summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJesus M. Rodriguez <jmrodri@firebird.home.net>2007-10-03 22:48:21 -0400
committerJesus M. Rodriguez <jmrodri@firebird.home.net>2007-10-03 22:48:21 -0400
commit3ff3336d954160739fca807732ec217d2dabc572 (patch)
tree1194a6f5c13ef4625c17df22372c39e06bee75e8
parentff3e3f38b174bee4b944d3851af55b296e407f13 (diff)
parent5dfdff8f110d8336b4812497428cd5dd1fae2db0 (diff)
downloadfunc-3ff3336d954160739fca807732ec217d2dabc572.tar.gz
func-3ff3336d954160739fca807732ec217d2dabc572.tar.xz
func-3ff3336d954160739fca807732ec217d2dabc572.zip
Merge branch 'master' of ssh://git.fedoraproject.org/git/hosted/func
Diffstat
-rw-r--r--COPYING339
-rwxr-xr-xMakefile8
-rw-r--r--etc/certmaster.conf1
-rwxr-xr-xfunc/Makefile5
-rwxr-xr-xfunc/certmaster.py4
-rw-r--r--func/commonconfig.py1
-rw-r--r--func/minion/AuthedXMLRPCServer.py (renamed from minion/AuthedXMLRPCServer.py)9
-rwxr-xr-xfunc/minion/Makefile (renamed from modules/Makefile)11
-rw-r--r--func/minion/__init__.py (renamed from minion/__init__.py)0
-rwxr-xr-xfunc/minion/codes.py (renamed from minion/codes.py)0
-rwxr-xr-xfunc/minion/module_loader.py (renamed from minion/module_loader.py)2
-rwxr-xr-xfunc/minion/modules/Makefile (renamed from minion/Makefile)7
-rw-r--r--func/minion/modules/__init__.py (renamed from modules/__init__.py)0
-rw-r--r--func/minion/modules/command.py (renamed from modules/command.py)2
-rw-r--r--func/minion/modules/copyfile.py (renamed from modules/copyfile.py)14
-rwxr-xr-xfunc/minion/modules/func_module.py (renamed from modules/func_module.py)8
-rwxr-xr-xfunc/minion/modules/hardware.py (renamed from modules/hardware.py)25
-rwxr-xr-xfunc/minion/modules/process.py (renamed from modules/process.py)7
-rwxr-xr-xfunc/minion/modules/reboot.py (renamed from modules/reboot.py)0
-rwxr-xr-xfunc/minion/modules/service.py (renamed from modules/service.py)0
-rwxr-xr-xfunc/minion/modules/smart.py (renamed from modules/smart.py)7
-rwxr-xr-xfunc/minion/modules/test.py (renamed from modules/test.py)0
-rwxr-xr-xfunc/minion/modules/virt.py (renamed from modules/virt.py)42
-rw-r--r--func/minion/modules/yum.py (renamed from modules/yum.py)0
-rwxr-xr-xfunc/minion/server.py (renamed from minion/server.py)32
-rw-r--r--func/minion/sub_process.py (renamed from minion/sub_process.py)0
-rwxr-xr-xfunc/minion/utils.py (renamed from minion/utils.py)66
-rwxr-xr-xfunc/overlord/Makefile (renamed from overlord/Makefile)7
-rw-r--r--func/overlord/__init__.py (renamed from overlord/__init__.py)0
-rwxr-xr-xfunc/overlord/client.py (renamed from overlord/client.py)24
-rw-r--r--func/overlord/command.py (renamed from overlord/command.py)4
-rw-r--r--func/overlord/sslclient.py (renamed from overlord/sslclient.py)8
-rw-r--r--func/overlord/test_func.py (renamed from overlord/test_func.py)5
-rwxr-xr-xscripts/Makefile3
-rwxr-xr-xscripts/certmaster-ca39
-rw-r--r--setup.py5
36 files changed, 540 insertions, 145 deletions
diff --git a/COPYING b/COPYING
new file mode 100644
index 0000000..e77696a
--- /dev/null
+++ b/COPYING
@@ -0,0 +1,339 @@
+ GNU GENERAL PUBLIC LICENSE
+ Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+ 675 Mass Ave, Cambridge, MA 02139, USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users. This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it. (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.) You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have. You must make sure that they, too, receive or can get the
+source code. And you must show them these terms so they know their
+rights.
+
+ We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+ Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software. If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+ Finally, any free program is threatened constantly by software
+patents. We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary. To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ GNU GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License. The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language. (Hereinafter, translation is included without limitation in
+the term "modification".) Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+ 1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+ 2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) You must cause the modified files to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ b) You must cause any work that you distribute or publish, that in
+ whole or in part contains or is derived from the Program or any
+ part thereof, to be licensed as a whole at no charge to all third
+ parties under the terms of this License.
