def ssh_keygen(user, key_type="rsa"):
"""Generates a pair of ssh keys in the user's home .ssh directory.
"""
d = user_exists(user)
if not d:
raise ExecutionError("user '%s' does not exists" % user)
elif "home" not in d:
raise ExecutionError("user '%s' has not declared path" % user)
else:
key_file = os.path.join(d["home"], ".ssh/id_%s.pub" % key_type)
if not file_exists(key_file):
dir_ensure(os.path.join(d["home"], ".ssh/"),
mode="0700",
owner=user)
_x = run("ssh-keygen -q -t %s -f '%s/.ssh/id_%s' -N ''" %
(key_type, d["home"], key_type))[0]
mico.output.info("created ssh-key for user %s" % user)
if _x.return_code == 0:
_x = file_attribs(os.path.join(d["home"],
".ssh/id_%s" % key_type),
owner=user)
if _x.return_code == 0:
return file_attribs(os.path.join(
d["home"], ".ssh/id_%s.pub" % key_type),
owner=user)
else:
return _x
else:
return _x
def ssh_keygen(user, key_type="rsa"):
"""Generates a pair of ssh keys in the user's home .ssh directory.
"""
d = user_exists(user)
if not d:
raise ExecutionError("user '%s' does not exists" % user)
elif "home" not in d:
raise ExecutionError("user '%s' has not declared path" % user)
else:
key_file = os.path.join(d["home"], ".ssh/id_%s.pub" % key_type)
if not file_exists(key_file):
dir_ensure(os.path.join(d["home"], ".ssh/"), mode="0700", owner=user)
_x = run("ssh-keygen -q -t %s -f '%s/.ssh/id_%s' -N ''" % (
key_type,
d["home"],
key_type
))[0]
mico.output.info("created ssh-key for user %s" % user)
if _x.return_code == 0:
_x = file_attribs(os.path.join(d["home"],".ssh/id_%s" % key_type), owner=user)
if _x.return_code == 0:
return file_attribs(os.path.join(d["home"],".ssh/id_%s.pub" % key_type), owner=user)
else:
return _x
else:
return _x
def ssh_authorize(user, key):
"""Adds the given key to the '.ssh/authorized_keys' for the given
user."""
u = user_exists(user)
if not u:
raise ExecutionError("user '%s' does not exists" % user)
elif "home" not in u:
raise ExecutionError("user '%s' has not declared path" % user)
else:
key_file = os.path.join(u["home"], ".ssh/authorized_keys")
key = key.strip(os.linesep) + os.linesep
if file_exists(key_file):
data = file_read(key_file)
if data.find(key[:-1]) == -1:
_x = file_append(key_file, key)
else:
_x = data
mico.output.info("key %s added to user %s" % (
key.split()[2],
user,
))
return _x
else:
_x = dir_ensure(os.path.dirname(key_file), owner=user, mode="700")
if _x.return_code == 0:
_x = file_write(key_file, key, owner=user, mode="600")
if _x.return_code == 0:
_x = file_attribs(key_file, owner=user, mode="600")
mico.output.info("key %s added to user %s" % (
key.split()[2],
user,
))
return _x
def ssh_authorize(user, key):
"""Adds the given key to the '.ssh/authorized_keys' for the given
user."""
u = user_exists(user)
if not u:
raise ExecutionError("user '%s' does not exists" % user)
elif "home" not in u:
raise ExecutionError("user '%s' has not declared path" % user)
else:
key_file = os.path.join(u["home"], ".ssh/authorized_keys")
key = key.strip(os.linesep) + os.linesep
if file_exists(key_file):
data = file_read(key_file)
if data.find(key[:-1]) == -1:
_x = file_append(key_file, key)
else:
_x = data
mico.output.info("key %s added to user %s" % (key.split()[2], user,))
return _x
else:
_x = dir_ensure(os.path.dirname(key_file), owner=user, mode="700")
if _x.return_code == 0:
_x = file_write(key_file, key, owner=user, mode="600")
if _x.return_code == 0:
_x = file_attribs(key_file, owner=user, mode="600")
mico.output.info("key %s added to user %s" % (key.split()[2], user,))
return _x
def file_content(src,
dst,
env={},
mode=None,
owner=None,
group=None,
check=True,
override_mode=True,
override_owner=True,
override_group=True):
"""Read a file content (which is a jinja2 template), parser it using
provided environment plus the global environment (the local one override
the global one, and save the return in a remote file if file changes.
