Changeset 99eb8cf


Ignore:
Timestamp:
Dec 8, 2009 6:11:35 PM (15 years ago)
Author:
Ted Faber <faber@…>
Branches:
axis_example, compt_changes, info-ops, master, version-3.01, version-3.02
Children:
23356cb
Parents:
3bddd24
Message:

More credential changes and removal of user/project stuff

Location:
fedd
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • fedd/fedd_client.py

    r3bddd24 r99eb8cf  
    9090                type="string", help="Suggested experiment name")
    9191
    92 class fedd_create_opts(fedd_client_opts):
    93     def __init__(self, access_keys, add_key_callback=None,
    94             add_cert_callback=None):
     92class fedd_create_opts(fedd_new_opts):
     93    def __init__(self):
    9594        fedd_client_opts.__init__(self)
    96         self.add_option("--experiment_cert", dest="out_certfile",
    97                 type="string", help="output certificate file")
    98         self.add_option("--experiment_name", dest="exp_name",
    99                 type="string", help="Suggested experiment name")
    100         self.add_option("--useFedid", action="store_true",
    101                 dest="use_fedid", default=False,
    102                 help="Use a fedid derived from my certificate as user identity")
    10395        self.add_option("--file", dest="file",
    10496                help="experiment description file")
     
    10698                type="string",
    10799                help="Project to export from master")
    108         if add_key_callback:
    109             self.add_option("--ssh_key", action="callback",
    110                     type="string", callback=add_key_callback,
    111                     callback_args=(access_keys,),
    112                     help="ssh key for access (can be supplied more than once")
    113         if add_cert_callback:
    114             self.add_option("--x509Key", action="callback",
    115                     type="string", callback=add_cert_callback,
    116                     callback_args=(access_keys,),
    117                     help="X509 certificate for access " + \
    118                         "(can be supplied more than once")
    119100        self.add_option("--master", dest="master",
    120101                help="Master testbed in the federation")
    121         self.add_option("--username", action="store", dest="user",
    122                 type="string", help="Use this username instead of the uid")
    123102
    124103class fedd_split_opts(fedd_create_opts):
    125     def __init__(self, access_keys, add_key_callback=None,
    126             add_cert_callback=None):
    127         fedd_create_opts.__init__(self, access_keys, add_key_callback,
    128                 add_cert_callback)
     104    def __init__(self ):
     105        fedd_create_opts.__init__(self)
    129106        self.add_option('--fedkit', action='store_true', dest='fedkit',
    130107                default=False,
     
    136113
    137114class fedd_access_opts(fedd_create_opts):
    138     def __init__(self, access_keys, node_descs, add_key_callback=None,
    139             add_cert_callback=None, add_node_callback=None):
    140         fedd_create_opts.__init__(self, access_keys, add_key_callback,
    141                 add_cert_callback)
    142         self.add_option("--anonymous", action="store_true",
    143                 dest="anonymous", default=False,
    144                 help="Do not include a user in the request")
     115    def __init__(self):
     116        fedd_create_opts.__init__(self)
    145117        self.add_option("--label", action="store", dest="label",
    146118                type="string", help="Label for output")
     
    219191
    220192class fedd_ns_image_opts(fedd_split_opts):
    221     def __init__(self, access_keys, add_key_callback=None,
    222             add_cert_callback=None):
    223         fedd_split_opts.__init__(self, access_keys, add_key_callback,
    224                 add_cert_callback)
     193    def __init__(self):
     194        fedd_split_opts.__init__(self)
    225195        self.add_option("--output", dest="outfile", type="string",
    226196                help="output image file")
     
    298268
    299269
    300     def add_ssh_key(self, option, opt_str, value, parser, access_keys):
    301         try:
    302             access_keys.append(access_method(file=value,
    303                 type=access_method.type_ssh))
    304         except IOError, (errno, strerror):
    305             raise OptionValueError("Cannot generate sshPubkey from %s: "\
    306                     "%s (%d)" % (value,strerror,errno))
    307 
    308     def add_x509_cert(self, option, opt_str, value, parser, access_keys):
    309         try:
    310             access_keys.append(access_method(file=value,
    311                 type=access_method.type_x509))
    312         except IOError, (errno, strerror):
    313             raise OptionValueError("Cannot read x509 cert from %s: %s (%d)" %
    314                     (value,strerror,errno))
    315270    def add_node_desc(self, option, opt_str, value, parser, node_descs):
    316271        def none_if_zero(x):
     
    325280            raise OptionValueError("Bad node description: %s" % value)
    326281
    327     def get_user_info(self, access_keys=None):
     282    def get_user_info(self):
    328283        pw = pwd.getpwuid(os.getuid());
    329284        try_cert=None
     
