def main():
# Read the password from the command line
try:
password = getpass.getpass("Enter irods password:"******"Confirm password:"******"^C")
sys.exit(0)
except EOFError:
print("^D")
sys.exit(0)
if password != confirm:
raise ValueError("confirmation does not match")
# Encode and dump the password
path = os.path.expanduser("~/.irods")
if not os.path.exists(path):
os.makedirs(path)
path = os.path.join(path, ".irodsA")
uid = os.getuid()
with open(path, "wb+") as f:
f.write(encode(password))
os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
print("Irods password has been set")
def make_environment_and_auth_files(dir_, **params):
if not os.path.exists(dir_): os.mkdir(dir_)
def recast(k):
return 'irods_' + k + ('_name' if k in ('user', 'zone') else '')
config = os.path.join(dir_, 'irods_environment.json')
with open(config, 'w') as f1:
json.dump({recast(k): v
for k, v in params.items() if k != 'password'},
f1,
indent=4)
auth = os.path.join(dir_, '.irodsA')
with open(auth, 'w') as f2:
f2.write(encode(params['password']))
os.chmod(auth, 0o600)
return (config, auth)
def modify_password(self, old_value, new_value, modify_irods_authentication_file = False):
"""
Change the password for the current user (in the manner of `ipasswd').
Parameters:
old_value - the currently valid (old) password
new_value - the desired (new) password
modify_irods_authentication_file - Can be False, True, or a string. If a string, it should indicate
the absolute path of an IRODS_AUTHENTICATION_FILE to be altered.
"""
with self.sess.pool.get_connection() as conn:
hash_new_value = obf.obfuscate_new_password(new_value, old_value, conn.client_signature)
message_body = UserAdminRequest(
"userpw",
self.sess.username,
"password",
hash_new_value
)
request = iRODSMessage("RODS_API_REQ", msg=message_body,
int_info=api_number['USER_ADMIN_AN'])
conn.send(request)
response = conn.recv()
if modify_irods_authentication_file:
auth_file = self.sess.auth_file
if not auth_file or isinstance(modify_irods_authentication_file, str):
auth_file = (modify_irods_authentication_file if self.abspath_exists(modify_irods_authentication_file) else '')
if not auth_file:
message = "Session not loaded from an environment file."
raise UserManager.EnvStoredPasswordNotEdited(message)
else:
with open(auth_file) as f:
stored_pw = obf.decode(f.read())
if stored_pw != old_value:
message = "Not changing contents of '{}' - "\
"stored password is non-native or false match to old password".format(auth_file)
raise UserManager.EnvStoredPasswordNotEdited(message)
with open(auth_file,'w') as f:
f.write(obf.encode(new_value))
logger.debug(response.int_info)
def do_iinit(host, port, user, zone, password):
if not exists(home_env_path):
os.makedirs(home_env_path)
else:
raise RuntimeError('~/.irods already exists')
with open(env_file_path, 'w') as env_file:
json.dump(
{
"irods_host": host,
"irods_port": int(port),
"irods_user_name": user,
"irods_zone_name": zone
},
env_file,
indent=4)
with open(auth_file_path, 'w') as auth_file:
auth_file.write(encode(password))
chmod(auth_file_path, 0o600)
def encode(cls, s):
return password_obfuscation.encode(s, _getuid())
def configure_password(self, user_name, pw=None):
if pw is None:
pw = getpass("irods password for user {0}:".format(user_name))
with open(self.irods_auth_file, "wb") as fp:
fp.write(password_obfuscation.encode(pw).encode())
#!/usr/bin/env python3
import irods.password_obfuscation as password_obfuscation
with open("/usr/lib/airflow/.irods/.irodsA", "w") as fp:
pw = password_obfuscation.encode("test")
fp.write(pw)
# Test the connection
# from irods.session import iRODSSession
# sess = iRODSSession(irods_env_file="/usr/lib/airflow/irods_environment.json",
# irods_authentication_file="/usr/lib/airflow/irodsA")
# sess.users.get('rods')
import os
import stat
import sys
from irods.password_obfuscation import encode
# Read the password from the command line
try:
password = getpass.getpass("Enter irods password:"******"Confirm password:"******"^C"
sys.exit(0)
except EOFError:
print "^D"
sys.exit(0)
if password != confirm:
raise ValueError("confirmation does not match")
# Encode and dump the password
path = os.path.expanduser("~/.irods")
if not os.path.exists(path):
os.makedirs(path)
path = os.path.join(path, ".irodsA")
uid = os.getuid()
with open(path, "wb+") as f:
f.write(encode(password))
os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
print "Irods password has been set"