4 """Delegate accounts are used to provide secure access to the XMLRPC API.
5 They are normal Unix accounts with a shell that tunnels XMLRPC requests to the API server."""
10 from pwd import getpwnam
11 from grp import getgrnam
13 class Controller(accounts.Account):
14 SHELL = '/usr/bin/forward_api_calls' # tunneling shell
15 TYPE = 'controller.Controller'
18 def create(name, vref = None):
19 add_shell(Controller.SHELL)
20 group = getgrnam("slices")[2]
21 logger.log_call(['/usr/sbin/useradd', '-p', '*', '-g', str(group), '-s', Controller.SHELL, name, ])
24 def destroy(name): logger.log_call(['/usr/sbin/userdel', '-r', name, ])
27 logger.verbose("controller: is_running: %s" % self.name)
28 return getpwnam(self.name)[6] == self.SHELL
32 """Add <shell> to /etc/shells if it's not already there."""
33 etc_shells = open('/etc/shells')
34 valid_shells = etc_shells.read().split()
36 if shell not in valid_shells:
37 etc_shells = open('/etc/shells', 'a')
38 print >>etc_shells, shell