mirror of
https://github.com/xcat2/confluent.git
synced 2024-12-24 12:11:52 +00:00
Add support for RPM builds
add supportfor pam authentication
This commit is contained in:
parent
426eeb209f
commit
c70f365cd2
1
confluent_client/VERSION
Normal file
1
confluent_client/VERSION
Normal file
@ -0,0 +1 @@
|
||||
0.1.5
|
@ -56,8 +56,9 @@ consoleonly = False
|
||||
consolename = ""
|
||||
target = "/"
|
||||
path = os.path.dirname(os.path.realpath(__file__))
|
||||
path = os.path.realpath(os.path.join(path, '..'))
|
||||
sys.path.append(path)
|
||||
path = os.path.realpath(os.path.join(path, '..', 'lib', 'python'))
|
||||
if path.startswith('/opt'):
|
||||
sys.path.append(path)
|
||||
|
||||
import confluent.tlvdata as tlvdata
|
||||
import confluent.client as client
|
||||
|
1
confluent_client/buildrpm
Symbolic link
1
confluent_client/buildrpm
Symbolic link
@ -0,0 +1 @@
|
||||
../confluent_server/buildrpm
|
36
confluent_client/confluent_client.spec.tmpl
Normal file
36
confluent_client/confluent_client.spec.tmpl
Normal file
@ -0,0 +1,36 @@
|
||||
%define name confluent_client
|
||||
%define version #VERSION#
|
||||
%define release 1
|
||||
|
||||
Summary: Client libraries and utilities for confluent
|
||||
Name: %{name}
|
||||
Version: %{version}
|
||||
Release: %{release}
|
||||
Source0: %{name}-%{version}.tar.gz
|
||||
License: UNKNOWN
|
||||
Group: Development/Libraries
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
|
||||
Prefix: %{_prefix}
|
||||
BuildArch: noarch
|
||||
Vendor: Jarrod Johnson <jbjohnso@us.ibm.com>
|
||||
Url: http://xcat.sf.net/
|
||||
Requires: confluent_common
|
||||
|
||||
%description
|
||||
This package enables python development and command line access to
|
||||
a confluent server.
|
||||
|
||||
%prep
|
||||
%setup -n %{name}-%{version} -n %{name}-%{version}
|
||||
|
||||
%build
|
||||
python setup.py build
|
||||
|
||||
%install
|
||||
python setup.py install --single-version-externally-managed -O1 --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES --install-scripts=/opt/confluent/bin --install-purelib=/opt/confluent/lib/python
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files -f INSTALLED_FILES
|
||||
%defattr(-,root,root)
|
1
confluent_client/makesetup
Symbolic link
1
confluent_client/makesetup
Symbolic link
@ -0,0 +1 @@
|
||||
../confluent_server/makesetup
|
@ -2,7 +2,7 @@ from setuptools import setup
|
||||
|
||||
setup(
|
||||
name='confluent_client',
|
||||
version='0.1.4',
|
||||
version='#VERSION#',
|
||||
author='Jarrod Johnson',
|
||||
author_email='jbjohnso@us.ibm.com',
|
||||
url='http://xcat.sf.net/',
|
1
confluent_common/VERSION
Normal file
1
confluent_common/VERSION
Normal file
@ -0,0 +1 @@
|
||||
0.1.3
|
34
confluent_common/confluent_common.spec.tmpl
Normal file
34
confluent_common/confluent_common.spec.tmpl
Normal file
@ -0,0 +1,34 @@
|
||||
%define name confluent_common
|
||||
%define version #VERSION#
|
||||
%define release 1
|
||||
|
||||
Summary: common content for confluent client and server
|
||||
Name: %{name}
|
||||
Version: %{version}
|
||||
Release: %{release}
|
||||
Source0: %{name}-%{version}.tar.gz
|
||||
License: UNKNOWN
|
||||
Group: Development/Libraries
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
|
||||
Prefix: %{_prefix}
|
||||
BuildArch: noarch
|
||||
Vendor: Jarrod Johnson <jbjohnso@us.ibm.com>
|
||||
Url: http://xcat.sf.net/
|
||||
|
||||
%description
|
||||
This provides the modules common for both client and server
|
||||
|
||||
%prep
|
||||
%setup -n %{name}-%{version} -n %{name}-%{version}
|
||||
|
||||
%build
|
||||
python setup.py build
|
||||
|
||||
%install
|
||||
python setup.py install --single-version-externally-managed -O1 --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES --install-purelib=/opt/confluent/lib/python --install-scripts=/opt/confluent/bin
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files -f INSTALLED_FILES
|
||||
%defattr(-,root,root)
|
@ -2,7 +2,7 @@ from setuptools import setup
|
||||
|
||||
setup(
|
||||
name='confluent_common',
|
||||
version='0.1.2',
|
||||
version='#VERSION#',
|
||||
author='Jarrod Johnson',
|
||||
author_email='jbjohnso@us.ibm.com',
|
||||
description='common content for confluent client and server',
|
1
confluent_server/MANIFEST.in
Normal file
1
confluent_server/MANIFEST.in
Normal file
@ -0,0 +1 @@
|
||||
include sysvinit/*
|
@ -18,8 +18,8 @@
|
||||
import sys
|
||||
import os
|
||||
path = os.path.dirname(os.path.realpath(__file__))
|
||||
path = os.path.realpath(os.path.join(path, '..'))