    335290            if not os.access(try_cert, os.R_OK):
    336291                try_cert = None
    337             if access_keys is not None and len(access_keys) == 0:
    338                 for k in ["%s/.ssh/id_rsa.pub", "%s/.ssh/id_dsa.pub",
    339                         "%s/.ssh/identity.pub"]:
    340                     try_key = k % pw[5];
    341                     if os.access(try_key, os.R_OK):
    342                         access_keys.append(access_method(file=try_key,
    343                             type=access_method.type_ssh))
    344                         break
    345292        return (user, try_cert)
    346293
     
    474421        if opts.debug > 0: opts.tracefile=sys.stderr
    475422
    476         (user, cert) = self.get_user_info([])
     423        (user, cert) = self.get_user_info()
    477424
    478425        if opts.cert != None: cert = opts.cert
     
    577524        if opts.debug > 0: opts.tracefile=sys.stderr
    578525
    579         (user, cert) = self.get_user_info([])
     526        (user, cert) = self.get_user_info()
    580527
    581528        if opts.cert != None: cert = opts.cert
     
    637584        if opts.debug > 0: opts.tracefile=sys.stderr
    638585
    639         (user, cert) = self.get_user_info([])
     586        (user, cert) = self.get_user_info()
    640587
    641588        if opts.cert != None: cert = opts.cert
     
    844791        if opts.debug > 0: opts.tracefile=sys.stderr
    845792
    846         (user, cert) = self.get_user_info([])
     793        (user, cert) = self.get_user_info()
    847794
    848795        if opts.cert != None: cert = opts.cert
     
    976923        The control flow.  Compose the request and print the response.
    977924        """
    978         access_keys = []
    979925        # Process the options using the customized option parser defined above
    980         parser = fedd_ns_image_opts(access_keys, self.add_ssh_key,
    981                 self.add_x509_cert)
     926        parser = fedd_ns_image_opts()
    982927
    983928        (opts, args) = parser.parse_args()
     
    989934        if opts.debug > 0: opts.tracefile=sys.stderr
    990935
    991         (user, cert) = self.get_user_info([])
     936        (user, cert) = self.get_user_info()
    992937
    993938        if opts.cert != None: cert = opts.cert
     
    11151060        The control flow.  Compose the request and print the response.
    11161061        """
    1117         access_keys = []
    11181062        # Process the options using the customized option parser defined above
    1119         parser = fedd_ns_image_opts(access_keys, self.add_ssh_key,
    1120                 self.add_x509_cert)
     1063        parser = fedd_ns_image_opts()
    11211064
    11221065        (opts, args) = parser.parse_args()
     
    11281071        if opts.debug > 0: opts.tracefile=sys.stderr
    11291072
    1130         (user, cert) = self.get_user_info([])
     1073        (user, cert) = self.get_user_info()
    11311074
    11321075        if opts.cert != None: cert = opts.cert
     
    11891132        (opts, args) = parser.parse_args()
    11901133
    1191         (user, cert) = self.get_user_info([])
     1134        (user, cert) = self.get_user_info()
    11921135        if opts.trusted:
    11931136            if ( not os.access(opts.trusted, os.R_OK) ) :
     
    12751218        (opts, args) = parser.parse_args()
    12761219
    1277         (user, cert) = self.get_user_info([])
     1220        (user, cert) = self.get_user_info()
    12781221        if opts.trusted:
    12791222            if ( not os.access(opts.trusted, os.R_OK) ) :
     
    13481291        fedd_rpc.__init__(self)
    13491292    def __call__(self):
    1350         access_keys = []
    13511293        # Process the options using the customized option parser defined above
    13521294        parser = fedd_new_opts()
     
    13601302        if opts.debug > 0: opts.tracefile=sys.stderr
    13611303
    1362         (user, cert) = self.get_user_info(access_keys)
     1304        (user, cert) = self.get_user_info()
    13631305
    13641306        if opts.cert != None: cert = opts.cert
     
    14171359        fedd_rpc.__init__(self)
    14181360    def __call__(self):
    1419         access_keys = []
    1420         parser = fedd_create_opts(access_keys, self.add_ssh_key,
    1421                 self.add_x509_cert)
     1361        parser = fedd_create_opts()
    14221362
    14231363        (opts, args) = parser.parse_args()
     
    14321372        if opts.debug > 0: opts.tracefile=sys.stderr
    14331373
    1434         (user, cert) = self.get_user_info(access_keys)
    1435 
    1436         if opts.user: user = opts.user
     1374        (user, cert) = self.get_user_info()
    14371375
    14381376        if opts.cert != None: cert = opts.cert
     
    15091447                'master': opts.master,
    15101448                'exportProject': { 'localname': opts.project },
    1511                 'user' : [ {\
    1512                         'userID': pack_id(user), \
    1513                         'access': [ { a.type: a.buf } for a in access_keys]\
    1514                         } ]
    1515                 }
     1449            }
    15161450
    15171451        if e_fedid:
     
