Last change
on this file since 252 was
249,
checked in by ecprice, 17 years ago
|
The code to redo the acls that we made a couple weeks ago.
|
File size:
1.4 KB
|
Line | |
---|
1 | #!/usr/bin/python |
---|
2 | from sipb_xen_database import * |
---|
3 | import sys |
---|
4 | import getafsgroups |
---|
5 | import subprocess |
---|
6 | |
---|
7 | def expandLocker(name): |
---|
8 | groups = getafsgroups.getLockerAcl(name) |
---|
9 | cell = getafsgroups.getCell(name) |
---|
10 | ans = set() |
---|
11 | for group in groups: |
---|
12 | if ':' in group: |
---|
13 | ans.update(getafsgroups.getAfsGroupMembers(group, cell)) |
---|
14 | else: |
---|
15 | ans.add(group) |
---|
16 | return ans |
---|
17 | |
---|
18 | def isUser(name): |
---|
19 | p = subprocess.Popen(['vos', 'examine', 'user.'+name], |
---|
20 | stdout=subprocess.PIPE, stderr=subprocess.PIPE) |
---|
21 | if p.wait(): |
---|
22 | return False |
---|
23 | return True |
---|
24 | |
---|
25 | |
---|
26 | def expandName(name): |
---|
27 | if ':' not in name: |
---|
28 | if isUser(name): |
---|
29 | return [name] |
---|
30 | name = 'system:'+name |
---|
31 | return getafsgroups.getAfsGroupMembers(name, 'athena.mit.edu') |
---|
32 | |
---|
33 | if __name__ == '__main__': |
---|
34 | connect('postgres://sipb-xen@sipb-xen-dev/sipb_xen') |
---|
35 | |
---|
36 | machines = Machine.select() |
---|
37 | for m in machines: |
---|
38 | people = set() |
---|
39 | people.update(expandLocker(m.owner)) |
---|
40 | people.update(expandName(m.administrator)) |
---|
41 | print '%s: %s' % (m.name, ' '.join(people)) |
---|
42 | transaction = ctx.current.create_transaction() |
---|
43 | for u in m.users: |
---|
44 | ctx.current.delete(u) |
---|
45 | for p in people: |
---|
46 | ma = MachineAccess(machine_id=m.machine_id, user=p) |
---|
47 | ctx.current.save(ma) |
---|
48 | ctx.current.flush() |
---|
49 | transaction.commit() |
---|
Note: See
TracBrowser
for help on using the repository browser.