From dab1d03d81c538966d03fb9318a4588a9e803b44 Mon Sep 17 00:00:00 2001 From: Sol Jerome Date: Sat, 24 Mar 2012 11:20:07 -0500 Subject: Allow to run directly from a git checkout (#1037) Signed-off-by: Sol Jerome --- src/lib/Bcfg2/Server/Hostbase/nisauth.py | 40 ++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 src/lib/Bcfg2/Server/Hostbase/nisauth.py (limited to 'src/lib/Bcfg2/Server/Hostbase/nisauth.py') diff --git a/src/lib/Bcfg2/Server/Hostbase/nisauth.py b/src/lib/Bcfg2/Server/Hostbase/nisauth.py new file mode 100644 index 000000000..ae4c6c021 --- /dev/null +++ b/src/lib/Bcfg2/Server/Hostbase/nisauth.py @@ -0,0 +1,40 @@ +"""Checks with NIS to see if the current user is in the support group""" +import os +import crypt, nis +from Bcfg2.Server.Hostbase.settings import AUTHORIZED_GROUP + + +class NISAUTHError(Exception): + """NISAUTHError is raised when somehting goes boom.""" + pass + +class nisauth(object): + group_test = False +# check_member_of = os.environ['LDAP_CHECK_MBR_OF_GRP'] + samAcctName = None + distinguishedName = None + sAMAccountName = None + telephoneNumber = None + title = None + memberOf = None + department = None #this will be a list + mail = None + extensionAttribute1 = None #badgenumber + badge_no = None + uid = None + + def __init__(self,login,passwd=None): + """get user profile from NIS""" + try: + p = nis.match(login, 'passwd.byname').split(":") + except: + raise NISAUTHError('username') + # check user password using crypt and 2 character salt from passwd file + if p[1] == crypt.crypt(passwd, p[1][:2]): + # check to see if user is in valid support groups + # will have to include these groups in a settings file eventually + if not login in nis.match(AUTHORIZED_GROUP, 'group.byname').split(':')[-1].split(',') and p[3] != nis.match(AUTHORIZED_GROUP, 'group.byname').split(':')[2]: + raise NISAUTHError('group') + self.uid = p[2] + else: + raise NISAUTHError('password') -- cgit v1.2.3-1-g7c22