This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch master in repository pyhoca-cli. from 8b08adf d/changelog: update from Git history new fc0d0b7 {pyhoca-cli,pyhoca/cli/frontend.py}: Add --non-interactive cmdline option for forcefully preventing password queries on the TTY. new 22b8402 man/man1/pyhoca-cli.1: Add documentation for --list-cmdline-features. The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: debian/changelog | 3 +++ man/man1/pyhoca-cli.1 | 6 +++++ pyhoca-cli | 13 +++++++++++ pyhoca/cli/frontend.py | 62 ++++++++++++++++++++++++++++++++++++++------------ 4 files changed, 69 insertions(+), 15 deletions(-) -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/pyhoca-cli.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository pyhoca-cli. commit 22b8402428a5b7e13eb5094e1961b07907c38520 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Thu Nov 25 13:11:57 2021 +0100 man/man1/pyhoca-cli.1: Add documentation for --list-cmdline-features. --- debian/changelog | 1 + man/man1/pyhoca-cli.1 | 3 +++ 2 files changed, 4 insertions(+) diff --git a/debian/changelog b/debian/changelog index b29d5f8..12553f7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -16,6 +16,7 @@ pyhoca-cli (0.6.1.3-0x2go1) UNRELEASED; urgency=medium - pyhoca-cli: Add cmdline option --list-cmdline-features. Required for Remmina X2Go Plugin. - pyhoca-cli: Write program version to STDOUT (not STDERR). + - man/man1/pyhoca-cli.1: Add documentation for --list-cmdline-features. [ Daniel Teichmann ] * New upstream release (0.6.1.3): diff --git a/man/man1/pyhoca-cli.1 b/man/man1/pyhoca-cli.1 index 9b2dfea..0420f9b 100644 --- a/man/man1/pyhoca-cli.1 +++ b/man/man1/pyhoca-cli.1 @@ -54,6 +54,9 @@ Enable debugging output. Enable debugging code of the underlying Python X2Go module. .TP \*(T<\fB\-\-libdebug-sftpxfer\fR\*(T> +.TP +\*(T<\fB\-\-list\-cmdline\-features\fR\*(T> +Print a machine-readable list of client-side features to STDOUT and exit. Enable debugging code of Python X2Go's sFTP server code (very verbose, and it may even reveal promiscuous data). .SH SERVER / SESSION PROFILE You either have to specify a server name or a pre-configured X2GoClient session profile to tell \fBpyhoca-cli\fR to -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/pyhoca-cli.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository pyhoca-cli. commit fc0d0b7632cd10fe06f03ffdd1da1f566a7580fe Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Thu Nov 25 12:59:11 2021 +0100 {pyhoca-cli,pyhoca/cli/frontend.py}: Add --non-interactive cmdline option for forcefully preventing password queries on the TTY. --- debian/changelog | 2 ++ man/man1/pyhoca-cli.1 | 3 +++ pyhoca-cli | 13 +++++++++++ pyhoca/cli/frontend.py | 62 ++++++++++++++++++++++++++++++++++++++------------ 4 files changed, 65 insertions(+), 15 deletions(-) diff --git a/debian/changelog b/debian/changelog index a56540b..b29d5f8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -21,6 +21,8 @@ pyhoca-cli (0.6.1.3-0x2go1) UNRELEASED; urgency=medium * New upstream release (0.6.1.3): - pyhoca-cli: Print debug message before exiting pyhoca-cli. - Fix typo in man page. + - Add --non-interactive cmdline option for forcefully preventing password + queries on the TTY. -- X2Go Release Manager <git-admin@x2go.org> Thu, 26 Dec 2019 17:03:42 +0100 diff --git a/man/man1/pyhoca-cli.1 b/man/man1/pyhoca-cli.1 index cf0c1e1..9b2dfea 100644 --- a/man/man1/pyhoca-cli.1 +++ b/man/man1/pyhoca-cli.1 @@ -65,6 +65,9 @@ Legacy parameter, still supported, but using positional argument [\fI<user>@\fR] .TP \*(T<\fB\-P, \-\-session-profile\fR \fI<SESSION_PROFILE_NAME>\fR\*(T> The