def main():
parser = ArgumentParser(parents=[common_parser])
parser.add_argument('user')
parser.add_argument('command')
parser.add_argument('arguments', nargs='*')
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
passwd = pwd.getpwnam(args.user)
group = grp.getgrgid(passwd.pw_gid)
except KeyError:
logger.critical("No such user or group")
return os.EX_NOUSER
filename = args.command
try:
drop_privileges(passwd, group)
except PermissionError:
logging.exception("Can't drop privileges")
return os.EX_NOPERM
try:
os.execvp(filename, [filename] + args.arguments)
except (FileNotFoundError, PermissionError):
logger.critical("Could not execute %s", filename)
return os.EX_NOINPUT
except OSError:
logger.exception("An OSError occurred")
return os.EX_OSERR
def main() -> int:
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
try:
engine = db.create_engine(config, poolclass=NullPool)
agent_pwd: pwd.struct_passwd = pwd.getpwnam(constants.AGENT_USER)
with dropped_privileges(agent_pwd):
check_database(engine, agent_pwd, (db.radacct, db.radpostauth))
portal_pwd: pwd.struct_passwd = pwd.getpwnam(constants.PORTAL_USER)
with dropped_privileges(portal_pwd):
check_database(engine, portal_pwd,
(db.radacct, db.radpostauth, db.radusergroup))
radius_pwd: pwd.struct_passwd = pwd.getpwnam(constants.RADIUS_USER)
with dropped_privileges(radius_pwd):
check_database(engine, radius_pwd,
(db.radacct, db.radgroupcheck, db.radgroupreply,
db.radpostauth, db.radreply, db.radusergroup))
except DBAPIError:
return os.EX_TEMPFAIL
return os.EX_OK
def main():
parser = ArgumentParser(parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
try:
engine = db.create_engine(config, poolclass=NullPool)
agent_pwd = pwd.getpwnam(constants.AGENT_USER)
with dropped_privileges(agent_pwd):
check_database(engine, agent_pwd.pw_name,
(db.radacct, db.radpostauth))
portal_pwd = pwd.getpwnam(constants.PORTAL_USER)
with dropped_privileges(portal_pwd):
check_database(engine, portal_pwd.pw_name,
(db.radacct, db.radpostauth, db.radusergroup))
radius_pwd = pwd.getpwnam(constants.RADIUS_USER)
with dropped_privileges(radius_pwd):
check_database(engine, radius_pwd.pw_name,
(db.radacct, db.radgroupcheck, db.radgroupreply,
db.radpostauth, db.radreply, db.radusergroup))
except DBAPIError:
return os.EX_TEMPFAIL
return os.EX_OK
def main():
parser = ArgumentParser(parents=[common_parser])
parser.add_argument(dest='source',
metavar='SOURCE',
help="Template file name or template directory name")
parser.add_argument(dest='destination',
metavar='DESTINATION',
nargs='?',
help="Destination file or directory (default is stdout"
"for files; required for directories)")
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
config = load_config(args.config)
template_dir = constants.templatedir
generator = ConfigGenerator(template_dir, config)
source_path = os.path.join(template_dir, args.source)
if os.path.isdir(source_path):
generator.from_directory(args.source, args.destination)
elif os.path.isfile(source_path):
if args.destination is None:
generator.from_file(args.source, sys.stdout)
else:
with open(args.destination, 'w', encoding='utf-8') as f:
generator.from_file(args.source, f)
else:
logger.critical("No such file or directory %s in %s", args.source,
template_dir)
return os.EX_NOINPUT
def main():
import sys
logger.warning(
"Running in standalone mode. This is meant for development purposes only."
)
# When dnsmasq starts, it calls init before dropping privileges
if os.geteuid() == 0:
try:
passwd = pwd.getpwnam(constants.AUTH_DHCP_USER)
except KeyError:
logger.critical("No such user: {}".format(
constants.AUTH_DHCP_USER))
return os.EX_NOUSER
try:
group = grp.getgrgid(passwd.pw_gid)
except KeyError:
logger.critical("No such group: {:d}".format(passwd.pw_gid))
return os.EX_NOUSER
drop_privileges(passwd, group)
parser = create_parser(standalone=True)
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
engine = engine_from_config(args.config)
return dispatch_commands(
args,
Context(
stdin=sys.stdin,
stdout=sys.stdout,
stderr=sys.stderr,
environ=os.environ,
environb=os.environb,
),
engine,
)
def main():
parser = ArgumentParser(
description='Provides a DBus API to perform privileged operations',
parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
load_config(args.config)
run_event_loop()
def main() -> int:
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
run_event_loop()
def main():
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
export(config, args.format, args.file)
return os.EX_OK
def main():
parser = ArgumentParser(
description='Provides a DBus API to perform privileged operations',
parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
run_event_loop()
def main():
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
search_path = constants.templatepath.split(os.path.pathsep)
generator = ConfigGenerator(search_path, config, args.mode, args.group)
try:
generator.generate(args.source, args.destination)
except GeneratorError as e:
logger.critical(str(e))
return os.EX_DATAERR
def main():
parser = ArgumentParser(description='Export options as shell variables',
epilog='Python sequence and mapping types will '
'only be exported, if the destination '
'format support it',
parents=[parent_parser])
parser.add_argument('--format', choices=('systemd', 'posix', 'bash', 'ksh',
'zsh'),
default='systemd', help='Export format.')
