFile(os.path.join(user_ssh_dir, "id_dsa")) |
|
| 149 |
utils.RemoveFile(os.path.join(user_ssh_dir, "id_dsa.pub")) |
|
| 138 |
utils.RemoveFile(priv_key) |
|
| 139 |
utils.RemoveFile(pub_key) |
|
| 150 | 140 |
|
| 151 | 141 |
|
| 152 | 142 |
def GetNodeInfo(vgname): |
Also available in: Unified diff