Changeset 1726
- Timestamp:
- Nov 20, 2008, 10:46:54 PM (17 years ago)
- Location:
- trunk/packages
- Files:
-
- 2 edited
-
invirt-console-server/files/usr/bin/invirt-consolefs (modified) (1 diff)
-
invirt-remote-server/files/usr/sbin/invirt-remconffs (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/packages/invirt-console-server/files/usr/bin/invirt-consolefs
r1713 r1726 16 16 17 17 class ConsoleFS(routefs.RouteFS): 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 18 """ 19 ConsoleFS creates a series of subdirectories each mirroring the same real 20 directory, except for a single file - the .k5login - which is dynamically 21 generated for each subdirectory 22 """ 23 24 def __init__(self, *args, **kw): 25 """Initialize the filesystem and set it to allow_other access besides 26 the user who mounts the filesystem (i.e. root) 27 """ 28 super(ConsoleFS, self).__init__(*args, **kw) 29 self.lasttime = 0 30 self.machines = [] 31 self.fuse_args.add("allow_other", True) 32 33 openlog('invirt-consolefs ', LOG_PID, LOG_DAEMON) 34 35 syslog(LOG_DEBUG, 'Init complete.') 36 37 def make_map(self): 38 m = Mapper() 39 m.connect('', controller='getMachines') 40 m.connect(':machine', controller='getMirror') 41 m.connect(':machine/.k5login', controller='getK5login') 42 m.connect(':machine/*(path)', controller='getMirror') 43 return m 44 45 def recache(self): 46 if time() - self.lasttime > 5: 47 self.lasttime = time() 48 database.clear_cache() 49 self.machines = dict((machine.name, machine) for machine in database.session.query(database.Machine).all()) 50 50 51 52 53 54 55 56 57 58 59 60 61 # where there is already a .k5login in the realpath gracefully62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 51 def getMachines(self, **kw): 52 self.recache() 53 return self.machines.keys() 54 55 def getMirror(self, machine, path='', **kw): 56 """Translate the path into its realpath equivalent, and return that 57 """ 58 real = realpath + path 59 if os.path.isdir(real): 60 # The list is converted to a set so that we can handle the case 61 # where there is already a .k5login in the realpath gracefully 62 return routefs.Directory(set(os.listdir(real) + ['.k5login'])) 63 elif os.path.islink(real): 64 return routefs.Symlink(os.readlink(real)) 65 elif os.path.isfile(real): 66 return open(real).read() 67 else: 68 return -errno.EINVAL 69 70 def getK5login(self, machine, **kw): 71 self.recache() 72 machine = self.machines[machine] 73 users = [acl.user for acl in machine.acl] 74 return "\n".join(map(self.userToPrinc, users) + ['']) 75 76 def mirrorPath(self, path): 77 """Translate a virtual path to its real path counterpart""" 78 return realpath + "/".join(getParts(path)[1:]) 79 80 def userToPrinc(self, user): 81 """Convert Kerberos v4-style names to v5-style and append a default 82 realm if none is specified 83 """ 84 if '@' in user: 85 (princ, realm) = user.split('@') 86 else: 87 princ = user 88 realm = config.authn[0].realm 89 90 return princ.replace('.', '/') + '@' + realm 91 91 92 92 if __name__ == '__main__': 93 94 93 database.connect() 94 routefs.main(ConsoleFS) -
trunk/packages/invirt-remote-server/files/usr/sbin/invirt-remconffs
r1701 r1726 11 11 12 12 class RemConfFS(routefs.RouteFS): 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 13 """ 14 RemConfFS creates a filesytem for configuring remctl, like this: 15 / 16 |-- acl 17 | |-- machine1 18 | ... 19 | `-- machinen 20 `-- conf 21 22 The machine list and the acls are drawn from a database. 23 """ 24 25 def __init__(self, *args, **kw): 26 """Initialize the filesystem and set it to allow_other access besides 27 the user who mounts the filesystem (i.e. root) 28 """ 29 super(RemConfFS, self).__init__(*args, **kw) 30 self.lasttime = 0 31 self.fuse_args.add("allow_other", True) 32 33 openlog('invirt-remconffs ', LOG_PID, LOG_DAEMON) 34 35 syslog(LOG_DEBUG, 'Init complete.') 36 37 def make_map(self): 38 m = Mapper() 39 m.connect('', controller='getroot') 40 m.connect('acl', controller='getmachines') 41 m.connect('acl/:machine', controller='getacl') 42 m.connect('conf', controller='getconf') 43 return m 44 45 def recache(self): 46 if time() - self.lasttime > 5: 47 self.lasttime = time() 48 database.clear_cache() 49 self.machines = dict((machine.name, machine) for machine in database.session.query(database.Machine).all()) 50 51 def getroot(self, **kw): 52 return ['acl', 'conf'] 53 54 def getacl(self, machine, **kw): 55 """Build the ACL file for a machine 56 """ 57 self.recache() 58 machine = self.machines[machine] 59 users = [acl.user for acl in machine.acl] 60 return "\n".join(map(self.userToPrinc, users) 61 + ['include /etc/remctl/acl/web', 62 '']) 63 64 def getconf(self, **kw): 65 """Build the master conf file, with all machines 66 """ 67 return '\n'.join("control %s /usr/sbin/invirt-remote-proxy-control" 68 " /etc/remctl/remconffs/acl/%s" 69 % (machine_name, machine_name) 70 for machine_name in self.getmachines())+'\n' 71 72 def getmachines(self, **kw): 73 """Get the list of VMs in the database, clearing the cache if it's 74 older than 15 seconds""" 75 self.recache() 76 return self.machines.keys() 77 78 def userToPrinc(self, user): 79 """Convert Kerberos v4-style names to v5-style and append a default 80 realm if none is specified 81 """ 82 if '@' in user: 83 (princ, realm) = user.split('@') 84 else: 85 princ = user 86 realm = config.authn[0].realm 87 88 return princ.replace('.', '/') + '@' + realm 89 89 90 90 if __name__ == '__main__': 91 92 91 database.connect() 92 routefs.main(RemConfFS)
Note: See TracChangeset
for help on using the changeset viewer.
