diff options
-rw-r--r-- | src/lib/Server/Generators/Account.py | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/src/lib/Server/Generators/Account.py b/src/lib/Server/Generators/Account.py index 8b1facbac..7929fc5b7 100644 --- a/src/lib/Server/Generators/Account.py +++ b/src/lib/Server/Generators/Account.py @@ -15,45 +15,44 @@ class Account(Generator): __name__ = 'Account' __version__ = '$Id$' __author__ = 'bcfg-dev@mcs.anl.gov' - __provides__ = {'ConfigFile':{}} def __init__(self, core, datastore): Generator.__init__(self, core, datastore) + self.__provides__ = {'ConfigFile':{'/etc/passwd':self.from_yp_cb, + '/etc/group':self.from_yp_cb, + '/etc/security/limits.conf':self.gen_limits_cb, + '/root/.ssh/authorized_keys':self.gen_root_keys_cb}} try: self.repository = DirectoryBacked(self.data, self.core.fam) self.ssh = DirectoryBacked("%s/ssh"%(self.data), self.core.fam) except: self.LogError("Failed to load repos: %s, %s" % (self.data, "%s/ssh" % (self.data))) raise GeneratorInitError - self.__provides__['ConfigFile'] = {'/etc/passwd':self.from_yp, - '/etc/group':self.from_yp, - '/etc/security/limits.conf':self.gen_limits, - '/root/.ssh/authorized_keys':self.gen_root_keys} - def from_yp(self, entry, metadata): + def from_yp_cb(self, entry, metadata): '''Build password file from cached yp data''' fname = entry.attrib['name'].split('/')[-1] entry.text = self.repository.entries["static.%s" % (fname)].data entry.text += self.repository.entries["dyn.%s" % (fname)].data entry.attrib.update({'owner':'root', 'group':'root', 'perms':'0644'}) - def gen_limits(self, entry, metadata): + def gen_limits_cb(self, entry, metadata): '''Build limits entries based on current ACLs''' - static = self.repository.entries["static.limits.conf"].data + entry.text = self.repository.entries["static.limits.conf"].data superusers = self.repository.entries["superusers"].data.split() useraccess = self.repository.entries["useraccess"].data users = [user for (user, host) in useraccess if host == metadata.hostname] entry.attrib.upate({'owner':'root', 'group':'root', 'perms':'0600'}) - entry.text = static + "".join(["%s hard maxlogins 1024\n" % x for x in superusers + users]) + entry.text += "".join(["%s hard maxlogins 1024\n" % uname for uname in superusers + users]) if "*" not in users: entry.text += "* hard maxlogins 0\n" - def gen_root_keys(self, entry, metadata): + def gen_root_keys_cb(self, entry, metadata): '''Build root authorized keys file based on current ACLs''' data = '' superusers = self.repository.entries['superusers'].data.split() - rootlike = self.repository.entries['rootlike'].data.split() - superusers += [x.split(':')[0] for x in rootlike if x.split(':')[1] == metadata.hostname] + rootlike = [line.split(':', 1) for line in self.repository.entries['rootlike'].data.split()] + superusers += [user for (user, host) in rootlike if host == metadata.hostname] data = '' for user in superusers: if self.ssh.entries.has_key(user): |