From 07bdee287eddd1377d3dd439bb2d516bb649c90d Mon Sep 17 00:00:00 2001
From: Steve Muir <smuir@cs.princeton.edu>
Date: Tue, 29 Mar 2005 19:36:25 +0000
Subject: [PATCH] First cut at a Python version of the automount script for ssh
 keys

---
 auto.pl_sshd.py | 76 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 auto.pl_sshd.py

diff --git a/auto.pl_sshd.py b/auto.pl_sshd.py
new file mode 100644
index 0000000..f30c3c5
--- /dev/null
+++ b/auto.pl_sshd.py
@@ -0,0 +1,76 @@
+#!/usr/bin/python
+#
+# Copyright 2005 Princeton University
+#
+# autofs(5) executable map for /var/pl_sshd/keys/
+#
+
+import cStringIO
+import os
+import pwd
+import pycurl
+import sys
+
+
+
+def abort(msg):
+    print >>sys.stderr, msg
+    sys.exit(1)
+    
+if len(sys.argv) != 2:
+    print >>sys.stderr, "usage:\n    %s <slicename>" % sys.argv[0]
+    sys.exit(1)
+
+slice = sys.argv[1]
+try:
+    (name, passwd, uid, gid, comment, home, sh) = pwd.getpwnam(slice)
+except KeyError, ex:
+    abort("no such user: " + slice)
+
+result = "--bind,-r :"
+
+sshdir = home + "/.ssh"
+keyfile = sshdir + "/authorized_keys"
+
+# check whether authorized_keys exists in the real home dir
+if os.access(keyfile, os.R_OK):
+    # yes - use it
+    result += sshdir
+else:
+    # no - look in the vserver
+    # try to get keys from KeySensor
+    sys.stderr.write("Retrieving SSH keys for %s... " % slice)
+    pycurl.global_init(pycurl.GLOBAL_ALL)
+    c = pycurl.Curl()
+    c.setopt(pycurl.URL, "http://localhost:815/keys?slice=" + slice)
+    out = cStringIO.StringIO()
+    c.setopt(pycurl.WRITEFUNCTION, out.write)
+    c.setopt(pycurl.NOSIGNAL, 1)
+    c.setopt(pycurl.TIMEOUT, 1)
+    try:
+        c.perform()
+        rc = c.getinfo(pycurl.HTTP_CODE)
+        if rc != 200:
+            abort("HTTP error: " + str(rc))
+    except pycurl.error, ex:
+        if ex[0] == 28:  # XXX - pycurl doesn't define error constants
+            abort("timed-out")
+        abort("curl error: " + ex[1])
+    keydata = out.getvalue()
+
+    # try to update keyfile
+    vsbase = "/vservers/" + slice
+    os.chroot(vsbase)
+    os.setgid(gid)
+    os.setuid(uid)
+    if not os.path.isdir(sshdir):
+        os.mkdir(sshdir, 0700)
+        
+    f = file(keyfile, "w")
+    f.write(keydata)
+    f.close()
+    os.chmod(keyfile, 0600)
+    result += vsbase + sshdir
+    print >>sys.stderr, "succeeded."
+
+print result
-- 
2.43.0