def storageprovider_update(args): obj = StorageProvider(args.ip, args.port) passwd = None secondary_url = None if (args.user and len(args.user) > 0): passwd = common.get_password("storage provider") try: if (not args.usessl): args.usessl = False secondary_password = None if (args.interface =="ibmxiv") : if(args.hyperScaleHost is not None and args.hyperScalePort is not None) : secondary_url = "https://"+args.hyperScaleHost+":"+args.hyperScalePort; else: common.format_err_msg_and_raise ("create","storageprovider","IBM XIV needs HyperScale Host and Port as mandatory",SOSError.NOT_FOUND_ERR) if (args.secondary_username and len(args.secondary_username) > 0): secondary_password = common.get_password("secondary password") res = obj.update(args.name, args.newname, args.providerip, args.providerport, args.user, passwd, args.usessl, args.interface, args.element_manager_url, args.secondary_username, secondary_password, secondary_url) except SOSError as e: common.format_err_msg_and_raise( "update", "storageprovider", e.err_text, e.err_code)
def storageprovider_update(args): obj = StorageProvider(args.ip, args.port) passwd = None if (args.user and len(args.user) > 0): passwd = common.get_password("storage provider") try: if (not args.usessl): args.usessl = False secondary_password = None if (args.secondary_username and len(args.secondary_username) > 0): secondary_password = common.get_password("secondary password") res = obj.update(args.name, args.newname, args.providerip, args.providerport, args.user, passwd, args.usessl, args.interface, args.element_manager_url, args.secondary_username, secondary_password) except SOSError as e: common.format_err_msg_and_raise( "update", "storageprovider", e.err_text, e.err_code)
def storageprovider_update(args): obj = StorageProvider(args.ip, args.port) passwd = None if args.user and len(args.user) > 0: passwd = common.get_password("storage provider") try: if not args.usessl: args.usessl = False if args.secondary_username and len(args.secondary_username) > 0: secondary_password = common.get_password("secondary password") res = obj.update( args.name, args.newname, args.providerip, args.providerport, args.user, passwd, args.usessl, args.interface, args.element_manager_url, args.secondary_username, secondary_password, ) except SOSError as e: common.format_err_msg_and_raise("update", "storageprovider", e.err_text, e.err_code)
def change_passwd(database): """Changes the password to $database. database - the database to use. """ database.pw = common.get_password(prompt="New password: ") database.changed = True
def unlock_db(path=jpass2.DEFAULT_DB): """Returns the unlocked database specified by $path. If the database does not exist, we ask the user if they would like to create a new one. If their response is yes, we create a new database and return it. Else, we exit with an error code of 1. path - the path to the database (may or may not exist). """ try: with open(path, "r") as f: pw = common.get_password(prompt="Password: "******"Successfully decrypted %s." % database.name return database except crypto.CryptoError: print "Failed to unlock database; incorrect password?" exit(1) except IOError: print "No such database '%s'." % path ans = common.get_yes_no_response("Would you like to create it now? <y/n> ", err="Please enter y or n.") if ans: return new_database() else: exit(1)
def storageprovider_update(args): obj = StorageProvider(args.ip, args.port) passwd = None secondary_url = None if (args.user and len(args.user) > 0): passwd = common.get_password("storage provider") try: if (not args.usessl): args.usessl = False if (args.interface =="ibmxiv") : if(not args.usessl): args.usessl = True if(args.hyperScaleHost is None and args.hyperScalePort is None and args.secondary_username is None): args.hyperScaleHost = None args.hyperScalePort = None args.secondary_username = None args.secondary_password = None elif((args.hyperScaleHost is None ) or (args.hyperScalePort is None)): raise SOSError(SOSError.CMD_LINE_ERR,"Either Secondary Host or Port was missing ") elif((args.hyperScaleHost is "") or (args.hyperScalePort is "")): raise SOSError(SOSError.CMD_LINE_ERR,"Either Secondary Host or Port was missing ") elif(args.hyperScaleHost is not None and args.hyperScalePort is not None and args.secondary_username is None ): raise SOSError(SOSError.CMD_LINE_ERR,"Secondary Username was missing ") elif(args.hyperScaleHost is not None and args.hyperScalePort is not None and args.secondary_username is not None) : secondary_url = "https://"+args.hyperScaleHost+":"+args.hyperScalePort; elif(args.hyperScaleHost is not "" and args.hyperScalePort is not "" and args.secondary_username is "" ): raise SOSError(SOSError.CMD_LINE_ERR,"Secondary Username was missing ") elif(args.hyperScaleHost is not "" and args.hyperScalePort is not "" and args.secondary_username is not "") : secondary_url = "https://"+args.hyperScaleHost+":"+args.hyperScalePort; secondary_password = None if (args.secondary_username and len(args.secondary_username) > 0): secondary_password = common.get_password("secondary password") res = obj.update(args.name, args.newname, args.providerip, args.providerport, args.user, passwd, args.usessl, args.interface, args.element_manager_url, args.secondary_username, secondary_password, secondary_url) except SOSError as e: common.format_err_msg_and_raise( "update", "storageprovider", e.err_text, e.err_code)
def host_update(args): if ( args.tenant is None and args.newviprhostname is None and args.newtype is None and args.newproject is None and args.newhostport is None and args.newhostusername is None and args.newosversion is None and args.newcluster is None and args.newdatacenter is None and args.newlabel is None ): raise SOSError( SOSError.CMD_LINE_ERR, sys.argv[0] + " " + sys.argv[1] + " " + sys.argv[2] + ": error:" + "At least one of the arguments :" "-tenant -newviprhostname -newtype -newhostusessl" "-newproject -newhostport -newhostusername" "-newosversion -newcluster -newdatacenter -newlabel" " should be provided to update the Host", ) if args.newdatacenter and args.vcentername is None: raise SOSError( SOSError.CMD_LINE_ERR, sys.argv[0] + " " + sys.argv[1] + " " + sys.argv[2] + ": error:" + "-vcentername is required to search the datacenter for the host", ) passwd = None if args.newhostusername and len(args.newhostusername) > 0: passwd = common.get_password("host") hostObj = Host(args.ip, args.port) try: hostObj.update( args.newviprhostname, args.newtype, args.hostlabel, args.tenant, args.newproject, args.newhostport, args.newhostusername, passwd, args.newhostusessl, args.newosversion, args.newcluster, args.newdatacenter, args.vcentername, args.newlabel, ) except SOSError as e: common.format_err_msg_and_raise("update", "host", e.err_text, e.err_code)
def restore_backup(args): obj = Backup(args.ip, Backup.DEFAULT_SYSMGR_PORT) try: if args.name: passwd = common.get_password("root user") res = obj.restoreBackup(args.name, args.islocal, passwd) except SOSError as e: common.format_err_msg_and_raise("restore", "backup", e.err_text, e.err_code)
def objectuser_secretkey_create(args): obj = ObjectUser(args.ip, args.port) secretkey = None if args.objectuser and not args.autogenerate: secretkey = common.get_password("SecretKey") try: res = obj.objectuser_secretkey_create(args.storagesystem, args.objectuser, secretkey) except SOSError as e: common.format_err_msg_and_raise("create_secretkey", "objectuser", e.err_text, e.err_code)
def backupset_restore(args): obj = Backup(args.ip, Backup.DEFAULT_SYSMGR_PORT) try: if args.bname: passwd = common.get_password("ftp server") res = obj.backupset_restore(args.bname, args.islocal, passwd) return common.format_json_object(res) except SOSError as e: common.format_err_msg_and_raise("restore", "backup", e.err_text, e.err_code)
def backupset_restore(args): obj = Backup(args.ip, Backup.DEFAULT_SYSMGR_PORT) try: if (args.bname): passwd = common.get_password("ftp server") res = obj.backupset_restore(args.bname, args.islocal, passwd) return common.format_json_object(res) except SOSError as e: common.format_err_msg_and_raise("restore", "backup", e.err_text, e.err_code)
def new_database(): """Creates a new database object for the user by allowing them to fill out a series of prompts (i.e. database name and password). """ name = common.get_nonempty_response("Enter a name for the database: ") pw = common.get_password("Enter a new password for the database: ") db = jpass2.Database(name, pw=pw) db.changed = True print "New database successfully created.\n" return db
def vcenter_update(args): passwd = None if (args.user and len(args.user) > 0): passwd = common.get_password("vcenter") obj = VCenter(args.ip, args.port) try: res = obj.vcenter_update(args.name, args.tenant, args.vcenter_ip, args.vcenter_port, args.osversion, args.usessl, args.user, passwd, args.cascade_tenancy) except SOSError as e: common.format_err_msg_and_raise("update", "vcenter", e.err_text, e.err_code)
def objectuser_secretkey_create(args): obj = ObjectUser(args.ip, args.port) secretkey = None if (args.objectuser and not args.autogenerate): secretkey = common.get_password("SecretKey") try: res = obj.objectuser_secretkey_create(args.storagesystem, args.objectuser, secretkey) except SOSError as e: common.format_err_msg_and_raise("create_secretkey", "objectuser", e.err_text, e.err_code)
def restore_backup(args): obj = Backup(args.ip, Backup.DEFAULT_SYSMGR_PORT) try: if (args.name): passwd = common.get_password("root user") res = obj.restoreBackup(args.name, args.islocal, passwd) except SOSError as e: common.format_err_msg_and_raise( "restore", "backup", e.err_text, e.err_code)
def computesystem_update(args): try: obj = ComputeSystem(args.ip, args.port) passwd = None if (args.user and len(args.user) > 0): passwd = common.get_password("computesystem") obj.update_computesystem(args.name, args.label, args.computeport, args.user, passwd, args.osinstallnetwork, args.usessl, args.computeimageserver) except SOSError as e: raise common.format_err_msg_and_raise("update", "computesystem", e.err_text, e.err_code)
def computeimageserver_update(args): try: obj = ComputeImageServers(args.ip, args.port) passwd = None if (args.user and len(args.user) > 0): passwd = common.get_password("computeimageserver") obj.update_computeimageserver(args.name, args.label, args.imageserverip, args.imageserversecondip, args.user, passwd, args.tftpbootdir, args.osinstalltimeout, args.sshtimeout, args.imageimporttimeout) except SOSError as e: raise common.format_err_msg_and_raise("update", "computeimageserver", e.err_text, e.err_code)
def computesystem_update(args): try: obj = ComputeSystem(args.ip, args.port) passwd = None if (args.user and len(args.user) > 0): passwd = common.get_password("computesystem") obj.update_computesystem(args.name, args.label, args.computeport, args.user, passwd, args.osinstallnetwork, args.usessl) except SOSError as e: raise common.format_err_msg_and_raise("update", "computesystem", e.err_text, e.err_code)
def change_passwd(): """Provides an intuitive interface for the user to change their password.""" print "First, please unlock your keyfile." keyfile_data = common.get_keyfile_data() print "\n", print "Enter a new password for your keyfile." key = common.get_password(prompt="New password: "******"\n", print "Done!" print "You will now have to use your new password to access your entries."
def init(): """Perform initialisation tasks, specifically: 1. If there is no ~/.jpass directory, create one. 2. If the user doesn't have a keyfile, walk them through creating one. """ # If the ~/.jpass directory doesn't exist, create it and make sure that only # the current user can read its contents. if not os.path.isdir(common.DIRECTORY): os.mkdir(common.DIRECTORY) os.chmod(common.DIRECTORY, 0700) # If the user doesn't have a secret keyfile yet, make one. if not os.path.isfile(common.SECRET_KEYFILE_PATH): print "We must first create a keyfile before you can start using jpass." print "Please enter a strong passphrase for the keyfile." key = common.get_password() crypto.create_secret_keyfile(key, common.SECRET_KEYFILE_PATH)
def host_create(args): if not args.tenant: tenant = "" if args.datacenter and args.vcentername is None: raise SOSError( SOSError.CMD_LINE_ERR, sys.argv[0] + " " + sys.argv[1] + " " + sys.argv[2] + ": error:" + "-vcentername is required to search the datacenter for the host", ) passwd = None if args.hostusername and len(args.hostusername) > 0: passwd = common.get_password("host") hostObj = Host(args.ip, args.port) try: hostObj.create( args.viprhostname, args.type, args.hostlabel, tenant, args.project, args.hostport, args.hostusername, passwd, args.hostusessl, args.osversion, args.cluster, args.datacenter, args.vcentername, ) except SOSError as e: common.format_err_msg_and_raise("create", "host", e.err_text, e.err_code)
def update_authentication_provider(args): obj = Authentication(args.ip, args.port) try: # read authentication provider parameters from configuration file config = ConfigParser.RawConfigParser() inif = open(args.configfile, 'rb') config.readfp(inif) sectionslst = config.sections() if(len(sectionslst) == 0): raise SOSError(SOSError.NOT_FOUND_ERR, "Authentication Provider configuration file is empty") for sectioniter in sectionslst: mode = config.get(sectioniter, "mode") add_urls = config.get(sectioniter, "add-urls") remove_urls = config.get(sectioniter, "remove-urls") add_domains = config.get(sectioniter, 'add-domains') remove_domains = config.get(sectioniter, 'remove-domains') add_whitelist = config.get(sectioniter, 'add-whitelist') remove_whitelist = config.get(sectioniter, 'remove-whitelist') managerdn = config.get(sectioniter, 'managerdn') searchbase = config.get(sectioniter, 'searchbase') searchfilter = config.get(sectioniter, 'searchfilter') searchkey = config.get(sectioniter, 'searchkey') groupattr = config.get(sectioniter, 'groupattr') name = config.get(sectioniter, 'name') description = config.get(sectioniter, 'description') searchscope = config.get(sectioniter, 'searchscope') validatecertificate = config.get(sectioniter, 'validatecertificate') maxpagesize = config.get(sectioniter, 'maxpagesize') disable = config.get(sectioniter, 'disable') defined_and_valid_value('search scope', searchscope , Authentication.SEARCH_SCOPE) defined_and_valid_value('disable', disable , Authentication.BOOL_VALS) defined_and_valid_value('validatecertificate', validatecertificate , Authentication.BOOL_VALS) passwd_user = common.get_password(name) res = obj.update_authentication_provider(mode, add_urls.split(','), remove_urls.split(','), None, managerdn, passwd_user, searchbase, searchfilter, searchkey, groupattr, name, add_domains.split(','), remove_domains.split(','), add_whitelist.split(','), remove_whitelist.split(','), searchscope, description, disable, validatecertificate, maxpagesize) except IOError as e: common.format_err_msg_and_raise("update", "authentication provider", e[1], e.errno) except SOSError as e: common.format_err_msg_and_raise("update", "authentication provider", e.err_text, e.err_code) except ConfigParser.NoOptionError as e: common.format_err_msg_and_raise("update", "authentication provider", str(e) , SOSError.NOT_FOUND_ERR) except (ConfigParser.ParsingError, ConfigParser.Error) as e: common.format_err_msg_and_raise("update", "authentication provider", str(e) , SOSError.VALUE_ERR)
def add_authentication_provider(args): obj = Authentication(args.ip, args.port) try: # read authentication provider parameters from configuration file config = ConfigParser.RawConfigParser() inif = open(args.configfile, 'rb') config.readfp(inif) sectionslst = config.sections() if(len(sectionslst) == 0): raise SOSError(SOSError.NOT_FOUND_ERR, "Authentication Provider configuration file is empty") for sectioniter in sectionslst: mode = config.get(sectioniter, "mode") url = config.get(sectioniter, "url") managerdn = config.get(sectioniter, 'managerdn') searchbase = config.get(sectioniter, 'searchbase') searchfilter = config.get(sectioniter, 'searchfilter') searchkey = config.get(sectioniter, 'searchkey') groupattr = config.get(sectioniter, 'groupattr') name = config.get(sectioniter, 'name') domains = config.get(sectioniter, 'domains') whitelist = config.get(sectioniter, 'whitelist') description = config.get(sectioniter, 'description') searchscope = config.get(sectioniter, 'searchscope') validatecertificate = config.get(sectioniter, 'validatecertificate') maxpagesize = config.get(sectioniter, 'maxpagesize') disable = config.get(sectioniter, 'disable') if(domains is "") or (whitelist is "") or (url is "") or (managerdn is "") or \ (searchbase is "") or (searchfilter is "") or \ (searchkey is "") or (groupattr is "") or (name is "") or (description is "") or (searchscope is "") or (mode is ""): raise SOSError(SOSError.VALUE_ERR, "domains,"+ "whitelist,url,managerdn,"+ "searchbase,searchfilter,searchkey,groupattr," + "name,description,searchscope and mode can not be empty") defined_and_valid_value('search scope', searchscope , Authentication.SEARCH_SCOPE) defined_and_valid_value('disable', disable , Authentication.BOOL_VALS) defined_and_valid_value('validatecertificate', validatecertificate , Authentication.BOOL_VALS) passwd_user = common.get_password(name) res = obj.add_authentication_provider(mode, url, None, managerdn, passwd_user, searchbase, searchfilter, searchkey, groupattr, name, domains, whitelist, searchscope, description, disable, validatecertificate, maxpagesize) except IOError as e: common.format_err_msg_and_raise("add", "authentication provider", e[1], e.errno) except SOSError as e: common.format_err_msg_and_raise("add", "authentication provider", e.err_text, e.err_code) except ConfigParser.NoOptionError as e: common.format_err_msg_and_raise("add", "authentication provider", str(e) , SOSError.NOT_FOUND_ERR) except (ConfigParser.ParsingError, ConfigParser.Error) as e: common.format_err_msg_and_raise("add", "authentication provider", str(e) , SOSError.VALUE_ERR)
def event_handler(event, context): current_region = 'us-east-1' if region_key not in os.environ: print("Warning - using default region %s" % current_region) else: current_region = os.environ[region_key] kms_connection = boto3.client('kms', region_name=current_region) # load the configuration file config_location = config_constants.LOCAL_CONFIG if event is not None and 'ConfigLocation' in event: config_location = event['ConfigLocation'] global debug config = common.get_config(config_location, current_region, debug) if config_constants.DEBUG in config and config[config_constants.DEBUG]: debug = True if debug: print("Configuration File Contents:") print(config) # extract the password use_password = common.get_password(kms_connection, config, debug) # bind the password back into the configuration so we can pass it forward config[config_constants.DB_PASSWORD] = use_password run_utilities = [] if event is not None and "ExecuteUtility" in event: if event["ExecuteUtility"] == config_constants.COLUMN_ENCODING: run_utilities.append(config_constants.COLUMN_ENCODING) elif event["ExecuteUtility"] == config_constants.ANALYZE_VACUUM: run_utilities.append(config_constants.ANALYZE_VACUUM) elif event["ExecuteUtility"] == config_constants.ANALYZE: run_utilities.append(config_constants.ANALYZE) elif event["ExecuteUtility"] == config_constants.VACUUM: run_utilities.append(config_constants.VACUUM) elif event["ExecuteUtility"] == config_constants.MONITORING: run_utilities.append(config_constants.MONITORING) elif event["ExecuteUtility"] == config_constants.TABLE_PERSISTENCE: run_utilities.append(config_constants.TABLE_PERSISTENCE) elif event["ExecuteUtility"] == config_constants.WLM_SCHEDULER: run_utilities.append(config_constants.WLM_SCHEDULER) elif 'utilities' in config: # run each utility, if requested if config_constants.COLUMN_ENCODING in config["utilities"]: run_utilities.append(config_constants.COLUMN_ENCODING) if config_constants.ANALYZE_VACUUM in config["utilities"]: run_utilities.append(config_constants.ANALYZE_VACUUM) if config_constants.ANALYZE in config["utilities"]: run_utilities.append(config_constants.ANALYZE) if config_constants.VACUUM in config["utilities"]: run_utilities.append(config_constants.VACUUM) if config_constants.MONITORING in config["utilities"]: run_utilities.append(config_constants.MONITORING) if config_constants.TABLE_PERSISTENCE in config["utilities"]: run_utilities.append(config_constants.TABLE_PERSISTENCE) if config_constants.WLM_SCHEDULER in config["utilities"]: run_utilities.append(config_constants.WLM_SCHEDULER) else: print("No Utilities configured to run. Exiting!") return results = [] for util in run_utilities: if util == config_constants.COLUMN_ENCODING: print("Running %s" % util) analyze_schema_compression.configure(**config) encoding_result = analyze_schema_compression.run() results.append(encoding_result) elif util == config_constants.ANALYZE_VACUUM: print("Running %s" % util) analyze_result = analyze_vacuum.run_analyze_vacuum(**config) if analyze_result == 0: results.append("OK") elif util == config_constants.ANALYZE: print("Running %s" % util) # turn on correct flag config[config_constants.DO_ANALYZE] = True config[config_constants.DO_VACUUM] = False analyze_result = analyze_vacuum.run_analyze_vacuum(**config) if analyze_result == 0: results.append("OK") elif util == config_constants.VACUUM: print("Running %s" % util) # turn on correct flag config[config_constants.DO_ANALYZE] = False config[config_constants.DO_VACUUM] = True analyze_result = analyze_vacuum.run_analyze_vacuum(**config) if analyze_result == 0: results.append("OK") elif util == config_constants.MONITORING: print("Running %s" % util) redshift_monitoring.monitor_cluster([config, os.environ]) elif util == config_constants.TABLE_PERSISTENCE: print("Running %s" % util) snapshot_system_stats.snapshot([config, os.environ]) elif util == config_constants.WLM_SCHEDULER: print("Running %s" % util) wlm_scheduler.run_scheduler(config) print("Processing Complete") return results