plugins/specialaccounts.py

   1 #!/usr/bin/python -tt
   2 # vim:set ts=4 sw=4 expandtab:
   3 # NodeManager plugin to create special accounts
   4
   5 """
   6 Have NM create/populate accounts/ssh keys for special persons such as root, site_admin, etc.
   7
   8 """
   9
  10 import errno
  11 import os
  12 import random
  13 import string
  14 import tempfile
  15 import grp
  16 import pwd
  17
  18 import logger
  19 import tools
  20
  21 def start(options, conf):
  22     logger.log("personkeys plugin starting up...")
  23
  24 def GetSlivers(data, conf = None, plc = None):
  25     if 'accounts' not in data:
  26         logger.log("specialaccounts: No account information found.  DISABLED!")
  27         return
  28
  29     for account in data['accounts']:
  30         name = account['name']
  31         new_keys = account['keys']
  32
  33         # look up account name, which must exist
  34         pw_info = pwd.getpwnam(name)
  35         uid = pw_info[2]
  36         gid = pw_info[3]
  37         pw_dir = pw_info[5]
  38
  39         # populate account's .ssh/authorized_keys file
  40         dot_ssh = os.path.join(pw_dir,'.ssh')
  41         if not os.access(dot_ssh, os.F_OK): os.mkdir(dot_ssh)
  42         auth_keys = os.path.join(dot_ssh,'authorized_keys')
  43
  44         logger.log("new keys = %s" % auth_keys)
  45         fd, fname = tempfile.mkstemp('','authorized_keys',dot_ssh)
  46
  47         for key in new_keys:
  48             os.write(fd,key)
  49             os.write(fd,'\n')
  50
  51         os.close(fd)
  52         if os.path.exists(auth_keys): os.unlink(auth_keys)
  53         os.rename(fname, auth_keys)
  54
  55         # set permissions properly
  56         os.chmod(dot_ssh, 0700)
  57         os.chown(dot_ssh, uid,gid)
  58         os.chmod(auth_keys, 0600)
  59         os.chown(auth_keys, uid,gid)
  60
  61         logger.log('specialacounts: installed ssh keys for %s' % name)