diff options
| author | Narayan Desai <desai@mcs.anl.gov> | 2004-01-09 17:04:39 +0000 |
|---|---|---|
| committer | Narayan Desai <desai@mcs.anl.gov> | 2004-01-09 17:04:39 +0000 |
| commit | 03b40b1d1cc3da97f4ffa3f0296a06862a443e66 (patch) | |
| tree | dab10bf7313e6761555911b709c0810040e9f7dc /generators | |
| parent | 3c53a27b055e477413b216b0c4916f4183342824 (diff) | |
| download | bcfg2-03b40b1d1cc3da97f4ffa3f0296a06862a443e66.tar.gz bcfg2-03b40b1d1cc3da97f4ffa3f0296a06862a443e66.tar.bz2 bcfg2-03b40b1d1cc3da97f4ffa3f0296a06862a443e66.zip | |
add entry for root's authorized keys
2004/01/09 11:03:12-06:00 anl.gov!desai
(Logical change 1.17)
git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@62 ce84e21b-d406-0410-9b95-82705330c041
Diffstat (limited to 'generators')
| -rw-r--r-- | generators/account.py | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/generators/account.py b/generators/account.py index e69de29bb..0773ae3d8 100644 --- a/generators/account.py +++ b/generators/account.py @@ -0,0 +1,56 @@ +#!/usr/bin/env python + +from Generator from Generator +from GeneratorUtils import DirectoryBacked +from Types import ConfigFile + +class account(Generator): + __name__ = 'account' + __version__ = '$Id$' + __author__ = 'bcfg-dev@mcs.anl.gov' + __build__ = {'/etc/passwd':"GenFromYP", + '/etc/group':"GenFromYP", + '/etc/security/limits.conf':"GenLimits", + '/root/.ssh/authorized_keys':"GenRootKeys"} + + __doc__ = '''This module generates account config files, based on an internal data repo: + static.(passwd|group|limits.conf) -> static entries + dyn.(passwd|group) -> dynamic entries (usually acquired from yp) + useraccess -> users to be granted login access on some hosts + superusers -> users to be granted root privs on all hosts + rootlike -> users to be granted root privs on some hosts + ''' + + def __setup__(self): + self.repository = DirectoryBacked(self.data) + self.ssh = DirectoryBacked("%s/ssh"%(self.data)) + + def GenFromYP(self,filename,client): + fname = filename.split('/')[-1] + static = self.repository.entries["static.%s"%(fname)].data + yp = self.repository.entries["dyn.%s"%(fname)].data + return ConfigFile(filename,"root","root",'0644',static+yp) + + def GenLimits(self,filename,client): + fname = 'limits.conf' + static = self.repository.entries["static.limits.conf"].data + superusers = self.repository.entries["superusers"].data.split() + useraccess = self.repository.entries["useraccess"].data + users = [x[0] for x in useraccess if x[1] == client] + + data = static + join(map(lambda x:"%s hard maxlogins 1024\n"%x, superusers + users), ""), + + if "*" not in users: + data += "* hard maxlogins 0\n" + + return ConfigFile(filename,"root","root",'0644',data) + + def GenRootKeys(self,filename,client): + su = self.repository.entries['superusers'].data.split() + rl = self.repository.entries['rootlike'].data.split() + su += [split(x,':')[0] for x in rl if split(x,':')[1] == client] + data = '' + for user in su: + if self.ssh.entries.has_key(user): + data += self.ssh.entries[user].data + return ConfigFile(filename,'root','root','0600',data) |