Commit 3e3f7025 authored by David Johnson's avatar David Johnson

Fixes and additions.

parent 12d4e044
......@@ -93,7 +93,7 @@ def getXMLRPCAuthInfo():
def getXMLRPCServer(url=DEF_PLC_URL):
return xmlrpclib.Server(url,allow_none=True)
def plcAddUser(realname,email,passwd,keys=[],root=False):
def plcAddUser(realname,email,passwd,keys=[],root=False,pi=False):
auth = getXMLRPCAuthInfo()
server = getXMLRPCServer()
......@@ -126,10 +126,23 @@ def plcAddUser(realname,email,passwd,keys=[],root=False):
pass
pass
roles = []
if root:
server.AddRoleToPerson(auth,'admin',pid)
roles.append('admin')
pass
if pi:
roles.append('pi')
roles.append('tech')
pass
roles.append('user')
for role in roles:
server.AddRoleToPerson(auth,role,pid)
pass
server.AddPersonToSite(auth,pid,DEF_SITE_ID)
return pid
def plcDeleteUser(email):
......@@ -138,7 +151,7 @@ def plcDeleteUser(email):
return server.DeletePerson(auth,email)
def plcUpdateUser(realname,email,passwd,keys=[],root=False):
def plcUpdateUser(realname,email,passwd,keys=[],root=False,pi=False):
auth = getXMLRPCAuthInfo()
server = getXMLRPCServer()
......@@ -168,11 +181,43 @@ def plcUpdateUser(realname,email,passwd,keys=[],root=False):
'last_name' : ln })
pass
# update roles
if 'admin' in ulist[0]['roles'] and not root:
server.UpdatePerson(auth,email,{ 'roles' : [ 'user' ] })
roles = []
if root:
roles.append('admin')
pass
if pi:
roles.append('pi')
roles.append('tech')
pass
roles.append('user')
# update roles
# delete any:
for cr in ulist[0]['roles']:
found = False
for nr in roles:
if cr == nr:
found = True
break
pass
if not found:
server.DeleteRoleFromPerson(auth,cr,email)
pass
pass
# add any:
for nr in roles:
found = False
for cr in ulist[0]['roles']:
if nr == cr:
found = True
break
pass
if not found:
server.AddRoleToPerson(auth,nr,email)
pass
pass
# update keys
retlist = server.GetKeys(auth,ulist[0]['key_ids'],[ 'key_id','key' ])
keylist = map(lambda(x): x['key'],retlist)
......@@ -189,11 +234,12 @@ def plcUpdateUser(realname,email,passwd,keys=[],root=False):
pass
pass
# delete:
for ret in retlist:
if not ret['key'] in keylist:
server.DeletePersonKey(auth,ret['key_id'])
pass
pass
# Actually, don't delete keys; users might add them.
#for ret in retlist:
# if not ret['key'] in keylist:
# server.DeletePersonKey(auth,ret['key_id'])
# pass
# pass
# always update the password, it's easier than doing AuthCheck and all...
server.UpdatePerson(auth,email,{ 'password' : passwd })
......@@ -202,8 +248,8 @@ def plcUpdateUser(realname,email,passwd,keys=[],root=False):
def plcUpdateUsers(uplist=[]):
"""
Takes a list of (realname,email,passwd,keys=[],root=False) account tuples
and adds, deletes, and updates as needed.
Takes a list of (realname,email,passwd,keys=[],root=False,pi=False)
account tuples and adds, deletes, and updates as needed.
"""
auth = getXMLRPCAuthInfo()
server = getXMLRPCServer()
......@@ -246,12 +292,12 @@ def plcUpdateUsers(uplist=[]):
#print "alist = %s\n\nulist = %s\n\ndlist = %s\n" % (alist,ulist,dlist)
for als in alist:
print "Adding user %s" % als[1]
print "Adding user %s (%s)" % (als[1],str((als[4],als[5])))
plcAddUser(*als)
pass
for uls in ulist:
print "Updating user %s" % uls[1]
print "Updating user %s (%s)" % (uls[1],str((uls[4],uls[5])))
plcUpdateUser(*uls)
pass
......
......@@ -15,6 +15,7 @@ def runCommand(cmd):
output.append(line)
line = cp.readline()
pass
cp.close()
return output
def getHostname():
......@@ -22,7 +23,31 @@ def getHostname():
def doService(serviceName,serviceAction):
#print "Sending %s to %s" % (serviceAction,serviceName)
return os.system("service %s %s" % (serviceName,serviceAction))
pid = os.fork()
if pid == 0:
#
# These hacks seem necessary to prevent /sbin/service from somehow
# giving us zombies that then hang the parent perl process in
# rc.bootsetup. Not sure why...
#
sys.stdin.close()
sys.stderr.close()
sys.stdout.close()
sys.stdout = open('/dev/null','w')
sys.stderr = open('/dev/null','w')
os.execvp("/sbin/service",('service',serviceName,serviceAction))
sys.exit(0)
pass
else:
os.wait()
pass
#retval = runCommand("/sbin/service %s %s" % (serviceName,serviceAction))
#if retval != None:
# for line in retval:
# print line
# pass
# pass
#return None
def readUserKeys(uid):
"""
......@@ -39,8 +64,12 @@ def readUserKeys(uid):
pass
pass
fd.close()
return keylist
TMCC = '/usr/local/etc/emulab/tmcc'
def runTMCC(cmd):
"""
Runs the tmcc command indicated and returns, for each line, a list of
......@@ -108,6 +137,15 @@ if not os.getuid() == 0:
sys.exit(-1)
pass
# do this right away so we can exit without doing a single thing to the plc
# config.
tmccEPlabConfig = runTMCC('eplabconfig')
if tmccEPlabConfig == None or len(tmccEPlabConfig) == 0:
print "plabinelab: nothing to do, exiting"
sys.exit(0)
pass
# -3.
print "plabinelab: stopping plc:"
doService('plc','stop')
......@@ -131,7 +169,6 @@ if not os.path.exists('/plc/emulab/bootmanager.patch.done'):
# python modules.
from libplcsetup import *
TMCC = '/usr/local/etc/emulab/tmcc'
# XXX: need to switch this stuff to be a little more intelligent so
# we can configure private planetlab networks from the control net.
DEF_PLC_HOST = getHostname()
......@@ -151,7 +188,6 @@ except:
print "plabinelab: gathering info from tmcd"
tmccAccounts = runTMCC('accounts')
tmccCreator = runTMCC('creator')
tmccEPlabConfig = runTMCC('eplabconfig')
(creatorUID,creatorEmail) = (None,None)
for acct in tmccAccounts:
......@@ -234,12 +270,16 @@ for lineDict in tmccAccounts:
if lineDict['ROOT'] == '1':
root = True
pass
pi = False
if lineDict['LOGIN'] == creatorUID:
pi = True
pass
# we use the @emulab.net address because it makes it easier for us
# to later remove users during a swapmod (there are legit plc users
# in the db that are needed for plc maint).
userlist.append((lineDict['NAME'],
lineDict['LOGIN'] + '@emulab.net',lineDict['PSWD'],
readUserKeys(lineDict['LOGIN']),root))
readUserKeys(lineDict['LOGIN']),root,pi))
pass
pass
......@@ -389,4 +429,8 @@ os.system('chkconfig plc off')
# Finis.
print "plabinelab: done!"
sys.stdin.close()
sys.stdout.close()
sys.stderr.close()
sys.exit(0)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment