def fetch(self, princ, addresses):
"""fetch keytabs of the address from locker
returns:
list -- encoded keytab contents belonging to addresses
"""
if not princ or not princ.startswith('host/'):
raise keytabs2.KeytabLockerError(
'princ "{}" not accepted'.format(princ))
hostname = princ[len('host/'):princ.rfind('@')]
if not self.zkclient.exists(z.path.server(hostname)):
_LOGGER.error('Invalid server: %s', hostname)
return {}
try:
for hostname in addresses:
keytab_files = glob.glob(
os.path.join(self._kt_spool_dir,
'*#{}@*'.format(hostname)))
kts = {
os.path.basename(keytab_file):
keytabs2.read_keytab(keytab_file)
for keytab_file in keytab_files
}
except OSError as err:
raise keytabs2.KeytabLockerError(err)
return kts
def put_keytab(client, keytabs):
"""put keytab to keytab locker
keytabs are keytabs files list
"""
request = {
'action': 'put',
'keytabs': [keytabs2.read_keytab(kt) for kt in keytabs]
}
return send_request(client, request)
def get(self, princ, app_name):
"""Get keytabs defined in manifest from locker.
returns:
list -- encoded keytab contents required by app
"""
keytab_names = self.query(princ, app_name)
try:
keytabs = {
keytab:
keytabs2.read_keytab(os.path.join(self._kt_spool_dir, keytab))
for keytab in keytab_names
}
except OSError as err:
raise keytabs2.KeytabLockerError(err)
return keytabs