diff options
| author | Michael DeHaan <mdehaan@mdehaan.rdu.redhat.com> | 2007-09-25 15:16:09 -0400 |
|---|---|---|
| committer | Michael DeHaan <mdehaan@mdehaan.rdu.redhat.com> | 2007-09-25 15:16:09 -0400 |
| commit | 01cd1bdf7f1c7eb1de47cdbbe90b6c7f9b4f26eb (patch) | |
| tree | be3903037050b0c357fb544a7cad461d787f0b9c | |
| parent | 1e23539193f30deae630ba09ba72692a90605bb0 (diff) | |
| parent | a785dfc7cb5e8bdf5859237ce0c15bf52b21e42a (diff) | |
| download | func-01cd1bdf7f1c7eb1de47cdbbe90b6c7f9b4f26eb.tar.gz func-01cd1bdf7f1c7eb1de47cdbbe90b6c7f9b4f26eb.tar.xz func-01cd1bdf7f1c7eb1de47cdbbe90b6c7f9b4f26eb.zip | |
Merge branch 'master' of ssh://git.fedoraproject.org/git/hosted/func
| -rwxr-xr-x | func/certmaster.py | 41 | ||||
| -rw-r--r-- | minion/AuthedXMLRPCServer.py (renamed from server/AuthedXMLRPCServer.py) | 0 | ||||
| -rwxr-xr-x | minion/Makefile | 19 | ||||
| -rwxr-xr-x | minion/codes.py | 3 | ||||
| -rwxr-xr-x | minion/config_data.py | 4 | ||||
| -rwxr-xr-x | minion/logger.py | 13 | ||||
| -rwxr-xr-x | minion/module_loader.py | 3 | ||||
| -rwxr-xr-x | minion/server.py | 1 | ||||
| -rwxr-xr-x | modules/Makefile | 19 | ||||
| -rwxr-xr-x | modules/func_module.py | 8 | ||||
| -rwxr-xr-x | modules/hardware.py | 1 | ||||
| -rwxr-xr-x | modules/process.py | 21 | ||||
| -rwxr-xr-x | modules/service.py | 5 | ||||
| -rwxr-xr-x | modules/smart.py | 1 | ||||
| -rwxr-xr-x | modules/test.py | 1 | ||||
| -rwxr-xr-x | overlord/Makefile | 19 | ||||
| -rw-r--r-- | overlord/sslclient.py (renamed from client/sslclient.py) | 0 | ||||
| -rwxr-xr-x | scripts/certmaster | 13 |
18 files changed, 122 insertions, 50 deletions
diff --git a/func/certmaster.py b/func/certmaster.py index 02c8013..bd01db9 100755 --- a/func/certmaster.py +++ b/func/certmaster.py @@ -34,7 +34,7 @@ class SimpleConfigFile(object): """simple config file object: reads in key=value pairs from a file and stores each as an attribute""" - def __init__(self, filename): + def __init__(self, filename, defaults={}): self.fn = filename fo = open(filename, 'r') for line in fo.readlines(): @@ -44,34 +44,31 @@ class SimpleConfigFile(object): key = key.strip().lower() val = val.strip() setattr(self, key, val) + for k,v in defaults.items(): + if not hasattr(self, k): + setattr(self, k, v) fo.close() class CertMaster(object): - def __init__(self, conf_file): - self.cfg = SimpleConfigFile(conf_file) - self.listen_addr = 'localhost' - self.listen_port = '51235' - self.cadir = '/etc/pki/func/ca' - self.certroot = '/etc/pki/func/ca/certs' - self.csrroot = '/etc/pki/func/ca/csrs' - self.autosign = True - for attr in ['listen_addr', 'listen_port', 'cadir', 'certroot', - 'csrroot']: - if hasattr(self.cfg, attr): - setattr(self, attr, getattr(self.cfg, attr)) + def __init__(self, conf_file, defaults={}): + self.cfg = SimpleConfigFile(conf_file, defaults) if hasattr(self.cfg, 'autosign'): if getattr(self.cfg, 'autosign').lower() in ['yes', 'true', 1, 'on']: - self.autosign = True + self.cfg.autosign = True elif getattr(self.cfg, 'autosign').lower() in ['no', 'false', 0, 'off']: - self.autosign = False + self.cfg.autosign = False + else: + self.cfg.autosign = False + self.cfg.listen_port = int(self.cfg.listen_port) + # open up the cakey and cacert so we have them available - ca_key_file = '%s/funcmaster.key' % self.cadir - ca_cert_file = '%s/funcmaster.crt' % self.cadir + ca_key_file = '%s/funcmaster.key' % self.cfg.cadir + ca_cert_file = '%s/funcmaster.crt' % self.cfg.cadir self.cakey = func.certs.retrieve_key_from_file(ca_key_file) self.cacert = func.certs.retrieve_cert_from_file(ca_cert_file) - for dirpath in [self.cadir, self.certroot, self.csrroot]: + for dirpath in [self.cfg.cadir, self.cfg.certroot, self.cfg.csrroot]: if not os.path.exists(dirpath): os.makedirs(dirpath) @@ -105,8 +102,8 @@ class CertMaster(object): return False, '', '' requesting_host = csrreq.get_subject().CN - certfile = '%s/%s.pem' % (self.certroot, requesting_host) - csrfile = '%s/%s.csr' % (self.csrroot, requesting_host) + certfile = '%s/%s.pem' % (self.cfg.certroot, requesting_host) + csrfile = '%s/%s.csr' % (self.cfg.csrroot, requesting_host) # check for old csr on disk # if we have it - compare the two - if they are not the same - raise a fault @@ -138,7 +135,7 @@ class CertMaster(object): if self.autosign: slavecert = func.certs.create_slave_certificate(csrreq, - self.cakey, self.cacert, self.cadir) + self.cakey, self.cacert, self.cfg.cadir) destfo = open(certfile, 'w') destfo.write(crypto.dump_certificate(crypto.FILETYPE_PEM, slavecert)) @@ -165,7 +162,7 @@ def serve(xmlrpcinstance): Code for starting the XMLRPC service. """ - server =FuncXMLRPCServer((xmlrpcinstance.listen_addr, xmlrpcinstance.list_port)) + server = SimpleXMLRPCServer.SimpleXMLRPCServer((xmlrpcinstance.cfg.listen_addr, xmlrpcinstance.cfg.listen_port)) server.logRequests = 0 # don't print stuff to console server.register_instance(xmlrpcinstance) server.serve_forever() diff --git a/server/AuthedXMLRPCServer.py b/minion/AuthedXMLRPCServer.py index 490b57a..490b57a 100644 --- a/server/AuthedXMLRPCServer.py +++ b/minion/AuthedXMLRPCServer.py diff --git a/minion/Makefile b/minion/Makefile new file mode 100755 index 0000000..86a3db8 --- /dev/null +++ b/minion/Makefile @@ -0,0 +1,19 @@ + + +PYFILES = $(wildcard *.py) + +PYCHECKER = /usr/bin/pychecker +PYFLAKES = /usr/bin/pyflakes + +clean:: + @rm -fv *.pyc *~ .*~ *.pyo + @find . -name .\#\* -exec rm -fv {} \; + @rm -fv *.rpm + + +pychecker:: + @$(PYCHECKER) $(PYFILES) || exit 0 + +pyflakes:: + @$(PYFLAKES) $(PYFILES) || exit 0 + diff --git a/minion/codes.py b/minion/codes.py index dc0ceac..c549709 100755 --- a/minion/codes.py +++ b/minion/codes.py @@ -14,9 +14,6 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. """ import exceptions -import string -import sys -import traceback class FuncException(exceptions.Exception): diff --git a/minion/config_data.py b/minion/config_data.py index 4980cc7..021a52d 100755 --- a/minion/config_data.py +++ b/minion/config_data.py @@ -12,8 +12,8 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +import codes -from codes import * import os import ConfigParser @@ -35,7 +35,7 @@ class Config: def read(self): if not os.path.exists(CONFIG_FILE): - raise FuncException("Missing %s" % CONFIG_FILE) + raise codes.FuncException("Missing %s" % CONFIG_FILE) cp = ConfigParser.ConfigParser() diff --git a/minion/logger.py b/minion/logger.py index 1e60dc0..7747824 100755 --- a/minion/logger.py +++ b/minion/logger.py @@ -55,7 +55,8 @@ class Logger(Singleton): self._no_handlers = False -class AuditLogger(Logger): +class AuditLogger(Singleton): + _no_handlers = True def __init__(self, logfilepath = "/var/log/func/audit.log"): self.loglevel = logging.INFO self._setup_logging() @@ -67,6 +68,16 @@ class AuditLogger(Logger): self.logger.info("%s called with %s" % (method, params)) + def _setup_logging(self): + self.logger = logging.getLogger("audit") + + def _setup_handlers(self, logfilepath="/var/log/func/audit.log"): + handler = logging.FileHandler(logfilepath, "a") + self.logger.setLevel(self.loglevel) + formatter = logging.Formatter("%(asctime)s - %(levelname)s - %(message)s") + handler.setFormatter(formatter) + self.logger.addHandler(handler) + self._no_handlers = False diff --git a/minion/module_loader.py b/minion/module_loader.py index 4d7c816..7cfcd26 100755 --- a/minion/module_loader.py +++ b/minion/module_loader.py @@ -18,8 +18,7 @@ import distutils.sysconfig import os import sys -import glob -from rhpl.translate import _, N_, textdomain, utf8 +from rhpl.translate import _ def module_walker(topdir): diff --git a/minion/server.py b/minion/server.py index 73ef114..cd3c9e7 100755 --- a/minion/server.py +++ b/minion/server.py @@ -17,7 +17,6 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. # standard modules import SimpleXMLRPCServer import string -import socket import sys import traceback diff --git a/modules/Makefile b/modules/Makefile new file mode 100755 index 0000000..86a3db8 --- /dev/null +++ b/modules/Makefile @@ -0,0 +1,19 @@ + + +PYFILES = $(wildcard *.py) + +PYCHECKER = /usr/bin/pychecker +PYFLAKES = /usr/bin/pyflakes + +clean:: + @rm -fv *.pyc *~ .*~ *.pyo + @find . -name .\#\* -exec rm -fv {} \; + @rm -fv *.rpm + + +pychecker:: + @$(PYCHECKER) $(PYFILES) || exit 0 + +pyflakes:: + @$(PYFLAKES) $(PYFILES) || exit 0 + diff --git a/modules/func_module.py b/modules/func_module.py index 7019bc5..a3a8550 100755 --- a/modules/func_module.py +++ b/modules/func_module.py @@ -12,18 +12,14 @@ ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ## -from codes import * from server import config_data from server import logger -import os -import threading -import time -import traceback - class FuncModule(object): + + # the version is meant to version = "0.0.0" api_version = "0.0.0" description = "No Description provided" diff --git a/modules/hardware.py b/modules/hardware.py index 2c41b9f..7c6deb4 100755 --- a/modules/hardware.py +++ b/modules/hardware.py @@ -23,7 +23,6 @@ sys.path.append("/usr/share/smolt/client") import smolt # our modules -from codes import * from modules import func_module # ================================= diff --git a/modules/process.py b/modules/process.py index 3e40fe1..78e5aea 100755 --- a/modules/process.py +++ b/modules/process.py @@ -16,9 +16,9 @@ # other modules import sub_process +import codes # our modules -from codes import * from modules import func_module # ================================= @@ -41,7 +41,9 @@ class ProcessModule(func_module.FuncModule): flags.replace(";","") # prevent stupidity - cmd = sub_process.Popen("ps %s" % flags,stdout=sub_process.PIPE,shell=True) + + #FIXME: we need to swallow stdout/stderr as well, right now it spews to the console + cmd = sub_process.Popen(["/bin/ps", flags] ,executable="/bin/ps", stdout=sub_process.PIPE,shell=False) data = cmd.communicate()[0] results = [] @@ -52,13 +54,22 @@ class ProcessModule(func_module.FuncModule): return results - def kill(self,pid,level=""): - rc = sub_process.call("/bin/kill %s %s" % (pid, level), shell=True) + + def kill(self,pid,signal="TERM"): + if pid == "0": + raise codes.FuncException("Killing pid group 0 not permitted") + if signal == "": + # this is default /bin/kill behaviour, it claims, but enfore it anyway + signal = "-TERM" + if signal[0] != "-": + signal = "-%s" % signal + rc = sub_process.call(["/bin/kill",signal, pid], executable="/bin/kill", shell=False) + print rc return rc def pkill(self,name,level=""): # example killall("thunderbird","-9") - rc = sub_process.call("/usr/bin/pkill %s %s" % (name, level), shell=True) + rc = sub_process.call(["/usr/bin/pkill", name, level], executable="/usr/bin/pkill", shell=False) return rc methods = ProcessModule() diff --git a/modules/service.py b/modules/service.py index 524cd7b..433d70b 100755 --- a/modules/service.py +++ b/modules/service.py @@ -14,8 +14,7 @@ ## ## - -from codes import * +import codes from modules import func_module import sub_process @@ -39,7 +38,7 @@ class Service(func_module.FuncModule): if os.path.exists(filename): return sub_process.call(["/sbin/service", service_name, command]) else: - raise FuncException("Service not installed: %s" % service_name) + raise codes.FuncException("Service not installed: %s" % service_name) def start(self, service_name): return self.__command(service_name, "start") diff --git a/modules/smart.py b/modules/smart.py index 4ed8335..0a7be47 100755 --- a/modules/smart.py +++ b/modules/smart.py @@ -19,7 +19,6 @@ import sub_process # our modules -from codes import * from modules import func_module # ================================= diff --git a/modules/test.py b/modules/test.py index ea22007..55265a3 100755 --- a/modules/test.py +++ b/modules/test.py @@ -1,6 +1,5 @@ #!/usr/bin/python -from codes import * from modules import func_module class Test(func_module.FuncModule): diff --git a/overlord/Makefile b/overlord/Makefile new file mode 100755 index 0000000..86a3db8 --- /dev/null +++ b/overlord/Makefile @@ -0,0 +1,19 @@ + + +PYFILES = $(wildcard *.py) + +PYCHECKER = /usr/bin/pychecker +PYFLAKES = /usr/bin/pyflakes + +clean:: + @rm -fv *.pyc *~ .*~ *.pyo + @find . -name .\#\* -exec rm -fv {} \; + @rm -fv *.rpm + + +pychecker:: + @$(PYCHECKER) $(PYFILES) || exit 0 + +pyflakes:: + @$(PYFLAKES) $(PYFILES) || exit 0 + diff --git a/client/sslclient.py b/overlord/sslclient.py index 9439c4a..9439c4a 100644 --- a/client/sslclient.py +++ b/overlord/sslclient.py diff --git a/scripts/certmaster b/scripts/certmaster index 3b212b4..1be4c58 100755 --- a/scripts/certmaster +++ b/scripts/certmaster @@ -7,6 +7,15 @@ sys.path.append("%s/func" % distutils.sysconfig.get_python_lib()) import certmaster -cm = certmaster.CertMaster('/etc/func/certmaster.conf') -server = certmaster.serve(cm) +defaults = { 'listen_addr': 'localhost', + 'listen_port': '51235', + 'cadir': '/etc/pki/func/ca', + 'certroot': '/var/lib/func/certmaster/certs', + 'csrroot': '/var/lib/func/certmaster/csrs', + 'autosign': 'false' + } + +cm = certmaster.CertMaster('/etc/func/certmaster.conf', defaults) +certmaster.serve(cm) + |