def _touch(self): if self.__keyId: try: keyutils.set_timeout(self.__keyId, self.__keepalive) except keyutils.Error as exc: if exc.args[0] != keyutils.EKEYEXPIRED: raise
def testTimeout(self): desc = b"dummyKey" value = b"dummyValue" keyring = keyutils.KEY_SPEC_THREAD_KEYRING # create key with 1 second timeout: keyId = keyutils.add_key(desc, value, keyring) keyutils.set_timeout(keyId, 1) self.assertEqual(keyutils.request_key(desc, keyring), keyId) time.sleep(1.5) self.assertEqual(keyutils.request_key(desc, keyring), None)
def testTimeout(self): desc = b"dummyKey" value = b"dummyValue" keyring = keyutils.KEY_SPEC_THREAD_KEYRING # create key with 1 second timeout: keyId = keyutils.add_key(desc, value, keyring) self.assertEqual(keyutils.request_key(desc, keyring), keyId) keyutils.set_timeout(keyId, 1) time.sleep(1.5) try: keyId = keyutils.request_key(desc, keyring) except keyutils.Error as err: # https://patchwork.kernel.org/patch/5336901 self.assertEqual(err.args[0], keyutils.EKEYEXPIRED) keyId = None self.assertEqual(keyId, None)
def _touch(self, key_id): if self.timeout > 0: keyutils.set_timeout(key_id, self.timeout)
def get_user_password_through_keyctl(self, timeout, active_directory, skip_test, keyring=None, raise_on_error=True): ''' :param timeout: :param active_directory: :param skip_test: :param keyring: :param raise_on_error: :return: ''' password = None try: if keyring is None: # if keyring doesn't exist, generate a new keyring keyring = keyutils.KEY_SPEC_SESSION_KEYRING log.debug('KEY_SPEC_SESSION_KEYRING generated\n') elif keyring is 'user': keyring == keyutils.KEY_SPEC_USER_SESSION_KEYRING log.debug('KEY_SPEC_USER_SESSION_KEYRING generated\n') if keyring == keyutils.KEY_SPEC_SESSION_KEYRING: keyctl_keyring_name = '@s' elif keyring == keyutils.KEY_SPEC_USER_SESSION_KEYRING: keyctl_keyring_name = '@us' else: sys.exit( 'update this code to add the un translated keyring type {}\n' .format(keyring)) key_id = keyutils.request_key(self.key_name, keyring) if key_id: log.debug('Key {} exists on {}. Pulling from keyring\n'.format( self.key_name, keyring)) password = keyutils.read_key(key_id) else: log.debug( 'Key {} does not exist on {}. creating new key\n'.format( self.key_name, keyring)) password = password_check(username=self.username, keyname=self.key_name, active_directory=active_directory, skip_test=skip_test) key_id = keyutils.add_key( self.key_name, password, keyring) # for keyctl(1) the 'type' is 'user' keyutils.set_timeout(key_id, timeout) # Reset it each time it's accessed except Exception as e: if raise_on_error: raise Exception( "Failed to get key from keyutils using keyring {} - exception was {}" .format(keyctl_keyring_name, e)) return password