    15591493        fedd_rpc.__init__(self)
    15601494    def __call__(self):
    1561         access_keys = []
    15621495        # Process the options using the customized option parser defined above
    1563         parser = fedd_split_opts(access_keys, self.add_ssh_key,
    1564                 self.add_x509_cert)
     1496        parser = fedd_split_opts()
    15651497
    15661498        (opts, args) = parser.parse_args()
     
    15721504        if opts.debug > 0: opts.tracefile=sys.stderr
    15731505
    1574         (user, cert) = self.get_user_info(access_keys)
     1506        (user, cert) = self.get_user_info()
    15751507
    15761508        if opts.cert != None: cert = opts.cert
     
    16611593
    16621594    def __call__(self):
    1663         access_keys = []
    16641595        node_descs = []
    16651596        proj = None
    16661597
    16671598        # Process the options using the customized option parser defined above
    1668         parser = fedd_access_opts(access_keys, node_descs, self.add_ssh_key,
    1669                 self.add_x509_cert, self.add_node_desc)
     1599        parser = fedd_access_opts()
    16701600
    16711601        (opts, args) = parser.parse_args()
     
    16801610        if opts.debug > 0: opts.tracefile=sys.stderr
    16811611
    1682         (user, cert) = self.get_user_info(access_keys)
    1683 
    1684         if opts.user: user = opts.user
     1612        (user, cert) = self.get_user_info()
    16851613
    16861614        if opts.cert != None: cert = opts.cert
     
    16991627                'allocID': pack_id('test alloc'),
    17001628                'destinationTestbed': pack_id(opts.testbed),
    1701                 'serviceAccess' : [ { a.type: a.buf } for a in access_keys ],
    1702                 'createAccess' : [ { a.type: a.buf } for a in access_keys ],
    17031629                }
    17041630
     
    17121638                        } for n in node_descs],
    17131639                    }
    1714 
    1715         if opts.project != None:
    1716             if not opts.anonymous and user != None:
    1717                 msg['project'] = {
    1718                         'name': pack_id(opts.project),
    1719                         'user': [ { 'userID': pack_id(user) } ],
    1720                         }
    1721             else:
    1722                 msg['project'] = { 'name': pack_id(opts.project) }
    1723         else:
    1724             if not opts.anonymous and user != None:
    1725                 msg['user'] = [ { 'userID': pack_id(user) } ]
    1726             else:
    1727                 msg['user'] = [];
    17281640
    17291641        if opts.debug > 1: print >>sys.stderr, msg
     
    17691681        if opts.debug > 0: opts.tracefile=sys.stderr
    17701682
    1771         (user, cert) = self.get_user_info([])
     1683        (user, cert) = self.get_user_info()
    17721684
    17731685        if opts.cert != None: cert = opts.cert

  • fedd/federation/experiment_control.py

    r3bddd24 r99eb8cf  
    725725        else: return None
    726726
    727     def get_access(self, tb, nodes, user, tbparam, master, export_project,
     727    def get_access(self, tb, nodes, tbparam, master, export_project,
    728728            access_user):
    729729        """
     
    734734            raise service_error(serice_error.server_config,
    735735                    "Unknown testbed: %s" % tb)
    736 
    737         # currently this lumps all users into one service access group
    738         service_keys = [ a for u in user \
    739                 for a in u.get('access', []) \
    740                     if a.has_key('sshPubkey')]
    741 
    742         if len(service_keys) == 0:
    743             raise service_error(service_error.req,
    744                     "Must have at least one SSH pubkey for services")
    745736
    746737        # Tweak search order so that if there are entries in access_user that
     
    13271318        return hosts, ips
    13281319
    1329     def get_access_to_testbeds(self, testbeds, user, access_user,
     1320    def get_access_to_testbeds(self, testbeds, access_user,
    13301321            export_project, master, allocated, tbparams):
    13311322        """
     
    13361327        """
    13371328        for tb in testbeds:
    1338             self.get_access(tb, None, user, tbparams, master,
     1329            self.get_access(tb, None, tbparams, master,
    13391330                    export_project, access_user)
    13401331            allocated[tb] = 1
     
    20172008                        "Bad key type (%s)" % self.ssh_type)
    20182009
    2019             user = req.get('user', None)
    2020             if user == None:
    2021                 raise service_error(service_error.req, "No user")
    2022 
    20232010            master = req.get('master', None)
    20242011            if not master:
     
    20672054            allocated = { }         # Testbeds we can access
    20682055            topo ={ }               # Sub topologies
    2069             self.get_access_to_testbeds(testbeds, user, access_user,
     2056            self.get_access_to_testbeds(testbeds, access_user,
    20702057                    export_project, master, allocated, tbparams)
    20712058            self.split_topology(top, topo, testbeds, eid, master, tbparams)
Note: See TracChangeset for help on using the changeset viewer.