From 134ea0feb7ea9145b6136225b1105e0622ae41ed Mon Sep 17 00:00:00 2001 From: Marc Fiuczynski Date: Thu, 16 Jul 2009 19:53:42 +0000 Subject: [PATCH] NM plugin to pull down special account keys: specifically site_admin and root --- plugins/specialaccounts.py | 53 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 plugins/specialaccounts.py diff --git a/plugins/specialaccounts.py b/plugins/specialaccounts.py new file mode 100644 index 0000000..ad4c2cf --- /dev/null +++ b/plugins/specialaccounts.py @@ -0,0 +1,53 @@ +#!/usr/bin/python -tt +# vim:set ts=4 sw=4 expandtab: +# NodeManager plugin to create special accounts + +""" +Have NM create/populate accounts/ssh keys for special persons such as root, site_admin, etc. + +""" + +import errno +import os +import random +import string +import tempfile +import grp +import pwd + +import logger +import tools + +def start(options, conf): + logger.log("personkeys plugin starting up...") + +def GetSlivers(plc, data, conf): + if 'accounts' not in data: return + for account in data['accounts']: + name = account['name'] + new_keys = account['keys'] + + # look up account name, which must exist + pw_info = pwd.getpwnam(name) + uid = pw_info[2] + gid = pw_info[3] + pw_dir = pw_info[5] + + # populate account's .ssh/authorized_keys file + dot_ssh = pw_dir + '/.ssh' + if not os.access(dot_ssh, os.F_OK): os.mkdir(dot_ssh) + auth_keys = dot_ssh + '/authorized_keys' + logger.log("new keys = %s" % auth_keys) + auth_file = file(auth_keys,"w") + for key in new_keys: + auth_file.write(key) + auth_file.write("\n") + auth_file.close() + + # set permissions properly + os.chmod(dot_ssh, 0700) + os.chmod(auth_keys, 0600) + os.chown(dot_ssh, uid,gid) + os.chown(auth_keys, uid,gid) + + logger.log('specialacounts: installed ssh keys for %s' % name) -- 2.45.2