|
||||
if not path.startswith('/usr'):
|
||||
path = os.path.realpath(os.path.join(path, '..', 'lib', 'python'))
|
||||
if path.startswith('/opt'):
|
||||
# if installed into system path, do not muck with things
|
||||
sys.path.append(path)
|
||||
from confluent import main
|
||||
|
9
confluent_server/buildrpm
Executable file
9
confluent_server/buildrpm
Executable file
@ -0,0 +1,9 @@
|
||||
#!/bin/sh
|
||||
cd `dirname $0`
|
||||
./makesetup
|
||||
VERSION=`cat VERSION`
|
||||
PKGNAME=$(basename $(pwd))
|
||||
python setup.py sdist > /dev/null 2>&1
|
||||
cp dist/*.tar.gz ~/rpmbuild/SOURCES
|
||||
sed -e 's/#VERSION#/'$VERSION/ $PKGNAME.spec.tmpl > ~/rpmbuild/SPECS/$PKGNAME.spec
|
||||
rpmbuild -ba ~/rpmbuild/SPECS/$PKGNAME.spec 2> /dev/null |grep ^Wrote:
|
@ -26,14 +26,35 @@ import Crypto.Protocol.KDF as KDF
|
||||
import hashlib
|
||||
import hmac
|
||||
import multiprocessing
|
||||
import PAM
|
||||
import time
|
||||
|
||||
_pamservice = 'confluent'
|
||||
_passcache = {}
|
||||
_passchecking = {}
|
||||
|
||||
authworkers = None
|
||||
|
||||
|
||||
class Credentials(object):
|
||||
def __init__(self, username, passphrase):
|
||||
self.username = username
|
||||
self.passphrase = passphrase
|
||||
self.haspam = False
|
||||
|
||||
def pam_conv(self, auth, query_list):
|
||||
# use stored credentials in a pam conversation
|
||||
self.haspam = True
|
||||
resp = []
|
||||
for query_entry in query_list:
|
||||
query, pamtype = query_entry
|
||||
if query.startswith('Password'):
|
||||
resp.append((self.passphrase, 0))
|
||||
else:
|
||||
return None
|
||||
return resp
|
||||
|
||||
|
||||
def _prune_passcache():
|
||||
# This function makes sure we don't remember a passphrase in memory more
|
||||
# than 10 seconds
|
||||
@ -72,7 +93,8 @@ def _get_usertenant(name, tenant=False):
|
||||
yield tenant
|
||||
|
||||
|
||||
def authorize(name, element, tenant=False, operation='create'):
|
||||
def authorize(name, element, tenant=False, operation='create',
|
||||
skipuserobj=False):
|
||||
#TODO: actually use the element to ascertain if this user is good enough
|
||||
"""Determine whether the given authenticated name is authorized.
|
||||
|
||||
@ -90,6 +112,8 @@ def authorize(name, element, tenant=False, operation='create'):
|
||||
if tenant is not None and not configmanager.is_tenant(tenant):
|
||||
return None
|
||||
manager = configmanager.ConfigManager(tenant)
|
||||
if skipuserobj:
|
||||
return None, manager, user, tenant
|
||||
userobj = manager.get_user(user)
|
||||
if userobj: # returning
|
||||
return userobj, manager, user, tenant
|
||||
@ -127,6 +151,17 @@ def check_user_passphrase(name, passphrase, element=None, tenant=False):
|
||||
# would normally make an event and wait
|
||||
# but here there's no need for that
|
||||
eventlet.sleep(0.5)
|
||||
credobj = Credentials(user, passphrase)
|
||||
try:
|
||||
pammy = PAM.pam()
|
||||
pammy.start(_pamservice, user, credobj.pam_conv)
|
||||
pammy.authenticate()
|
||||
pammy.acct_mgmt()
|
||||
del pammy
|
||||
return authorize(user, element, tenant, skipuserobj=True)
|
||||
except PAM.error:
|
||||
if credobj.haspam:
|
||||
return None
|
||||
if (user, tenant) in _passcache:
|
||||
if passphrase == _passcache[(user, tenant)]:
|
||||
return authorize(user, element, tenant)
|
||||
@ -184,4 +219,4 @@ def init_auth():
