Changeset 2234
- Timestamp:
- Feb 27, 2009, 9:35:15 PM (16 years ago)
- Location:
- trunk/packages/invirt-remote
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/packages/invirt-remote/debian/changelog
r2188 r2234 1 invirt-remote (0.3.8) unstable; urgency=low 2 3 * Allow anyone on the adminacl to issue web remctls. 4 5 -- Evan Broder <broder@mit.edu> Fri, 27 Feb 2009 21:28:19 -0500 6 1 7 invirt-remote (0.3.7) unstable; urgency=low 2 8 -
trunk/packages/invirt-remote/server/etc/remctl/conf.d/invirt-web
r1822 r2234 1 web ALL /usr/sbin/invirt-remote-proxy-web /etc/remctl/ acl/web1 web ALL /usr/sbin/invirt-remote-proxy-web /etc/remctl/remconffs/adminacl 2 2 control help /usr/sbin/invirt-remctl-help ANYUSER 3 3 help ALL /usr/sbin/invirt-remctl-help ANYUSER -
trunk/packages/invirt-remote/server/usr/sbin/invirt-remconffs
r1836 r2234 15 15 RemConfFS creates a filesytem for configuring remctl, like this: 16 16 / 17 |-- adminacl 17 18 |-- acl 18 19 | |-- machine1 … … 40 41 m.connect('acl', controller='getmachines') 41 42 m.connect('acl/:machine', controller='getacl') 43 m.connect('adminacl', controller='getadmin') 42 44 m.connect('conf', controller='getconf') 43 45 return m 44 46 45 47 def getroot(self, **kw): 46 return ['a cl', 'conf']48 return ['adminacl', 'acl', 'conf'] 47 49 48 50 def getacl(self, machine, **kw): … … 71 73 """Get the list of VMs in the database. Does not cache to prevent race conditions.""" 72 74 return list(row[0] for row in database.session.execute(sa.sql.select([database.Machine.c.name]))) 75 76 def getadmin(self, **kw): 77 """ 78 Get the list of administrators for the global ACL. 79 """ 80 acl = [self.userToPrinc(row[0]) for row in database.session.execute(sa.sql.select([database.admins_table.c.user]))] 81 acl.append('include /etc/remctl/acl/web\n') 82 return '\n'.join(acl) 73 83 74 84 def userToPrinc(self, user):
Note: See TracChangeset
for help on using the changeset viewer.