+
+ c) If the modified program normally reads commands interactively
+ when run, you must cause it, when started running for such
+ interactive use in the most ordinary way, to print or display an
+ announcement including an appropriate copyright notice and a
+ notice that there is no warranty (or else, saying that you provide
+ a warranty) and that users may redistribute the program under
+ these conditions, and telling the user how to view a copy of this
+ License. (Exception: if the Program itself is interactive but
+ does not normally print such an announcement, your work based on
+ the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+ a) Accompany it with the complete corresponding machine-readable
+ source code, which must be distributed under the terms of Sections
+ 1 and 2 above on a medium customarily used for software interchange; or,
+
+ b) Accompany it with a written offer, valid for at least three
+ years, to give any third party, for a charge no more than your
+ cost of physically performing source distribution, a complete
+ machine-readable copy of the corresponding source code, to be
+ distributed under the terms of Sections 1 and 2 above on a medium
+ customarily used for software interchange; or,
+
+ c) Accompany it with the information you received as to the offer
+ to distribute corresponding source code. (This alternative is
+ allowed only for noncommercial distribution and only if you
+ received the program in object code or executable form with such
+ an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it. For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable. However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License. Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+ 5. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Program or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+ 6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+ 7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all. For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded. In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+ 9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation. If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+ 10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission. For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this. Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+ NO WARRANTY
+
+ 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+ 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) 19yy <name of author>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+ Gnomovision version 69, Copyright (C) 19yy name of author
+ Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+ `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+ <signature of Ty Coon>, 1 April 1989
+ Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs. If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library. If this is what you want to do, use the GNU Library General
+Public License instead of this License.
diff --git a/Makefile b/Makefile
index 8ef2d33..5be4e59 100755
--- a/Makefile
+++ b/Makefile
@@ -5,8 +5,8 @@ NEWRELEASE = $(shell echo $$(($(RELEASE) + 1)))
MESSAGESPOT=po/messages.pot
TOPDIR = $(shell pwd)
-DIRS = modules minion overlord func docs scripts
-PYDIRS = modules minion overlord func scripts
+DIRS = func docs scripts
+PYDIRS = func scripts
EXAMPLEDIR = examples
INITDIR = init-scripts
@@ -19,8 +19,8 @@ manpage:
pod2man --center="certmaster" --release="" ./docs/certmaster.pod | gzip -c > ./docs/certmaster.1.gz
pod2man --center="certmaster-ca" --release="" ./docs/certmaster-ca.pod | gzip -c > ./docs/certmaster-ca.1.gz
-messages: minion/*.py
- xgettext -k_ -kN_ -o $(MESSAGESPOT) minion/*.py
+messages: func/minion/*.py
+ xgettext -k_ -kN_ -o $(MESSAGESPOT) func/minion/*.py
sed -i'~' -e 's/SOME DESCRIPTIVE TITLE/func/g' -e 's/YEAR THE PACKAGE'"'"'S COPYRIGHT HOLDER/2007 Red Hat, inc. /g' -e 's/FIRST AUTHOR <EMAIL@ADDRESS>, YEAR/Adrian Likins <alikins@redhat.com>, 2007/g' -e 's/PACKAGE VERSION/func $(VERSION)-$(RELEASE)/g' -e 's/PACKAGE/func/g' $(MESSAGESPOT)
diff --git a/etc/certmaster.conf b/etc/certmaster.conf
index ded4de6..71b2068 100644
--- a/etc/certmaster.conf
+++ b/etc/certmaster.conf
@@ -1,6 +1,5 @@
[main]
listen_addr =
-listen_port = 51235
cadir = /etc/pki/func/ca
certroot = /var/lib/func/certmaster/certs
csrroot = /var/lib/func/certmaster/csrs
diff --git a/func/Makefile b/func/Makefile
index 86a3db8..99fd546 100755
--- a/func/Makefile
+++ b/func/Makefile
@@ -1,6 +1,7 @@
PYFILES = $(wildcard *.py)
+PYDIRS = minion overlord
PYCHECKER = /usr/bin/pychecker
PYFLAKES = /usr/bin/pyflakes
@@ -17,3 +18,7 @@ pychecker::
pyflakes::
@$(PYFLAKES) $(PYFILES) || exit 0
+pychecker::
+ -for d in $(PYDIRS); do ($(MAKE) -C $$d pychecker ); done
+pyflakes::
+ -for d in $(PYDIRS); do ($(MAKE) -C $$d pyflakes ); done
diff --git a/func/certmaster.py b/func/certmaster.py
index e881b3e..e8c046d 100755
--- a/func/certmaster.py
+++ b/func/certmaster.py
@@ -33,6 +33,8 @@ import utils
from config import read_config
from commonconfig import CMConfig
+CERTMASTER_LISTEN_PORT = 51235
+
class CertMaster(object):
def __init__(self, conf_file):
self.cfg = read_config(conf_file, CMConfig)
@@ -203,7 +205,7 @@ def serve(xmlrpcinstance):
Code for starting the XMLRPC service.
"""
- server = CertmasterXMLRPCServer((xmlrpcinstance.cfg.listen_addr, xmlrpcinstance.cfg.listen_port))
+ server = CertmasterXMLRPCServer((xmlrpcinstance.cfg.listen_addr, CERTMASTER_LISTEN_PORT))
server.logRequests = 0 # don't print stuff to console
server.register_instance(xmlrpcinstance)
server.serve_forever()
diff --git a/func/commonconfig.py b/func/commonconfig.py
index 559c290..cbf031e 100644
--- a/func/commonconfig.py
+++ b/func/commonconfig.py
@@ -4,7 +4,6 @@ from config import BaseConfig, BoolOption, IntOption, Option
class CMConfig(BaseConfig):
listen_addr = Option('')
- listen_port = IntOption(51235)
cadir = Option('/etc/pki/func/ca')
certroot = Option('/var/lib/func/certmaster/certs')
csrroot = Option('/var/lib/func/certmaster/csrs')
diff --git a/minion/AuthedXMLRPCServer.py b/func/minion/AuthedXMLRPCServer.py
index da6b18a..265d1b2 100644
--- a/minion/AuthedXMLRPCServer.py
+++ b/func/minion/AuthedXMLRPCServer.py
@@ -39,7 +39,7 @@ class AuthedSimpleXMLRPCRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHan
self.connection = self.request # for doPOST
self.rfile = socket._fileobject(self.request, "rb", self.rbufsize)
self.wfile = socket._fileobject(self.request, "wb", self.wbufsize)
-
+
def do_POST(self):
self.server._this_request = (self.request, self.client_address)
try:
@@ -101,7 +101,7 @@ class TestServer(AuthedSSLXMLRPCServer):
def __init__(self, address, pkey, cert, ca_cert):
AuthedSSLXMLRPCServer.__init__(self, address, pkey, cert, ca_cert, self.auth_cb)
-
+
def _dispatch(self, method, params):
if method == 'trait_names' or method == '_getAttributeNames':
return dir(self)
@@ -115,10 +115,10 @@ class TestServer(AuthedSSLXMLRPCServer):
print dir(p)
print p.get_subject()
else:
- print 'no cert'
+ print 'no cert'
return "your mom"
-
+
def auth_cb(self, request, client_address):
peer_cert = request.get_peer_certificate()
return peer_cert.get_subject().CN
@@ -138,4 +138,3 @@ if __name__ == '__main__':
h = ReqHandler()
server.register_instance(h)
server.serve_forever()
-
diff --git a/modules/Makefile b/func/minion/Makefile
index 86a3db8..d630382 100755
--- a/modules/Makefile
+++ b/func/minion/Makefile
@@ -1,19 +1,24 @@
PYFILES = $(wildcard *.py)
+PYDIRS = modules
PYCHECKER = /usr/bin/pychecker
PYFLAKES = /usr/bin/pyflakes
clean::
- @rm -fv *.pyc *~ .*~ *.pyo
+ @rm -fv *.pyc *~ .*~ *.pyo
@find . -name .\#\* -exec rm -fv {} \;
@rm -fv *.rpm
-
-pychecker::
+
+pychecker::
@$(PYCHECKER) $(PYFILES) || exit 0
pyflakes::
@$(PYFLAKES) $(PYFILES) || exit 0
+pychecker::
+ -for d in $(PYDIRS); do ($(MAKE) -C $$d pychecker ); done
+pyflakes::
+ -for d in $(PYDIRS); do ($(MAKE) -C $$d pyflakes ); done
diff --git a/minion/__init__.py b/func/minion/__init__.py
index e69de29..e69de29 100644
--- a/minion/__init__.py
+++ b/func/minion/__init__.py
diff --git a/minion/codes.py b/func/minion/codes.py
index 058ca44..058ca44 100755
--- a/minion/codes.py
+++ b/func/minion/codes.py
diff --git a/minion/module_loader.py b/func/minion/module_loader.py
index 4538fb2..1339359 100755
--- a/minion/module_loader.py
+++ b/func/minion/module_loader.py
@@ -36,7 +36,7 @@ def module_walker(topdir):
# in the module name, and foo..bar doesnt work -akl
module_files.append(os.path.normpath("%s/%s" % (root, filename)))
-
+
return module_files
def load_modules(blacklist=None):
diff --git a/minion/Makefile b/func/minion/modules/Makefile
index 86a3db8..f2bc6c4 100755
--- a/minion/Makefile
+++ b/func/minion/modules/Makefile
@@ -6,14 +6,13 @@ PYCHECKER = /usr/bin/pychecker
PYFLAKES = /usr/bin/pyflakes
clean::
- @rm -fv *.pyc *~ .*~ *.pyo
+ @rm -fv *.pyc *~ .*~ *.pyo
@find . -name .\#\* -exec rm -fv {} \;
@rm -fv *.rpm
-
-pychecker::
+
+pychecker::
@$(PYCHECKER) $(PYFILES) || exit 0
pyflakes::
@$(PYFLAKES) $(PYFILES) || exit 0
-
diff --git a/modules/__init__.py b/func/minion/modules/__init__.py
index e69de29..e69de29 100644
--- a/modules/__init__.py
+++ b/func/minion/modules/__init__.py
diff --git a/modules/command.py b/func/minion/modules/command.py
index 5dc0292..06adaaa 100644
--- a/modules/command.py
+++ b/func/minion/modules/command.py
@@ -36,5 +36,3 @@ class Command(func_module.FuncModule):
methods = Command()
register_rpc = methods.register_rpc
-
-
diff --git a/modules/copyfile.py b/func/minion/modules/copyfile.py
index 58b5ea4..a4f91f0 100644
--- a/modules/copyfile.py
+++ b/func/minion/modules/copyfile.py
@@ -27,7 +27,7 @@ class CopyFile(func_module.FuncModule):
"checksum" : self.checksum
}
func_module.FuncModule.__init__(self)
-
+
def checksum(self, thing):
CHUNK=2**16
@@ -54,17 +54,17 @@ class CopyFile(func_module.FuncModule):
# we should probably verify mode,uid,gid are valid as well
-
+
dirpath = os.path.dirname(filepath)
basepath = os.path.basename(filepath)
if not os.path.exists(dirpath):
os.makedirs(dirpath)
-
+
remote_sum = self.checksum(filebuf)
local_sum = 0
if os.path.exists(filepath):
local_sum = self.checksum(filepath)
-
+
if remote_sum != local_sum or force is not None:
# back up the localone
if os.path.exists(filepath):
@@ -90,18 +90,18 @@ class CopyFile(func_module.FuncModule):
os.chown(filepath, uid, gid)
except (IOError, OSError), e:
return -1
-
+
return 1
def _backuplocal(self, fn):
"""
- make a date-marked backup of the specified file,
+ make a date-marked backup of the specified file,
return True or False on success or failure
"""
# backups named basename-YYYY-MM-DD@HH:MM~
ext = time.strftime("%Y-%m-%d@%H:%M~", time.localtime(time.time()))
backupdest = '%s.%s' % (fn, ext)
-
+
try:
shutil.copy2(fn, backupdest)
except shutil.Error, e:
diff --git a/modules/func_module.py b/func/minion/modules/func_module.py
index 32a235d..aa3c132 100755
--- a/modules/func_module.py
+++ b/func/minion/modules/func_module.py
@@ -24,11 +24,11 @@ class FuncModule(object):
version = "0.0.0"
api_version = "0.0.0"
description = "No Description provided"
-
+
def __init__(self):
config_file = '/etc/func/minion.conf'
- self.config = read_config(config_file, FuncdConfig)
+ self.config = read_config(config_file, FuncdConfig)
self.__init_log()
self.__base_methods = {
# __'s so we don't clobber useful names
@@ -37,11 +37,11 @@ class FuncModule(object):
"module_description" : self.__module_description,
"list_methods" : self.__list_methods
}
-
+
def __init_log(self):
log = logger.Logger()
self.logger = log.logger
-
+
def register_rpc(self, handlers, module_name):
# add the internal methods, note that this means they
# can get clobbbered by subclass versions
diff --git a/modules/hardware.py b/func/minion/modules/hardware.py
index e2455d1..79faf4c 100755
--- a/modules/hardware.py
+++ b/func/minion/modules/hardware.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-##
+##
## Hardware profiler plugin
## requires the "smolt" client package be installed
## but also relies on lspci for some things
@@ -30,7 +30,7 @@ class HardwareModule(func_module.FuncModule):
def __init__(self):
self.methods = {
"info" : self.info,
- "hal_info" : self.hal_info
+ "hal_info" : self.hal_info
}
func_module.FuncModule.__init__(self)
@@ -41,10 +41,10 @@ class HardwareModule(func_module.FuncModule):
"""
cmd = sub_process.Popen(["/usr/bin/lshal"],shell=False,stdout=sub_process.PIPE)
- data = cmd.communicate()[0]
-
+ data = cmd.communicate()[0]
+
data = data.split("\n")
-
+
results = {}
current = ""
label = data[0]
@@ -56,7 +56,7 @@ class HardwareModule(func_module.FuncModule):
else:
if label == "":
label = d
- current = current + d
+ current = current + d
return results
@@ -75,7 +75,7 @@ def hw_info(with_devices=True):
# this may fail if smolt is not installed. That's ok. hal_info will
# still work.
-
+
# hack: smolt is not installed in site-packages
sys.path.append("/usr/share/smolt/client")
import smolt
@@ -92,14 +92,14 @@ def hw_info(with_devices=True):
'cpuModel' : str(host.cpuModel),
'numCpus' : str(host.numCpus),
'cpuSpeed' : str(host.cpuSpeed),
- 'systemMemory' : str(host.systemMemory),
+ 'systemMemory' : str(host.systemMemory),
'systemSwap' : str(host.systemSwap),
'kernelVersion' : str(host.kernelVersion),
'language' : str(host.language),
'platform' : str(host.platform),
'systemVendor' : str(host.systemVendor),
'systemModel' : str(host.systemModel),
- 'formfactor' : str(host.formfactor),
+ 'formfactor' : str(host.formfactor),
'selinux_enabled' : str(host.selinux_enabled),
'selinux_enforce' : str(host.selinux_enforce)
}
@@ -107,7 +107,7 @@ def hw_info(with_devices=True):
# if no hardware info requested, just return the above bits
if not with_devices:
return data
-
+
collection = data["devices"] = []
for item in hardware.deviceIter():
@@ -121,13 +121,10 @@ def hw_info(with_devices=True):
"Bus" : str(Bus),
"Driver" : str(Driver),
"Type" : str(Type),
- "Description" : str(Description)
+ "Description" : str(Description)
})
return data
methods = HardwareModule()
register_rpc = methods.register_rpc
-
-
-
diff --git a/modules/process.py b/func/minion/modules/process.py
index 94a0240..b48b910 100755
--- a/modules/process.py
+++ b/func/minion/modules/process.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-##
+##
## Process lister (control TBA)
##
## Copyright 2007, Red Hat, Inc
@@ -46,7 +46,7 @@ class ProcessModule(func_module.FuncModule):
cmd = sub_process.Popen(["/bin/ps", flags] ,executable="/bin/ps", stdout=sub_process.PIPE,shell=False)
data = cmd.communicate()[0]
- results = []
+ results = []
for x in data.split("\n"):
tokens = x.split()
@@ -74,6 +74,3 @@ class ProcessModule(func_module.FuncModule):
methods = ProcessModule()
register_rpc = methods.register_rpc
-
-
-
diff --git a/modules/reboot.py b/func/minion/modules/reboot.py
index 8772b8f..8772b8f 100755
--- a/modules/reboot.py
+++ b/func/minion/modules/reboot.py
diff --git a/modules/service.py b/func/minion/modules/service.py
index 433d70b..433d70b 100755
--- a/modules/service.py
+++ b/func/minion/modules/service.py
diff --git a/modules/smart.py b/func/minion/modules/smart.py
index 0a7be47..c65dfb1 100755
--- a/modules/smart.py
+++ b/func/minion/modules/smart.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-##
+##
## Grabs status from SMART to see if your hard drives are ok
## Returns in the format of (return code, [line1, line2, line3,...])
##
@@ -42,7 +42,7 @@ class SmartModule(func_module.FuncModule):
cmd = sub_process.Popen("/usr/sbin/smartd %s" % flags,stdout=sub_process.PIPE,shell=True)
data = cmd.communicate()[0]
- results = []
+ results = []
for x in data.split("\n"):
results.append(x)
@@ -51,6 +51,3 @@ class SmartModule(func_module.FuncModule):
methods = SmartModule()
register_rpc = methods.register_rpc
-
-
-
diff --git a/modules/test.py b/func/minion/modules/test.py
index 55265a3..55265a3 100755
--- a/modules/test.py
+++ b/func/minion/modules/test.py
diff --git a/modules/virt.py b/func/minion/modules/virt.py
index 18ad718..07a9a87 100755
--- a/modules/virt.py
+++ b/func/minion/modules/virt.py
@@ -15,9 +15,9 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
"""
# warning: virt management is rather complicated
-# to see a simple example of func, look at the
+# to see a simple example of func, look at the
# service control module. API docs on how
-# to use this to come.
+# to use this to come.
# other modules
import os
@@ -102,7 +102,7 @@ class FuncLibvirtConnection(object):
def create(self, vmid):
return self.find_vm(vmid).create()
-
+
def destroy(self, vmid):
return self.find_vm(vmid).destroy()
@@ -112,8 +112,8 @@ class FuncLibvirtConnection(object):
def get_status2(self, vm):
state = vm.info()[0]
# print "DEBUG: state: %s" % state
- return VIRT_STATE_NAME_MAP.get(state,"unknown")
-
+ return VIRT_STATE_NAME_MAP.get(state,"unknown")
+
def get_status(self, vmid):
state = self.find_vm(vmid).info()[0]
return VIRT_STATE_NAME_MAP.get(state,"unknown")
@@ -121,10 +121,10 @@ class FuncLibvirtConnection(object):
class Virt(func_module.FuncModule):
-
-
+
+
def __init__(self):
-
+
"""
Constructor. Register methods and make them available.
"""
@@ -140,7 +140,7 @@ class Virt(func_module.FuncModule):
"status" : self.get_status,
"list_vms" : self.list_vms,
}
-
+
func_module.FuncModule.__init__(self)
def get_conn(self):
@@ -157,13 +157,13 @@ class Virt(func_module.FuncModule):
except:
pass
return results
-
+
def install(self, server_name, target_name, system=False):
"""
Install a new virt system by way of a named cobbler profile.
"""
-
+
# Example:
# install("bootserver.example.org", "fc7webserver", True)
@@ -192,8 +192,8 @@ class Virt(func_module.FuncModule):
return 0
else:
raise codes.FuncException("koan returned %d" % rc)
-
-
+
+
def shutdown(self, vmid):
"""
Make the machine with the given vmid stop running.
@@ -201,9 +201,9 @@ class Virt(func_module.FuncModule):
"""
self.get_conn()
self.conn.shutdown(vmid)
- return 0
+ return 0
+
-
def pause(self, vmid):
"""
@@ -213,7 +213,7 @@ class Virt(func_module.FuncModule):
self.conn.suspend(vmid)
return 0
-
+
def unpause(self, vmid):
"""
@@ -228,12 +228,12 @@ class Virt(func_module.FuncModule):
def create(self, vmid):
"""
- Start the machine via the given mac address.
+ Start the machine via the given mac address.
"""
self.get_conn()
self.conn.create(vmid)
return 0
-
+
def destroy(self, vmid):
@@ -247,7 +247,7 @@ class Virt(func_module.FuncModule):
def undefine(self, vmid):
-
+
"""
Stop a domain, and then wipe it from the face of the earth.
by deleting the disk image and it's configuration file.
@@ -263,12 +263,10 @@ class Virt(func_module.FuncModule):
"""
Return a state suitable for server consumption. Aka, codes.py values, not XM output.