name of the session profile to be used to make the connection. +.TP +\*(T<\fB\-\-non\-interactive\fR\*(T> +Enforce non-interactive mode. Avoid any TTY interaction during runtime. .SH ACTIONS \fBpyhoca-cli\fR accepts exclusively one of the listed actions: .TP diff --git a/pyhoca-cli b/pyhoca-cli index 454c9a4..fd08ad9 100755 --- a/pyhoca-cli +++ b/pyhoca-cli @@ -139,6 +139,7 @@ action_options = [ {'args':['--list-profiles'], 'default': False, 'action': 'store_true', 'help': 'list user\'s X2Go pre-configured session profiles', }, {'args':['-P','--session-profile'], 'default': None, 'help': 'load x2goclient session profiles and use the session profile SESSION_PROFILE', }, {'args':['--list-cmdline-features'], 'default': False, 'action': 'store_true', 'help': 'show a list of parseable command line features available in this PyHoca-CLI version', }, + {'args':['--non-interactive'], 'default': False, 'action': 'store_true', 'help': 'Prevent PyHoca-CLI from ever interactively asking for a password', }, ] action_features = [ 'NEW', 'TRY_RESUME', @@ -150,6 +151,7 @@ action_features = [ 'NEW', 'LIST_DESKTOPS', 'SESSION_PROFILE', 'LIST_CLIENT_FEATURES', + 'NON_INTERACTIVE', ] if _X2GOCLIENT_OS == "Linux": action_options.append( @@ -458,6 +460,17 @@ Possible values for the --pack NX option are: if int(a.auth_attempts) < 1: a.auth_attempts = "1" + # --non-interactive option. + if a.non_interactive and a.force_password and not a.password: + runtime_error ("--non-interactive in combination with --force-password needs --password cmdline option", parser=p, exitcode=1) + + if a.non_interactive: + logger('in case of a authentication failure, pyhoca-cli will *NOT* ' + 'interactively ask for a password.', x2go.loglevel_WARN, ) + else: + logger('in case of a authentication failure, pyhoca-cli will ' + 'interactively ask for a password.', x2go.loglevel_WARN, ) + if a.server: ##### TODO: ssh_config to be moved into Python X2Go!!!! diff --git a/pyhoca/cli/frontend.py b/pyhoca/cli/frontend.py index c24d064..c3bc74b 100644 --- a/pyhoca/cli/frontend.py +++ b/pyhoca/cli/frontend.py @@ -384,6 +384,8 @@ class PyHocaCLI(x2go.X2GoClient): self.auth_attempts = int(self.args.auth_attempts) + self.non_interactive = bool(self.args.non_interactive) + if args.list_profiles: @@ -496,6 +498,11 @@ class PyHocaCLI(x2go.X2GoClient): if self.args.force_password: force_password_auth = True + if self.non_interactive: + non_interactive = True + else: + non_interactive = False + passphrase = None passphrase_unlock_counter = 3 @@ -516,6 +523,9 @@ class PyHocaCLI(x2go.X2GoClient): # show interactive password prompt if force_password_auth and not cmdline_password: + if non_interactive: + _auth_count -= 1 + continue password = getpass.getpass() @@ -544,7 +554,7 @@ class PyHocaCLI(x2go.X2GoClient): # x2go.PasswordRequiredException: This exception gets raised if an SSH pubkey is protected by a passphrase - if not force_password_auth and passphrase_unlock_counter >= 1: + if not non_interactive and not force_password_auth and passphrase_unlock_counter >= 1: if passphrase == '': self._pyhoca_logger('empty SSH key passphrase (%s), try again...' % self.args.ssh_privkey, loglevel=x2go.loglevel_WARN, ) self._pyhoca_logger('unlock SSH key file (%s)' % self.args.ssh_privkey, loglevel=x2go.loglevel_NOTICE, ) @@ -555,7 +565,13 @@ class PyHocaCLI(x2go.X2GoClient): continue if not force_password_auth and _auth_count >= 1: - self._pyhoca_logger('unlocking of SSH key failed, proceeding with interactive login', loglevel=x2go.loglevel_WARN, ) + if non_interactive: + self._runtime_error('unlocking of SSH key failed.', + exitcode=-203) + else: + self._pyhoca_logger('unlocking of SSH key failed, ' + 'proceeding with interactive ' + 'login', loglevel=x2go.loglevel_WARN, ) force_password_auth = True password = None passphrase = None @@ -572,7 +588,7 @@ class PyHocaCLI(x2go.X2GoClient): self._pyhoca_logger('passwordless login for ,,%s\'\' failed [AuthException]' % _username, loglevel=x2go.loglevel_WARN, ) # if the previous login attempt was pubkey based, enforce interactive login for the next round... - if not password and _auth_count >= 1: + if not non_interactive and not password and _auth_count >= 1: self._pyhoca_logger('proceeding to interactive login for user ,,%s\'\'' % _username, loglevel=x2go.loglevel_NOTICE, ) force_password_auth = True # undo auth counter decrement @@ -580,12 +596,22 @@ class PyHocaCLI(x2go.X2GoClient): # a password was provided via the command line elif password and cmdline_password and _auth_count >= 1: - self._pyhoca_logger('cmdline provided password failed, proceeding to interactive login for user ,,%s\'\'' % _username, loglevel=x2go.loglevel_WARN, ) + if not non_interactive: + self._pyhoca_logger('cmdline provided password ' + 'failed, proceeding to ' + 'interactive login for ' + 'user ,,%s\'\'' % _username, + loglevel=x2go.loglevel_WARN, ) + else: + self._runtime_error('cmdline provided password ' + 'failed.', + exitcode=-204) + force_password_auth = True cmdline_password = False # else, if the previous attempt was already interactive, offer re-trying - elif force_password_auth and _auth_count >= 1: + elif not non_interactive and force_password_auth and _auth_count >= 1: self._pyhoca_logger('please re-try login for user ,,%s\'\'' % _username, loglevel=x2go.loglevel_NOTICE, ) passphrase = None @@ -600,7 +626,8 @@ class PyHocaCLI(x2go.X2GoClient): except x2go.SSHException as e: # this bit only captures problems with the SSH key file, other - # SSHExceptions are simply ignored (and we proceed to interactive login) + # SSHExceptions are simply ignored and we proceed to + # interactive login, if non_interactive is NOT set. if str(e).lower().startswith('could not deserialize key data') \ : @@ -619,8 +646,11 @@ class PyHocaCLI(x2go.X2GoClient): continue if not force_password_auth and _auth_count >= 1: - - self._pyhoca_logger('unlocking of SSH key failed, proceeding with interactive login', loglevel=x2go.loglevel_WARN, ) + if non_interactive: + self._runtime_error('unlocking of SSH key failed.', + exitcode=-205) + else: + self._pyhoca_logger('unlocking of SSH key failed, proceeding with interactive login', loglevel=x2go.loglevel_WARN, ) force_password_auth = True password = None passphrase = None @@ -643,13 +673,15 @@ class PyHocaCLI(x2go.X2GoClient): self._runtime_error(str(e), exitcode=253) else: - - self._pyhoca_logger('[SSHException] the following error will be ignored: %s' % str(e), loglevel=x2go.loglevel_WARN) - self._pyhoca_logger('proceeding to interactive login for user ,,%s\'\'' % _username, loglevel=x2go.loglevel_NOTICE, ) - force_password_auth = True - password = None - passphrase = None - _auth_count += 1 + if non_interactive: + self._runtime_error('[SSHException] the following error occured: %s' % str(e), exitcode=-206) + else: + self._pyhoca_logger('[SSHException] the following error will be ignored: %s' % str(e), loglevel=x2go.loglevel_WARN) + self._pyhoca_logger('proceeding to interactive login for user ,,%s\'\'' % _username, loglevel=x2go.loglevel_NOTICE, ) + force_password_auth = True + password = None + passphrase = None + _auth_count += 1 if not connected and _auth_count <= 0: if self.auth_attempts >= 2: -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/pyhoca-cli.git