:type src: string
:param src: the path to local content file to be applied
:type dst: string
:param dst: the remote file path to be written
:type env: dict
:param env: a local environment to be passed to the content template, by
default the entire global environment is passed, local values will
be override the global ones.
:type mode: int
:param mode: the file mode use to save the file
:type owner: string
:param owner: the owner of the file
:type group: string
:param group: the group which owns the file
:type check: bool
:param check: if True (by default) check that file is created properly
:type override_mode: bool
:param override_mode: if True (by default) use the mode passed as
argument even if file is already created in remote with another mode.
:type override_owner: bool
:param override_mode: if True (by default) use the owner passed as
argument even if file is already created in remote with another
owner.
:type override_mode: bool
:param override_mode: if True (by default) use the group passed as
argument even if file is already created in remote with another
group.
"""
jinja_env = Environment(loader=FileSystemLoader(mico.config_path))
jinja_tpl = jinja_env.get_template(src)
local_env = dict([(k, v) for (k, v) in __builtin__.env.items()])
local_env.update(env)
content = jinja_tpl.render(**local_env)
hash_content = hashlib.sha1(content).hexdigest()
dir_ensure(os.path.dirname(dst), True, mode=mode, owner=owner, group=group)
if file_exists(dst):
original = file_read(dst)
orig_attr = file_attribs_get(dst)
if override_mode and mode:
orig_attr["mode"] = mode
if override_owner and owner:
orig_attr["owner"] = owner
if override_group and group:
orig_attr["group"] = group
else:
original = ""
orig_attr = {"mode": mode, "group": group, "owner": owner}
hash_original = hashlib.sha1(original).hexdigest()
_path = os.path.join(local_env["host_string"], dst.strip("/"))
if hash_original != hash_content or _path not in revision_repo:
revision_repo[_path] = original
file_write(dst, content)
file_attribs(dst, **orig_attr)
def file_content(src, dst, env={}, mode=None, owner=None, group=None,
check=True, override_mode=True, override_owner=True,
override_group=True):
"""Read a file content (which is a jinja2 template), parser it using
provided environment plus the global environment (the local one override
the global one, and save the return in a remote file if file changes.
:type src: string
:param src: the path to local content file to be applied
:type dst: string
:param dst: the remote file path to be written
:type env: dict
:param env: a local environment to be passed to the content template, by
default the entire global environment is passed, local values will
be override the global ones.
:type mode: int
:param mode: the file mode use to save the file
:type owner: string
:param owner: the owner of the file
:type group: string
:param group: the group which owns the file
:type check: bool
:param check: if True (by default) check that file is created properly
:type override_mode: bool
:param override_mode: if True (by default) use the mode passed as
argument even if file is already created in remote with another mode.
:type override_owner: bool
:param override_mode: if True (by default) use the owner passed as
argument even if file is already created in remote with another
owner.
:type override_mode: bool
:param override_mode: if True (by default) use the group passed as
argument even if file is already created in remote with another
group.
"""
jinja_env = Environment(loader=FileSystemLoader([os.path.dirname(src)]))
jinja_tpl = jinja_env.get_template(os.path.basename(src))
local_env = dict([(k, v) for (k, v) in __builtin__.env.items()])
local_env.update(env)
content = jinja_tpl.render(**local_env)
hash_content = hashlib.sha1(content).hexdigest()
dir_ensure(os.path.dirname(dst), True, mode=mode, owner=owner,
group=group)
if file_exists(dst):
original = file_read(dst)
orig_attr = file_attribs_get(dst)
if override_mode and mode:
orig_attr["mode"] = mode
if override_owner and owner:
orig_attr["owner"] = owner
if override_group and group:
orig_attr["group"] = group
else:
original = ""
orig_attr = {"mode": mode, "group": group, "owner": owner}
hash_original = hashlib.sha1(original).hexdigest()
print local_env
_path = os.path.join("test", dst.strip("/"))
if hash_original != hash_content or _path not in revision_repo:
revision_repo[_path] = original
file_write(dst, content)
file_attribs(dst, **orig_attr)