parser.add_argument('file', type=argparse.FileType('wb'), metavar='FILE',
default='-', nargs='?',
help='Output destination (default: stdout)')
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
export(config, args.format, args.file)
return os.EX_OK
def main():
parser = ArgumentParser(description='Export options as shell variables',
epilog='Python sequence and mapping types will '
'only be exported, if the destination '
'format support it',
parents=[parent_parser])
parser.add_argument('--format',
choices=('systemd', 'posix', 'bash', 'ksh', 'zsh'),
default='systemd',
help='Export format.')
parser.add_argument('file',
type=argparse.FileType('wb'),
metavar='FILE',
default='-',
nargs='?',
help='Output destination (default: stdout)')
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
config = load_config(args.config)
export(config, args.format, args.file)
return os.EX_OK
def main() -> int:
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
app = create_app()
app.config_from_object(config.of_type(CeleryOption))
log_level = logging.root.level
reset_cli_logging()
worker: celery.apps.worker.Worker = app.Worker(
app=app,
hostname=config.HADES_CELERY_WORKER_HOSTNAME,
statedb=config.HADES_CELERY_STATE_DB,
pidfile=args.pid_file,
loglevel=log_level
)
worker.start()
return worker.exitcode
def main():
parser = ArgumentParser(parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
config = load_config(args.config, runtime_checks=True)
try:
engine = db.create_engine(config, poolclass=NullPool)
agent_pwd = pwd.getpwnam(constants.AGENT_USER)
with dropped_privileges(agent_pwd):
check_database(engine, agent_pwd.pw_name,
(db.radacct, db.radpostauth))
portal_pwd = pwd.getpwnam(constants.PORTAL_USER)
with dropped_privileges(portal_pwd):
check_database(engine, portal_pwd.pw_name,
(db.radacct, db.radpostauth, db.radusergroup))
radius_pwd = pwd.getpwnam(constants.RADIUS_USER)
with dropped_privileges(radius_pwd):
check_database(engine, radius_pwd.pw_name,
(db.radacct, db.radgroupcheck, db.radgroupreply,
db.radpostauth, db.radreply, db.radusergroup))
except DBAPIError:
return os.EX_TEMPFAIL
return os.EX_OK
def main():
parser = ArgumentParser(
description="Listens for commands as output by `hades-dhcp-script`.",
epilog=f"""\
This server listens on a socket for commands communicating lease events.
For detailed information about the functionality see `hades-dhcp-script --help`.
It is the server component for what could have been a single python program,
however because of performance reasons, it was necessary to circumvent the need
for a complete python interpreter startup every time such a notification happens.\
""",
parents=[common_parser],
)
parser.add_argument(
'--socket',
nargs='?',
default=constants.AUTH_DHCP_SCRIPT_SOCKET,
help=
f"Socket to listen on. Default: {constants.AUTH_DHCP_SCRIPT_SOCKET}")
args = parser.parse_args()
SCRIPT_SOCKET = args.socket
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
fds = listen_fds()
if len(fds) == 0:
logger.info(
"Opening UNIX socket at %s.",
SCRIPT_SOCKET,
)
sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM, 0)
try:
os.unlink(SCRIPT_SOCKET)
except FileNotFoundError:
pass
sock.bind(SCRIPT_SOCKET)
sock.listen(Server.request_queue_size)
elif len(fds) == 1:
logger.info("Using systemd activation socket")
sock = fds[0]
if not is_socket_unix(sock, socket.SOCK_STREAM):
logger.critical(
"Passed socket is not an AF_UNIX SOCK_STREAM socket")
return os.EX_USAGE
else:
logger.critical(
"More than one (%d) socket passed via socket activation",
len(fds),
)
return os.EX_USAGE
engine = db.create_engine(
config,
pool_size=1,
max_overflow=2,
pool_pre_ping=True,
pool_reset_on_return='rollback',
)
try:
engine.connect()
except DBAPIError as e:
logger.critical("Could not connect to database", exc_info=e)
return os.EX_TEMPFAIL
server = Server(sock, engine)
server.serve_forever()
return os.EX_OK