From 542dafea6974627df8e327be7f80d9f7bf417892 Mon Sep 17 00:00:00 2001 From: Sol Jerome Date: Tue, 23 Jun 2009 14:16:05 +0000 Subject: SSHBase: Make SSHBase aware of aliases SSHBase is now aware of aliases listed in the clients.xml file. ClientMetadata now includes `addresses` which are a mapping from an alias to an (ip, name) tuple. The ip addresses can be specified either in clients.xml as an address attribute to the Alias or in DNS. Signed-off-by: Sol Jerome git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5295 ce84e21b-d406-0410-9b95-82705330c041 --- src/lib/Server/Plugins/SSHbase.py | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'src/lib/Server/Plugins/SSHbase.py') diff --git a/src/lib/Server/Plugins/SSHbase.py b/src/lib/Server/Plugins/SSHbase.py index 1485df626..242aaf580 100644 --- a/src/lib/Server/Plugins/SSHbase.py +++ b/src/lib/Server/Plugins/SSHbase.py @@ -28,7 +28,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, public key for (hostname) ssh_known_hosts -> the current known hosts file. this is regenerated each time a new key is generated. -''' + ''' name = 'SSHbase' __version__ = '$Id$' __author__ = 'bcfg-dev@mcs.anl.gov' @@ -143,6 +143,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, def build_skn(self, entry, metadata): '''This function builds builds a host specific known_hosts file''' client = metadata.hostname + addresses = metadata.addresses entry.text = self.skn hostkeys = [keytmpl % client for keytmpl in self.pubkeys \ if (keytmpl % client) in self.entries] @@ -150,6 +151,20 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, for hostkey in hostkeys: entry.text += "localhost,localhost.localdomain,127.0.0.1 %s" % ( self.entries[hostkey].data) + # add entries listed in clients.xml + for addr, (ip, host) in addresses.iteritems(): + shortname = addr.split('.')[0] + fqdn = addr + if ip == None: + ipaddr = self.get_ipcache_entry(addr)[0] + else: + ipaddr = ip + for key in self.entries.keys(): + if key.find('.pub.H_%s' % host) != -1: + entry.text += "%s,%s,%s %s" % (shortname, + fqdn, + ipaddr, + self.entries[key].data) permdata = {'owner':'root', 'group':'root', 'perms':'0644'} [entry.attrib.__setitem__(key, permdata[key]) for key in permdata] -- cgit v1.2.3-1-g7c22