|
||||
global authworkers
|
||||
# for now we'll just have one auth worker and see if there is any
|
||||
# demand for more. I personally doubt it.
|
||||
authworkers = multiprocessing.Pool(processes=1)
|
||||
authworkers = multiprocessing.Pool(processes=1)
|
||||
|
35
confluent_server/confluent_server.spec.tmpl
Normal file
35
confluent_server/confluent_server.spec.tmpl
Normal file
@ -0,0 +1,35 @@
|
||||
%define name confluent_server
|
||||
%define version #VERSION#
|
||||
%define release 1
|
||||
|
||||
Summary: confluent systems management server
|
||||
Name: %{name}
|
||||
Version: %{version}
|
||||
Release: %{release}
|
||||
Source0: %{name}-%{version}.tar.gz
|
||||
License: Apache2
|
||||
Group: Development/Libraries
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
|
||||
Prefix: %{_prefix}
|
||||
BuildArch: noarch
|
||||
Requires: pyghmi, eventlet, greenlet, confluent_common, pycrypto >= 2.6.1
|
||||
Vendor: Jarrod Johnson <jbjohnso@us.ibm.com>
|
||||
Url: http://xcat.sf.net/
|
||||
|
||||
%description
|
||||
Server for console management and systems management aggregation
|
||||
|
||||
%prep
|
||||
%setup -n %{name}-%{version} -n %{name}-%{version}
|
||||
|
||||
%build
|
||||
python setup.py build
|
||||
|
||||
%install
|
||||
python setup.py install --single-version-externally-managed -O1 --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES --install-purelib=/opt/confluent/lib/python --install-scripts=/opt/confluent/bin
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files -f INSTALLED_FILES
|
||||
%defattr(-,root,root)
|
3
confluent_server/makesetup
Executable file
3
confluent_server/makesetup
Executable file
@ -0,0 +1,3 @@
|
||||
cd `dirname $0`
|
||||
VERSION=`cat VERSION`
|
||||
sed -e "s/#VERSION#/$VERSION/" setup.py.tmpl > setup.py
|
@ -1,8 +1,9 @@
|
||||
from setuptools import setup
|
||||
import os
|
||||
|
||||
setup(
|
||||
name='confluent_server',
|
||||
version='0.1.10',
|
||||
version='#VERSION#',
|
||||
author='Jarrod Johnson',
|
||||
author_email='jbjohnso@us.ibm.com',
|
||||
url='http://xcat.sf.net/',
|
||||
@ -13,4 +14,5 @@ setup(
|
||||
install_requires=['pycrypto>=2.6', 'confluent_client>=0.1.0', 'eventlet',
|
||||
'pyghmi>=0.6.5'],
|
||||
scripts=['bin/confluent'],
|
||||
data_files=[('/etc/init.d', ['sysvinit/confluent'])],
|
||||
)
|
33
confluent_server/sysvinit/confluent
Executable file
33
confluent_server/sysvinit/confluent
Executable file
@ -0,0 +1,33 @@
|
||||
#!/bin/sh
|
||||
# IBM(c) 2014 Apache 2.0
|
||||
# chkconfig: 345 85 60
|
||||
# description: Confluent hardware manager
|
||||
|
||||
### BEGIN INIT INFO
|
||||
# Provides: confluent
|
||||
# Default-Start: 3 4 5
|
||||
# Default-Stop: 0 1 2 6
|
||||
### END INIT INFO
|
||||
|
||||
. /etc/init.d/functions
|
||||
case $1 in
|
||||
restart)
|
||||
echo -n 'Stopping Confluent '
|
||||
kill `cat /var/run/confluent/pid`
|
||||
sleep 5
|
||||
echo -n 'Starting Confluent '
|
||||
/opt/confluent/bin/confluent
|
||||
success
|
||||
;;
|
||||
start)
|
||||
echo -n 'Starting Confluent '
|
||||
/opt/confluent/bin/confluent
|
||||
success
|
||||
;;
|
||||
stop)
|
||||
echo -n 'Stopping Confluent '
|
||||
kill `cat /var/run/confluent/pid`
|
||||
success
|
||||
;;
|
||||
esac
|
||||
|
Loading…
Reference in New Issue
Block a user