[X2Go-Commits] x2gobroker.git - uccsoutput (branch) updated: 0.0.1.0-58-ge34d069

X2Go dev team git-admin at x2go.org
Fri Apr 19 12:56:40 CEST 2013


The branch, uccsoutput has been updated
       via  e34d0691e5830ab901da3ba0998a73e5f7fb0c31 (commit)
       via  2b634eef55315243b77ad07cd81d2c8e722e2542 (commit)
       via  3d70999fd322b0d4ae0724ea9e6d7a2598286e57 (commit)
       via  b38f22b7ebbcbf943f7a554d5ee1f0a5c08c335b (commit)
      from  a23c56abf93b0f641589132105e52e9105cbbab8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit e34d0691e5830ab901da3ba0998a73e5f7fb0c31
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Fri Apr 19 12:54:00 2013 +0200

    Add forgotten file: x2gobroker-authservice-logger.conf. (Fixes: #180).

commit 2b634eef55315243b77ad07cd81d2c8e722e2542
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Fri Apr 19 00:24:56 2013 +0200

    Move AuthService server code fully into x2gobroker-authservice daemon script.

commit 3d70999fd322b0d4ae0724ea9e6d7a2598286e57
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Fri Apr 19 00:04:14 2013 +0200

    return empty page instead of 404 if no pubkeys for x2gobroker exist, fix args+kwargs in get() method

commit b38f22b7ebbcbf943f7a554d5ee1f0a5c08c335b
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Thu Apr 18 17:17:26 2013 +0200

    fix changelog entry

-----------------------------------------------------------------------

Summary of changes:
 debian/changelog                                   |    5 +-
 .../broker/x2gobroker-authservice-logger.conf      |   37 ++++++--
 sbin/x2gobroker-authservice                        |   96 ++++++++++++++++----
 x2gobroker/authservice.py                          |   81 ++---------------
 x2gobroker/web/extras.py                           |    5 +-
 5 files changed, 123 insertions(+), 101 deletions(-)
 copy x2gobroker/web/json.py => etc/broker/x2gobroker-authservice-logger.conf (62%)

The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index b8bd4ea..8195e1e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -15,7 +15,10 @@ x2gobroker (0.0.1.1-0~x2go1) UNRELEASED; urgency=low
       the logging in x2gobroker. (Fixes: #172).
     - x2gobroker-pubkeyauthorizer: no logging-to-file support anymore.
       (Fixes: #175).
-    - Fix name of get() for /pubkeys/ URL path. (Fixes: #176).
+    - Fix name of get() method for /pubkeys/ URL path. (Fixes: #176).
+    - Move AuthService server code fully into x2gobroker-authservice
+      daemon script.
+    - Add forgotten file: x2gobroker-authservice-logger.conf. (Fixes: #180).
   * /debian/control:
     + Fix --root parameter in DEB_PYTHON_INSTALL_ARGS.
     + Let bin:package x2gobroker-authservice depend on python-x2gobroker (of the
diff --git a/x2gobroker/web/json.py b/etc/broker/x2gobroker-authservice-logger.conf
similarity index 62%
copy from x2gobroker/web/json.py
copy to etc/broker/x2gobroker-authservice-logger.conf
index 2e97f89..9c3e0c9 100644
--- a/x2gobroker/web/json.py
+++ b/etc/broker/x2gobroker-authservice-logger.conf
@@ -1,5 +1,3 @@
-#!/usr/bin/env python
-
 # This file is part of the  X2Go Project - http://www.x2go.org
 # Copyright (C) 2011-2012 by Oleksandr Shneyder <oleksandr.shneyder at obviously-nice.de>
 # Copyright (C) 2011-2012 by Heinz-Markus Graesing <heinz-m.graesing at obviously-nice.de>
@@ -20,11 +18,36 @@
 # Free Software Foundation, Inc.,
 # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 
-# modules
-import tornado.web
+# WARNING: only modify this file if you _exactly_ know what you are doing!!!
+
+[loggers]
+keys=root,authservice
+
+[logger_root]
+level=NOTSET
+handlers=stderrHandler
+
+[handlers]
+keys=stderrHandler,authserviceFileHandler
+
+[formatters]
+keys=authserviceFormatter
+
+[handler_stderrHandler]
+class=StreamHandler
+args=(sys.stderr,)
 
+[logger_authservice]
+level=DEBUG
+handlers=authserviceFileHandler
+qualname=authservice
+propagate=0
 
-class X2GoBrokerWeb(tornado.web.RequestHandler):
+[handler_authserviceFileHandler]
+class=FileHandler
+formatter=authserviceFormatter
+args=('/var/log/x2gobroker/authservice.log',)
 
