From 81baada0400d8c801ff6f0feea3f25ec14ed9228 Mon Sep 17 00:00:00 2001 From: Sol Jerome Date: Tue, 12 May 2009 18:11:12 +0000 Subject: Cleaned up agent mode options and added cmd line options for SSL rework Signed-off-by: Sol Jerome git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5222 ce84e21b-d406-0410-9b95-82705330c041 --- src/lib/Options.py | 34 ++++++++++++++-------------------- src/sbin/bcfg2 | 31 +++++++++++-------------------- 2 files changed, 25 insertions(+), 40 deletions(-) (limited to 'src') diff --git a/src/lib/Options.py b/src/lib/Options.py index 16e82b395..add106869 100644 --- a/src/lib/Options.py +++ b/src/lib/Options.py @@ -66,7 +66,7 @@ class Option(object): msg = self.cmd if self.odesc: if self.long: - msg = "%-27s" % ("%s=%s" % (self.cmd, self.odesc)) + msg = "%-28s" % ("%s=%s" % (self.cmd, self.odesc)) else: msg += '%-25s' % (self.odesc) else: @@ -203,25 +203,28 @@ SERVER_LOCATION = Option('Server Location', cf=('components', 'bcfg2'), SERVER_STATIC = Option('Server runs on static port', cf=('components', 'bcfg2'), default=False, cook=bool_cook) SERVER_KEY = Option('Path to SSL key', cf=('communication', 'key'), - default=False, cmd='-K', odesc='') + default=False, cmd='-K', odesc='') SERVER_CERT = Option('Path to SSL certificate', default='/etc/bcfg2.key', cf=('communication', 'certificate'), odesc='') SERVER_CA = Option('Path to SSL CA Cert', default=None, - cf=('communication', 'ca'), odesc='') + cf=('communication', 'ca'), odesc='') CLIENT_KEY = Option('Path to SSL key', cf=('communication', 'key'), - default=None, odesc='') -CLIENT_CERT = Option('Path to SSL certificate', default=None, - cf=('communication', 'certificate'), odesc='') -CLIENT_CA = Option('Path to SSL CA Cert', default=None, - cf=('communication', 'ca'), odesc='') + default=None, cmd="--ssl-key", odesc='', + long_arg=True) +CLIENT_CERT = Option('Path to SSL certificate', default=None, cmd="--ssl-cert", + cf=('communication', 'certificate'), odesc='', + long_arg=True) +CLIENT_CA = Option('Path to SSL CA Cert', default=None, cmd="--ca-cert", + cf=('communication', 'ca'), odesc='', + long_arg=True) SERVER_PASSWORD = Option('Communication Password', cmd='-x', odesc='', cf=('communication', 'password'), default=False) INSTALL_PREFIX = Option('Installation location', cf=('server', 'prefix'), - default=DEFAULT_INSTALL_PREFIX, odesc='') + default=DEFAULT_INSTALL_PREFIX, odesc='') SERVER_PROTOCOL = Option('Server Protocol', cf=('communication', 'procotol'), default='xmlrpc/ssl') SENDMAIL_PATH = Option('Path to sendmail', cf=('reports', 'sendmailpath'), - default='/usr/lib/sendmail') + default='/usr/lib/sendmail') CLIENT_PROFILE = Option('assert the given profile for the host', default=False, cmd='-p', odesc="") @@ -236,7 +239,6 @@ CLIENT_PARANOID = Option('make automatic backups of config files', default=False, cmd='-P', ) CORE_PROFILE = Option('profile server core', odesc='', default=False, cmd='-p', ) -CLIENT_AGENT = Option('run in agent (continuous) mode, wait for reconfigure command from server', default=False, cmd='-A', ) CLIENT_DRIVERS = Option('Specify tool driver set', cmd='-D', cf=('client', 'drivers'), odesc="", cook=list_split, @@ -250,7 +252,7 @@ CLIENT_BUNDLE = Option('only configure the given bundle', default=[], CLIENT_KEVLAR = Option('run in kevlar (bulletproof) mode', default=False, cmd='-k', ) CLIENT_DLIST = Option('run client in server decision list mode', default=False, - cmd='-l', odesc='') + cmd='-l', odesc='') CLIENT_FILE = Option('configure from a file rather than querying the server', default=False, cmd='-f', odesc='') SERVER_FINGERPRINT = Option('Server Fingerprint', default=[], cmd='-F', @@ -258,19 +260,11 @@ SERVER_FINGERPRINT = Option('Server Fingerprint', default=[], cmd='-F', odesc='', cook=flist_split) CLIENT_QUICK = Option('disable some checksum verification', default=False, cmd='-q', ) -CLIENT_BACKGROUND = Option('Daemonize the agent', default=False, cmd='-i', ) -CLIENT_PORT = Option('the port on which to bind for agent mode', default='6789', - cmd='-g', cf=('communication', 'agent-port'), - odesc='') CLIENT_USER = Option('the user to provide for authentication', default='root', cmd='-u', cf=('communication', 'user'), odesc='') INTERACTIVE = Option('prompt the user for each change', default=False, cmd='-I', ) -AGENT_PORT = Option('Agent port', default=6789, cmd='-p', odesc='', - cf=('communication', 'agent-port')) -AGENT_HOST = Option('Remote host', default=False, cmd='-H', odesc='') - ENCODING = Option('Encoding of cfg files', default=sys.getdefaultencoding(), cmd='-E', odesc='', cf=('components', 'encoding')) diff --git a/src/sbin/bcfg2 b/src/sbin/bcfg2 index c2fb25121..070561dd9 100755 --- a/src/sbin/bcfg2 +++ b/src/sbin/bcfg2 @@ -6,7 +6,6 @@ __revision__ = '$Revision$' import logging import os import signal -import socket import sys import tempfile import time @@ -63,9 +62,6 @@ class Client: 'password': Bcfg2.Options.SERVER_PASSWORD, 'retries': Bcfg2.Options.CLIENT_RETRIES, 'kevlar': Bcfg2.Options.CLIENT_KEVLAR, - 'agent': Bcfg2.Options.CLIENT_AGENT, - 'agent-port': Bcfg2.Options.CLIENT_PORT, - 'agent-background': Bcfg2.Options.CLIENT_BACKGROUND, 'key': Bcfg2.Options.SERVER_KEY, 'decision-list': DECISION_LIST, 'encoding': Bcfg2.Options.ENCODING, @@ -90,7 +86,10 @@ class Client: level = 20 if self.setup['debug']: level = 0 - Bcfg2.Logger.setup_logging('bcfg2', to_syslog=False, level=level, to_file=self.setup['filelog']) + Bcfg2.Logger.setup_logging('bcfg2', + to_syslog=False, + level=level, + to_file=self.setup['filelog']) self.logger = logging.getLogger('bcfg2') self.logger.debug(self.setup) if 'drivers' in self.setup and self.setup['drivers'] == 'help': @@ -104,21 +103,14 @@ class Client: if (self.setup["file"] != False) and (self.setup["cache"] != False): print("cannot use -f and -c together") raise SystemExit(1) - if (self.setup["agent"] != False) and (self.setup["interactive"] != False): - print("cannot use -A and -I together") - raise SystemExit(1) - if (self.setup["agent"] and not self.setup["fingerprint"]): - print("Agent mode requires specification of x509 fingerprint") - raise SystemExit(1) - if (self.setup["agent"] and not self.setup["key"]): - print("Agent mode requires specification of ssl cert + key file") - raise SystemExit(1) def run_probe(self, probe): '''Execute probe''' name = probe.get('name') self.logger.info("Running probe %s" % name) - ret = Bcfg2.Client.XML.Element("probe-data", name=name, source=probe.get('source')) + ret = Bcfg2.Client.XML.Element("probe-data", + name=name, + source=probe.get('source')) try: scripthandle, scriptname = tempfile.mkstemp() script = open(scriptname, 'w+') @@ -141,10 +133,7 @@ class Client: def fatal_error(self, message): '''Signal a fatal error''' self.logger.error("Fatal error: %s" % (message)) - if not self.setup["agent"]: - raise SystemExit(1) - else: - self.logger.error("Continuing...") + raise SystemExit(1) def run(self): ''' Perform client execution phase ''' @@ -292,7 +281,9 @@ class Client: feedback = self.tools.GenerateStats() try: - proxy.RecvStats(Bcfg2.Client.XML.tostring(feedback, encoding='UTF-8', xml_declaration=True)) + proxy.RecvStats(Bcfg2.Client.XML.tostring(feedback, + encoding='UTF-8', + xml_declaration=True)) except xmlrpclib.Fault: self.logger.error("Failed to upload configuration statistics") raise SystemExit(2) -- cgit v1.2.3-1-g7c22