"""
-
+
self.get_conn()
return self.conn.get_status(vmid)
methods = Virt()
register_rpc = methods.register_rpc
-
-
diff --git a/modules/yum.py b/func/minion/modules/yum.py
index 6600d47..6600d47 100644
--- a/modules/yum.py
+++ b/func/minion/modules/yum.py
diff --git a/minion/server.py b/func/minion/server.py
index 7a11ab8..f155dba 100755
--- a/minion/server.py
+++ b/func/minion/server.py
@@ -35,7 +35,7 @@ import codes
import module_loader
import utils
-
+
class XmlRpcInterface(object):
@@ -53,7 +53,7 @@ class XmlRpcInterface(object):
# need a reference so we can log ip's, certs, etc
# self.server = server
-
+
def __setup_handlers(self):
"""
@@ -80,7 +80,7 @@ class XmlRpcInterface(object):
def list_modules(self):
return self.modules.keys()
-
+
def list_methods(self):
return self.handlers.keys()
@@ -88,12 +88,12 @@ class XmlRpcInterface(object):
if method in self.handlers:
return FuncApiMethod(self.logger, method, self.handlers[method])
-
+
else:
self.logger.info("Unhandled method call for method: %s " % method)
raise codes.InvalidMethodException
-
+
class FuncApiMethod:
@@ -107,7 +107,7 @@ class FuncApiMethod:
self.logger = logger
self.__method = method
self.__name = name
-
+
def __log_exc(self):
"""
@@ -141,7 +141,7 @@ class FuncApiMethod:
def serve():
"""
- Code for starting the XMLRPC service.
+ Code for starting the XMLRPC service.
"""
server =FuncSSLXMLRPCServer(('', 51234))
server.logRequests = 0 # don't print stuff to console
@@ -165,13 +165,13 @@ class FuncSSLXMLRPCServer(AuthedXMLRPCServer.AuthedSSLXMLRPCServer,
def __init__(self, args):
self.allow_reuse_address = True
self.modules = module_loader.load_modules()
-
+
XmlRpcInterface.__init__(self)
hn = socket.getfqdn()
self.key = "%s/%s.pem" % (self.config.cert_dir, hn)
self.cert = "%s/%s.cert" % (self.config.cert_dir, hn)
self.ca = "%s/ca.cert" % self.config.cert_dir
-
+
AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(self, ("", 51234),
self.key, self.cert,
self.ca)
@@ -180,7 +180,7 @@ class FuncSSLXMLRPCServer(AuthedXMLRPCServer.AuthedSSLXMLRPCServer,
"""
the SimpleXMLRPCServer class will call _dispatch if it doesn't
- find a handler method
+ find a handler method
"""
# Recognize ipython's tab completion calls
@@ -194,19 +194,19 @@ class FuncSSLXMLRPCServer(AuthedXMLRPCServer.AuthedSSLXMLRPCServer,
cn = p.get_subject().CN
sub_hash = p.subject_name_hash()
else:
- print 'no cert'
+ print 'no cert'
# XXX FIXME - need to figure out how to dig into the server base classes
# so we can get client ip, and eventually cert id info -akl
self.audit_logger.log_call(ip, cn, sub_hash, method, params)
return self.get_dispatch_method(method)(*params)
-
+
def auth_cb(self, request, client_address):
peer_cert = request.get_peer_certificate()
return peer_cert.get_subject().CN
-
+
def main(argv):
"""
@@ -217,18 +217,16 @@ def main(argv):
utils.daemonize("/var/run/funcd.pid")
else:
print "serving...\n"
-
+
try:
utils.create_minion_keys()
serve()
except codes.FuncException, e:
print >> sys.stderr, 'error: %s' % e
sys.exit(1)
-
+
# ======================================================================================
if __name__ == "__main__":
textdomain(I18N_DOMAIN)
main(sys.argv)
-
-
diff --git a/minion/sub_process.py b/func/minion/sub_process.py
index 351a951..351a951 100644
--- a/minion/sub_process.py
+++ b/func/minion/sub_process.py
diff --git a/minion/utils.py b/func/minion/utils.py
index 7a6180d..d13808e 100755
--- a/minion/utils.py
+++ b/func/minion/utils.py
@@ -25,23 +25,63 @@ from func import certs
from func.config import read_config
from func.commonconfig import FuncdConfig
+# "localhost" is a lame hostname to use for a key, so try to get
+# a more meaningful hostname. We do this by connecting to the certmaster
+# and seeing what interface/ip it uses to make that connection, and looking
+# up the hostname for that.
