diff options
author | Narayan Desai <desai@mcs.anl.gov> | 2009-10-24 16:24:26 +0000 |
---|---|---|
committer | Narayan Desai <desai@mcs.anl.gov> | 2009-10-24 16:24:26 +0000 |
commit | a9cd2fd0099bcd47852d1a5c262cd0c55a6e59a8 (patch) | |
tree | ff297bba594324dc4e3001976945beaf06ac86a6 /src/lib | |
parent | 26aa01329aaf5d9a93111474903477f862843534 (diff) | |
download | bcfg2-a9cd2fd0099bcd47852d1a5c262cd0c55a6e59a8.tar.gz bcfg2-a9cd2fd0099bcd47852d1a5c262cd0c55a6e59a8.tar.bz2 bcfg2-a9cd2fd0099bcd47852d1a5c262cd0c55a6e59a8.zip |
Metadata: refuse to add dynamic group membership in explicitly private groups (Resolves Ticket #529)
git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5496 ce84e21b-d406-0410-9b95-82705330c041
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/Server/Plugins/Metadata.py | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/lib/Server/Plugins/Metadata.py b/src/lib/Server/Plugins/Metadata.py index d78592f14..21c69e5bd 100644 --- a/src/lib/Server/Plugins/Metadata.py +++ b/src/lib/Server/Plugins/Metadata.py @@ -82,6 +82,7 @@ class Metadata(Bcfg2.Server.Plugin.Plugin, self.groups = {} self.cgroups = {} self.public = [] + self.private = [] self.profiles = [] self.categories = {} self.bad_clients = {} @@ -277,7 +278,7 @@ class Metadata(Bcfg2.Server.Plugin.Plugin, client_tree.close() def update_client(self, client_name, attribs): - '''Update a client's attributes''' + '''Update a clients attributes''' tree = lxml.etree.parse(self.data + "/clients.xml") root = tree.getroot() node = self.search_client(client_name, tree) @@ -379,6 +380,7 @@ class Metadata(Bcfg2.Server.Plugin.Plugin, in client.findall('Alias')] elif dest == 'groups.xml': self.public = [] + self.private = [] self.profiles = [] self.groups = {} grouptmp = {} @@ -394,6 +396,8 @@ class Metadata(Bcfg2.Server.Plugin.Plugin, self.profiles.append(group.get('name')) if group.get('public', 'false') == 'true': self.public.append(group.get('name')) + elif group.get('public', 'true') == 'false': + self.private.append(group.get('name')) if 'category' in group.attrib: self.categories[group.get('name')] = group.get('category') for group in grouptmp: @@ -578,6 +582,9 @@ class Metadata(Bcfg2.Server.Plugin.Plugin, if g in self.categories and \ self.categories[g] in imd.categories: continue + if g in self.private: + self.logger.error("Refusing to add dynamic membership in private group %s for client %s" % (g, imd.hostname)) + continue imd.groups.add(g) def merge_additional_data(self, imd, source, data): |