Revision 70d9e3d8 lib/backend.py
b/lib/backend.py | ||
---|---|---|
88 | 88 |
- adds the ssh public key to the users' authorized_keys file |
89 | 89 |
|
90 | 90 |
""" |
91 |
user_dir = utils.GetHomeDir(constants.GANETI_RUNAS) |
|
92 |
if not user_dir: |
|
93 |
logger.Error("Cannot find home of run-as user %s" % constants.GANETI_RUNAS) |
|
94 |
return False |
|
95 |
|
|
96 |
sshd_keys = [("ssh_host_rsa_key", rsa, 0600), |
|
97 |
("ssh_host_rsa_key.pub", rsapub, 0644), |
|
98 |
("ssh_host_dsa_key", dsa, 0600), |
|
99 |
("ssh_host_dsa_key.pub", dsapub, 0644)] |
|
91 |
sshd_keys = [(constants.SSH_HOST_RSA_PRIV, rsa, 0600), |
|
92 |
(constants.SSH_HOST_RSA_PUB, rsapub, 0644), |
|
93 |
(constants.SSH_HOST_DSA_PRIV, dsa, 0600), |
|
94 |
(constants.SSH_HOST_DSA_PUB, dsapub, 0644)] |
|
100 | 95 |
for name, content, mode in sshd_keys: |
101 |
utils.WriteFile(os.path.join(constants.SSH_CONFIG_DIR, name), |
|
102 |
data=content, mode=mode) |
|
103 |
|
|
104 |
user_ssh_dir = os.path.join(user_dir, ".ssh") |
|
96 |
utils.WriteFile(name, data=content, mode=mode) |
|
105 | 97 |
|
106 |
if not os.path.isdir(user_ssh_dir): |
|
107 |
os.mkdir(user_ssh_dir) |
|
98 |
try: |
|
99 |
priv_key, pub_key, auth_keys = ssh.GetUserFiles(constants.GANETI_RUNAS, |
|
100 |
mkdir=True) |
|
101 |
except errors.OpExecError, err: |
|
102 |
logger.Error("Error while processing user ssh files: %s" % err) |
|
103 |
return False |
|
108 | 104 |
|
109 |
for name, content in [("id_dsa", sshkey), ("id_dsa.pub", sshpub)]:
|
|
110 |
utils.WriteFile(os.path.join(user_ssh_dir, name), data=content, mode=0600)
|
|
105 |
for name, content in [(priv_key, sshkey), (pub_key, sshpub)]:
|
|
106 |
utils.WriteFile(name, data=content, mode=0600)
|
|
111 | 107 |
|
112 |
utils.AddAuthorizedKey(os.path.join(user_ssh_dir, "authorized_keys"), sshpub)
|
|
108 |
utils.AddAuthorizedKey(auth_keys, sshpub)
|
|
113 | 109 |
|
114 | 110 |
utils.RunCmd([constants.SSH_INITD_SCRIPT, "restart"]) |
115 | 111 |
|
... | ... | |
126 | 122 |
if os.path.isfile(full_name) and not os.path.islink(full_name): |
127 | 123 |
utils.RemoveFile(full_name) |
128 | 124 |
|
129 |
user_dir = utils.GetHomeDir(constants.GANETI_RUNAS) |
|
130 |
if not user_dir: |
|
131 |
logger.Error("Cannot find home of run-as user %s" % constants.GANETI_RUNAS) |
|
132 |
return |
|
133 |
|
|
134 |
user_ssh_dir = os.path.join(user_dir, ".ssh") |
|
135 | 125 |
|
136 |
if not os.path.isdir(user_ssh_dir): |
|
137 |
logger.Error("User's ssh dir '%s' does not exist?!" % user_ssh_dir) |
|
126 |
try: |
|
127 |
priv_key, pub_key, auth_keys = ssh.GetUserFiles(constants.GANETI_RUNAS) |
|
128 |
except errors.OpExecError, err: |
|
129 |
logger.Error("Error while processing ssh files: %s" % err) |
|
138 | 130 |
return |
139 | 131 |
|
140 |
f = open(os.path.join(user_ssh_dir, "id_dsa.pub"), 'r')
|
|
132 |
f = open(pub_key, 'r')
|
|
141 | 133 |
try: |
142 |
utils.RemoveAuthorizedKey(os.path.join(user_ssh_dir, "authorized_keys"), |
|
143 |
f.read(8192)) |
|
134 |
utils.RemoveAuthorizedKey(auth_keys, f.read(8192)) |
|
144 | 135 |
finally: |
145 | 136 |
f.close() |
146 | 137 |
|
147 |
|
|
148 |
utils.RemoveFile(os.path.join(user_ssh_dir, "id_dsa")) |
|
149 |
utils.RemoveFile(os.path.join(user_ssh_dir, "id_dsa.pub")) |
|
138 |
utils.RemoveFile(priv_key) |
|
139 |
utils.RemoveFile(pub_key) |
|
150 | 140 |
|
151 | 141 |
|
152 | 142 |
def GetNodeInfo(vgname): |
Also available in: Unified diff