+def get_hostname():
+
+ # FIXME: this code ignores http proxies (which granted, we don't
+ # support elsewhere either. It also hardcodes the port number
+ # for the certmaster for now
+ hostname = None
+ hostname = socket.gethostname()
+ ip = socket.gethostbyname(hostname)
+ if ip != "127.0.0.1":
+ return hostname
+
+
+ config_file = '/etc/func/minion.conf'
+ config = read_config(config_file, FuncdConfig)
+
+ server = config.certmaster
+ port = 51235
+
+ try:
+ s = socket.socket()
+ s.settimeout(5)
+ s.connect((server, port))
+ (intf, port) = s.getsockname()
+ hostname = socket.gethostbyaddr(intf)[0]
+ s.close()
+ except:
+ s.close()
+ raise
+
+ return hostname
+
+
+
def create_minion_keys():
config_file = '/etc/func/minion.conf'
- config = read_config(config_file, FuncdConfig)
+ config = read_config(config_file, FuncdConfig)
cert_dir = config.cert_dir
master_uri = 'http://%s:51235/' % config.certmaster
- hn = socket.getfqdn()
-
+ hn = get_hostname()
+
+ if hn is None:
+ raise codes.FuncException("Could not determine a hostname other than localhost")
+
key_file = '%s/%s.pem' % (cert_dir, hn)
csr_file = '%s/%s.csr' % (cert_dir, hn)
cert_file = '%s/%s.cert' % (cert_dir, hn)
ca_cert_file = '%s/ca.cert' % cert_dir
-
+
if os.path.exists(cert_file) and os.path.exists(ca_cert_file):
return
- keypair = None
+ keypair = None
try:
if not os.path.exists(cert_dir):
os.makedirs(cert_dir)
@@ -53,19 +93,19 @@ def create_minion_keys():
csr = certs.make_csr(keypair, dest=csr_file)
except Exception, e: # need a little more specificity here
raise codes.FuncException, "Could not create local keypair or csr for minion funcd session"
-
+
result = False
while not result:
try:
result, cert_string, ca_cert_string = submit_csr_to_master(csr_file, master_uri)
except socket.gaierror, e:
raise codes.FuncException, "Could not locate certmaster at: http://certmaster:51235/"
-
+
# logging here would be nice
if not result:
- time.sleep(10)
-
-
+ time.sleep(10)
+
+
if result:
cert_fo = open(cert_file, 'w')
cert_fo.write(cert_string)
@@ -74,18 +114,18 @@ def create_minion_keys():
ca_cert_fo = open(ca_cert_file, 'w')
ca_cert_fo.write(ca_cert_string)
ca_cert_fo.close()
-
+
def submit_csr_to_master(csr_file, master_uri):
""""
gets us our cert back from the certmaster.wait_for_cert() method
takes csr_file as path location and master_uri
returns Bool, str(cert), str(ca_cert)
"""
-
+
fo = open(csr_file)
csr = fo.read()
s = xmlrpclib.ServerProxy(master_uri)
-
+
return s.wait_for_cert(csr)
diff --git a/overlord/Makefile b/func/overlord/Makefile
index 86a3db8..f2bc6c4 100755
--- a/overlord/Makefile
+++ b/func/overlord/Makefile
@@ -6,14 +6,13 @@ PYCHECKER = /usr/bin/pychecker
PYFLAKES = /usr/bin/pyflakes
clean::
- @rm -fv *.pyc *~ .*~ *.pyo
+ @rm -fv *.pyc *~ .*~ *.pyo
@find . -name .\#\* -exec rm -fv {} \;
@rm -fv *.rpm
-
-pychecker::
+
+pychecker::
@$(PYCHECKER) $(PYFILES) || exit 0
pyflakes::
@$(PYFLAKES) $(PYFILES) || exit 0
-
diff --git a/overlord/__init__.py b/func/overlord/__init__.py
index e69de29..e69de29 100644
--- a/overlord/__init__.py
+++ b/func/overlord/__init__.py
diff --git a/overlord/client.py b/func/overlord/client.py
index 133aafa..3c60148 100755
--- a/overlord/client.py
+++ b/func/overlord/client.py
@@ -6,7 +6,7 @@
## Copyright 2007, Red Hat, Inc
## Michael DeHaan <mdehaan@redhat.com>
## +AUTHORS
-##
+##
## This software may be freely redistributed under the terms of the GNU
## general public license.
##
@@ -83,7 +83,7 @@ class Client(object):
self.interactive = interactive
self.noglobs = noglobs
self.servers = self.expand_servers(self.server_spec)
-
+
# default cert/ca/key is the same as the certmaster ca - need to
# be able to change that on the cli
self.key = '%s/funcmaster.key' % self.config.cadir
@@ -131,13 +131,13 @@ class Client(object):
to an unspecified number of machines.
So, it enables stuff like this:
-
+
Client("*.example.org").yum.install("foo")
# WARNING: any missing values in Client's source will yield
# strange errors with this engaged. Be aware of that.
"""
-
+
return CommandAutomagic(self, [name])
# -----------------------------------------------
@@ -170,13 +170,13 @@ class Client(object):
try:
# thats some pretty code right there aint it? -akl
# we can't call "call" on s, since thats a rpc, so
- # we call gettatr around it.
+ # we call gettatr around it.
meth = "%s.%s" % (module, method)
retval = getattr(conn, meth)(*args[:])
if self.interactive:
- pprint.pprint(retval)
+ pprint.pprint(retval)
except Exception, e:
- retval = e
+ retval = e
if self.interactive:
sys.stderr.write("remote exception on %s: %s\n" %
(server, str(e)))
@@ -191,7 +191,7 @@ class Client(object):
return results
- # -----------------------------------------------
+ # -----------------------------------------------
def cli_return(self,results):
"""
@@ -252,7 +252,7 @@ class Call(command.Command):
client = Client(self.server_spec,port=self.port,interactive=True,
verbose=self.verbose, config=self.config)
results = client.run(self.module, self.method, self.method_args)
-
+
# TO DO: add multiplexer support
# probably as a higher level module.
@@ -263,14 +263,14 @@ class FuncCommandLine(command.Command):
useage = "func is the commandline interface to a func minion"
subCommandClasses = [Call]
-
+
def __init__(self):
-
+
command.Command.__init__(self)
def do(self, args):
pass
-
+
def addOptions(self):
self.parser.add_option('', '--version', action="store_true",
help="show version information")