-    # MUSIC OF THE FUTURE
-    pass
\ No newline at end of file
+[formatter_authserviceFormatter]
+format=%(asctime)s - %(name)s - %(levelname)s - %(message)s
+datefmt=
diff --git a/sbin/x2gobroker-authservice b/sbin/x2gobroker-authservice
index 5f0bd13..534a532 100755
--- a/sbin/x2gobroker-authservice
+++ b/sbin/x2gobroker-authservice
@@ -26,12 +26,10 @@ import sys
 import setproctitle
 import argparse
 import logging
-
-try:
-    import x2gobroker.authservice
-except ImportError:
-    sys.path.insert(0, os.path.join(os.getcwd(), '..'))
-    import x2gobroker.authservice
+import asyncore
+import socket
+import getpass
+import logging.config
 
 PROG_NAME = os.path.basename(sys.argv[0])
 PROG_OPTIONS = sys.argv[1:]
@@ -40,23 +38,89 @@ setproctitle.setproctitle("%s %s" % (PROG_NAME, " ".join(PROG_OPTIONS)))
 from x2gobroker import __VERSION__
 from x2gobroker import __AUTHOR__
 
+
+class AuthService(asyncore.dispatcher_with_send):
+
+    def __init__(self, socketfile, owner='root', group_owner='root', permissions='0660'):
+        asyncore.dispatcher_with_send.__init__(self)
+        self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM)
+        self.set_reuse_addr()
+        self.bind(socketfile)
+        os.chown(socketfile, getpwnam(owner).pw_uid, getgrnam(group_owner).gr_gid)
+        os.chmod(socketfile, int(permissions, 8))
+        self.listen(1)
+
+    def handle_accept(self):
+        conn, _ = self.accept()
+        AuthClient(conn)
+
+
+def loop():
+    asyncore.loop()
+
+
+# normally this would go into defaults.py, however, we do not want to pull in defaults.py here as that will create
+# unwanted logfiles (access.log, broker.log, error.log) when x2gobroker-authservice is installed as standalone service
+if os.environ.has_key('X2GOBROKER_DEBUG'):
+    X2GOBROKER_DEBUG = ( os.environ['X2GOBROKER_DEBUG'].lower() in ('1', 'on', 'true', 'yes', ) )
+else:
+    X2GOBROKER_DEBUG = False
+if os.environ.has_key('X2GOBROKER_TESTSUITE'):
+    X2GOBROKER_TESTSUITE = ( os.environ['X2GOBROKER_TESTSUITE'].lower() in ('1', 'on', 'true', 'yes', ) )
+else:
+    X2GOBROKER_TESTSUITE = False
+if os.environ.has_key('X2GOBROKER_DAEMON_USER'):
+    X2GOBROKER_DAEMON_USER=os.environ['X2GOBROKER_DAEMON_USER']
+else:
+    X2GOBROKER_DAEMON_USER="x2gobroker"
+if os.environ.has_key('X2GOBROKER_AUTHSERVICE_LOGCONFIG'):
+    X2GOBROKER_AUTHSERVICE_LOGCONFIG=os.environ['X2GOBROKER_AUTHSERVICE_LOGCONFIG']
+else:
+    X2GOBROKER_AUTHSERVICE_LOGCONFIG="/etc/x2go/broker/x2gobroker-authservice-logger.conf"
+if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
+    X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
+else:
+    X2GOBROKER_AUTHSERVICE_SOCKET="/run/x2gobroker/x2gobroker-authservice.socket"
+
+# standalone daemon mode (x2gobroker-authservice as daemon) or interactive mode (called from the cmdline)?
+if getpass.getuser() in (X2GOBROKER_DAEMON_USER, 'root'):
+
+    # we run in standalone daemon mode, so let's use the system configuration for logging
+    logging.config.fileConfig(X2GOBROKER_AUTHSERVICE_LOGCONFIG)
+
+    # create authservice logger
+    logger_authservice = logging.getLogger('authservice')
+
+else:
+    logger_root = logging.getLogger()
+    stderr_handler = logging.StreamHandler(sys.stderr)
+    stderr_handler.setFormatter(logging.Formatter(fmt='%(asctime)s - %(name)s - %(levelname)s - %(message)s', datefmt=''))
+
+    # all loggers stream to stderr...
+    logger_root.addHandler(stderr_handler)
+
+    logger_authservice = logging.getLogger('authservice')
+    logger_authservice.addHandler(stderr_handler)
+    logger_authservice.propagate = 0
+
+
 # raise log level to DEBUG if requested...
-if x2gobroker.authservice.X2GOBROKER_DEBUG and not x2gobroker.authservice.X2GOBROKER_TESTSUITE:
-    x2gobroker.authservice.logger_authservice.setLevel(logging.DEBUG)
+if X2GOBROKER_DEBUG and not X2GOBROKER_TESTSUITE:
+    logger_authservice.setLevel(logging.DEBUG)
 
