X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=plugins%2Fspecialaccounts.py;h=14a9cc98cfb7d1e0832b9cd819f478e4ba278756;hb=d3a3b2d3ea98e72183d1cb5497c38badaa0c5863;hp=cef877e4b4afa2192ccdbabf75bb8592f9779687;hpb=7aa5872239d04b2d0a7cb3b00a9c14b5ea18d013;p=nodemanager.git

diff --git a/plugins/specialaccounts.py b/plugins/specialaccounts.py
index cef877e..14a9cc9 100644
--- a/plugins/specialaccounts.py
+++ b/plugins/specialaccounts.py
@@ -7,7 +7,7 @@
 # NodeManager plugin to create special accounts
 
 """
-Have NM create/populate accounts/ssh keys for special persons such as root, site_admin, etc.
+create/populate accounts/ssh keys for special persons such as root, site_admin, etc.
 
 """
 
@@ -22,11 +22,14 @@ import pwd
 import logger
 import tools
 
+# right after conf_files
+priority = 3
+
 def start(options, conf):
-    logger.log("personkeys plugin starting up...")
+    logger.log("specialaccounts: plugin starting up...")
 
 def GetSlivers(data, conf = None, plc = None):
-    if 'accounts' not in data: 
+    if 'accounts' not in data:
         logger.log_missing_data("specialaccounts.GetSlivers",'accounts')
         return
 
@@ -34,6 +37,8 @@ def GetSlivers(data, conf = None, plc = None):
         name = account['name']
         new_keys = account['keys']
 
+        logger.log('specialaccounts: dealing with account %s'%name)
+
         # look up account name, which must exist
         pw_info = pwd.getpwnam(name)
         uid = pw_info[2]
@@ -45,21 +50,17 @@ def GetSlivers(data, conf = None, plc = None):
         if not os.access(dot_ssh, os.F_OK): os.mkdir(dot_ssh)
         auth_keys = os.path.join(dot_ssh,'authorized_keys')
 
-        logger.log("new keys = %s" % auth_keys)
-        fd, fname = tempfile.mkstemp('','authorized_keys',dot_ssh)
-
-        for key in new_keys:
-            os.write(fd,key)
-            os.write(fd,'\n')
+        # catenate all keys in string, add newlines just in case (looks like keys already have this, but)
+        auth_keys_contents = '\n'.join(new_keys)+'\n'
 
-        os.close(fd)
-        if os.path.exists(auth_keys): os.unlink(auth_keys)
-        os.rename(fname, auth_keys)
+        changes = tools.replace_file_with_string(auth_keys,auth_keys_contents)
+        if changes:
+            logger.log("specialaccounts: keys file changed: %s" % auth_keys)
 
-        # set permissions properly
+        # always set permissions properly
         os.chmod(dot_ssh, 0700)
         os.chown(dot_ssh, uid,gid)
         os.chmod(auth_keys, 0600)
         os.chown(auth_keys, uid,gid)
 
-        logger.log('specialacounts: installed ssh keys for %s' % name)
+        logger.log('specialaccounts: installed ssh keys for %s' % name)