diff --git a/overlord/command.py b/func/overlord/command.py
index 54da1ec..812ad8d 100644
--- a/overlord/command.py
+++ b/func/overlord/command.py
@@ -3,7 +3,7 @@
# This file is released under the standard PSF license.
#
-# from MOAP - https://thomas.apestaart.org/moap/trac
+# from MOAP - https://thomas.apestaart.org/moap/trac
# written by Thomas Vander Stichele (thomas at apestaart dot org)
#
@@ -197,7 +197,7 @@ class Command:
# handle pleas for help
if args and args[0] == 'help':
self.debug('Asked for help, args %r' % args)
-
+
# give help on current command if only 'help' is passed
if len(args) == 1:
self.outputHelp()
diff --git a/overlord/sslclient.py b/func/overlord/sslclient.py
index 0ddbf58..ccb2c9c 100644
--- a/overlord/sslclient.py
+++ b/func/overlord/sslclient.py
@@ -44,15 +44,9 @@ class FuncServer(SSLXMLRPCServerProxy):
self.pem,
self.crt,
self.ca)
-
+
if __name__ == "__main__":
s = SSLXMLRPCServerProxy('https://localhost:51234/', '/etc/pki/func/slave.pem', '/etc/pki/func/slave.cert', '/etc/pki/func/ca/funcmaster.crt')
f = s.ping(1, 2)
print f
-
-
-
-
-
-
diff --git a/overlord/test_func.py b/func/overlord/test_func.py
index 4850675..2b3f041 100644
--- a/overlord/test_func.py
+++ b/func/overlord/test_func.py
@@ -38,7 +38,7 @@ if TEST_PROCESS:
# here's the service module testing
if TEST_SERVICES:
print s.service.restart("httpd")
-
+
if TEST_HARDWARE:
print s.hardware.info()
@@ -58,5 +58,4 @@ if TEST_VIRT:
if status == "shutdown":
s.virt.start(vm)
-# add more tests here
-
+# add more tests here
diff --git a/scripts/Makefile b/scripts/Makefile
index 86a3db8..a4cc7e1 100755
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -15,5 +15,6 @@ pychecker::
@$(PYCHECKER) $(PYFILES) || exit 0
pyflakes::
+ifneq ($(PYFILES)x, x)
@$(PYFLAKES) $(PYFILES) || exit 0
-
+endif
diff --git a/scripts/certmaster-ca b/scripts/certmaster-ca
index d103265..f7982ca 100755
--- a/scripts/certmaster-ca
+++ b/scripts/certmaster-ca
@@ -6,6 +6,8 @@
# --clean? not sure what it will do
import sys
+import glob
+import os
import func
import func.certs
@@ -20,23 +22,35 @@ def errorprint(stuff):
def parseargs(args):
- usage = 'certmaster-ca [options]'
+ usage = 'certmaster-ca <option> [args]'
parser = OptionParser(usage=usage)
parser.add_option('-l', '--list', default=False, action="store_true",
help='list signing requests remaining')
parser.add_option('-s', '--sign', default=False, action="store_true",
help='sign requests of hosts specified')
-
+ parser.add_option('-c', '--clean', default=False, action="store_true",
+ help="clean out all certs or csrs for the hosts specified")
+
(opts, args) = parser.parse_args()
- # XXX FIXME check for obviously impossible things and exit, etc
+
+ if not opts.list and not opts.sign and not opts.clean:
+ parser.print_help()
+ sys.exit(1)
+
return (opts, args)
def main(args):
+ if os.geteuid() != 0:
+ errorprint('Must be root to run certmaster-ca')
+ return 1
+
cm = func.certmaster.CertMaster('/etc/func/certmaster.conf')
(opts, args) = parseargs(args)
+
+
if opts.list:
hns = cm.get_csrs_waiting()
if hns:
@@ -57,7 +71,26 @@ def main(args):
certfile = cm.sign_this_csr(csrfile)
print '%s signed - cert located at %s' % (hn, certfile)
return 0
+
+ if opts.clean:
+ if not args:
+ errorprint('Need hostname(s) to clean up')
+ return 1
+
+ for hn in args:
+ csrglob = '%s/%s.csr' % (cm.cfg.csrroot, hn)
+ csrs = glob.glob(csrglob)
+ certglob = '%s/%s.cert' % (cm.cfg.certroot, hn)
+ certs = glob.glob(certglob)
+ if not csrs and not certs:
+ errorprint('No match for %s to clean up' % hn)
+ continue
+
+ for fn in csrs + certs:
+ print 'Cleaning out %s for host matching %s' % (fn, hn)
+ os.unlink(fn)
+ return 0
if __name__ == "__main__":
sys.exit(main(sys.argv[1:]))
diff --git a/setup.py b/setup.py
index c908534..41f5553 100644
--- a/setup.py
+++ b/setup.py
@@ -28,10 +28,7 @@ if __name__ == "__main__":
license = "GPL",
scripts = ["scripts/funcd", "scripts/func", "scripts/certmaster", "scripts/certmaster-ca"],
# package_data = { '' : ['*.*'] },
- package_dir = {"%s" % NAME: "%s" % NAME,
- "%s/minion" % NAME: "minion/",
- "%s/minion/modules" % NAME: "modules/",
- "%s/overlord" % NAME: "overlord/"
+ package_dir = {"%s" % NAME: "%s" % NAME
},
packages = ["%s" % NAME,
"%s/minion" % NAME,
generated by cgit (git 2.34.1) at 2024-09-24 22:33:56 +0000