source/steps/AuthenticateWithPLC.py

   1 #!/usr/bin/python
   2 #
   3 # $Id$
   4 # $URL$
   5 #
   6 # Copyright (c) 2003 Intel Corporation
   7 # All rights reserved.
   8 #
   9 # Copyright (c) 2004-2006 The Trustees of Princeton University
  10 # All rights reserved.
  11
  12
  13 import os
  14
  15 from Exceptions import *
  16 import BootAPI
  17
  18
  19 AUTH_FAILURE_COUNT_FILE= "/tmp/authfailurecount"
  20
  21
  22 def Run( vars, log ):
  23     """
  24     Authenticate this node with PLC. This ensures that the node can operate
  25     as normal, and that our management authority has authorized it.
  26
  27     For this, just call the PLC api function BootCheckAuthentication
  28
  29     Return 1 if authorized, a BootManagerException if not or the
  30     call fails entirely.
  31
  32     If there are two consecutive authentication failures, put the node
  33     into debug mode and exit the bootmanager.
  34
  35     Expect the following variables from the store:
  36     NUM_AUTH_FAILURES_BEFORE_DEBUG    How many failures before debug
  37     """
  38
  39     log.write( "\n\nStep: Authenticating node with PLC.\n" )
  40
  41     # make sure we have the variables we need
  42     try:
  43         NUM_AUTH_FAILURES_BEFORE_DEBUG= int(vars["NUM_AUTH_FAILURES_BEFORE_DEBUG"])
  44     except KeyError, var:
  45         raise BootManagerException, "Missing variable in vars: %s\n" % var
  46     except ValueError, var:
  47         raise BootManagerException, "Variable in vars, shouldn't be: %s\n" % var
  48
  49     try:
  50         authorized= BootAPI.call_api_function( vars, "BootCheckAuthentication", () )
  51         if authorized == 1:
  52             log.write( "Authentication successful.\n" )
  53
  54             try:
  55                 os.unlink( AUTH_FAILURE_COUNT_FILE )
  56             except OSError, e:
  57                 pass
  58
  59             return 1
  60     except BootManagerException, e:
  61         log.write( "Authentication failed: %s.\n" % e )
  62     except:
  63         # This is ugly.
  64         if vars['DISCONNECTED_OPERATION']:
  65             vars['API_SERVER_INST']= None
  66             return 1
  67         else:
  68             raise
  69
  70     # increment auth failure
  71     auth_failure_count= 0
  72     try:
  73         auth_failure_count= int(file(AUTH_FAILURE_COUNT_FILE,"r").read().strip())
  74     except IOError:
  75         pass
  76     except ValueError:
  77         pass
  78
  79     auth_failure_count += 1
  80
  81     try:
  82         fail_file= file(AUTH_FAILURE_COUNT_FILE,"w")
  83         fail_file.write( str(auth_failure_count) )
  84         fail_file.close()
  85     except IOError:
  86         pass
  87
  88     if auth_failure_count >= NUM_AUTH_FAILURES_BEFORE_DEBUG:
  89         log.write( "Maximum number of authentication failures reached.\n" )
  90         log.write( "Canceling boot process and going into debug mode.\n" )
  91
  92     raise BootManagerException, "Unable to authenticate node."
  93
  94