2 # vim:set ts=4 sw=4 expandtab:
3 # NodeManager plugin to empower slivers to make API calls
6 Sliver authentication support for NodeManager.
20 def start(options, conf):
21 logger.log("sliverauth plugin starting up...")
23 def SetSliverTag(plc, slice, tagname, value):
24 node_id = tools.node_id()
25 slivertags=plc.GetSliceTags({"name":slice,"node_id":node_id,"tagname":tagname})
26 if len(slivertags)==0:
27 slivertag_id=plc.AddSliceTag(slice,tagname,value,node_id)
29 slivertag_id=slivertags[0]['slice_tag_id']
30 plc.UpdateSliceTag(slivertag_id,value)
32 def GetSlivers(data, config, plc):
33 if 'OVERRIDES' in dir(config):
34 if config.OVERRIDES.get('sliverauth') == '-1':
35 logger.log("sliverauth: Disabled", 2)
38 if 'slivers' not in data:
39 logger.log("sliverauth: getslivers data lack's sliver information. IGNORING!")
42 for sliver in data['slivers']:
44 for attribute in sliver['attributes']:
45 name = attribute.get('tagname',attribute.get('name',''))
48 hmac = attribute['value']
52 # XXX need a better random seed?!
53 random.seed(time.time())
54 d = [random.choice(string.letters) for x in xrange(32)]
56 SetSliverTag(plc,sliver['name'],'hmac',hmac)
57 logger.log("sliverauth setting %s hmac" % sliver['name'])
59 path = '/vservers/%s/etc/planetlab' % sliver['name']
60 if os.path.exists(path):
61 keyfile = '%s/key' % path
63 if os.path.exists(keyfile):
69 # create a temporary file in the vserver
70 fd, name = tempfile.mkstemp('','key',path)
73 if os.path.exists(keyfile):
75 os.rename(name,keyfile)
76 logger.log("sliverauth writing hmac to %s " % keyfile)
78 os.chmod(keyfile,0400)