-x2gobroker.authservice.logger_authservice.info('X2Go Session Broker ({version}), written by {author}'.format(version=__VERSION__, author=__AUTHOR__))
-x2gobroker.authservice.logger_authservice.info('Setting up the PAM authentication service\'s environment...')
-x2gobroker.authservice.logger_authservice.info('  X2GOBROKER_DEBUG: {value}'.format(value=x2gobroker.authservice.X2GOBROKER_DEBUG))
-x2gobroker.authservice.logger_authservice.info('  X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=x2gobroker.authservice.X2GOBROKER_AUTHSERVICE_SOCKET))
+logger_authservice.info('X2Go Session Broker ({version}), written by {author}'.format(version=__VERSION__, author=__AUTHOR__))
+logger_authservice.info('Setting up the PAM authentication service\'s environment...')
+logger_authservice.info('  X2GOBROKER_DEBUG: {value}'.format(value=X2GOBROKER_DEBUG))
+logger_authservice.info('  X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=X2GOBROKER_AUTHSERVICE_SOCKET))
 
 # check effective UID the broker runs as and complain appropriately...
 if os.geteuid() != 0:
-    x2gobroker.authservice.logger_authservice.warn('X2Go Session Broker\'s PAM authentication service should run with root privileges to guarantee proper access to all PAM modules.')
+    logger_authservice.warn('X2Go Session Broker\'s PAM authentication service should run with root privileges to guarantee proper access to all PAM modules.')
 
 if __name__ == '__main__':
 
     common_options = [
-        {'args':['-s','--socket-file'], 'default': x2gobroker.authservice.X2GOBROKER_AUTHSERVICE_SOCKET, 'metavar': 'AUTHSOCKET', 'help': 'socket file for AuthService communication', },
+        {'args':['-s','--socket-file'], 'default': X2GOBROKER_AUTHSERVICE_SOCKET, 'metavar': 'AUTHSOCKET', 'help': 'socket file for AuthService communication', },
         {'args':['-o','--owner'], 'default': 'root', 'help': 'owner of the AuthService socket file', },
         {'args':['-g','--group'], 'default': 'root', 'help': 'group ownership of the AuthService socket file', },
         {'args':['-p','--permissions'], 'default': '0660', 'help': 'set these file permissions for the AuthService socket file', },
@@ -76,8 +140,8 @@ if __name__ == '__main__':
     cmdline_args = p.parse_args()
 
     socket_file = cmdline_args.socket_file
-    x2gobroker.authservice.AuthService(socket_file, owner=cmdline_args.owner, group_owner=cmdline_args.group, permissions=cmdline_args.permissions)
+    AuthService(socket_file, owner=cmdline_args.owner, group_owner=cmdline_args.group, permissions=cmdline_args.permissions)
     try:
-        x2gobroker.authservice.loop()
+        loop()
     except KeyboardInterrupt:
         pass
diff --git a/x2gobroker/authservice.py b/x2gobroker/authservice.py
index 0f97a29..ae1518a 100644
--- a/x2gobroker/authservice.py
+++ b/x2gobroker/authservice.py
@@ -22,58 +22,13 @@
 
 import os
 import asyncore
-import pam
 import socket
 import getpass
-import logging
-import logging.config
 
-from pwd import getpwnam
-from grp import getgrnam
+# X2Go Session Broker modules
+import x2gobroker.defaults
+from x2gobroker.loggers import logger_broker
 
-# normally this would go into defaults.py, however, we do not want to pull in defaults.py here as that will create
-# unwanted logfiles (access.log, broker.log, error.log) when x2gobroker-authservice is installed as standalone service
-if os.environ.has_key('X2GOBROKER_DEBUG'):
-    X2GOBROKER_DEBUG = ( os.environ['X2GOBROKER_DEBUG'].lower() in ('1', 'on', 'true', 'yes', ) )
-else:
-    X2GOBROKER_DEBUG = False
-if os.environ.has_key('X2GOBROKER_TESTSUITE'):
-    X2GOBROKER_TESTSUITE = ( os.environ['X2GOBROKER_TESTSUITE'].lower() in ('1', 'on', 'true', 'yes', ) )
-else:
-    X2GOBROKER_TESTSUITE = False
-if os.environ.has_key('X2GOBROKER_DAEMON_USER'):
-    X2GOBROKER_DAEMON_USER=os.environ['X2GOBROKER_DAEMON_USER']
-else:
-    X2GOBROKER_DAEMON_USER="x2gobroker"
-if os.environ.has_key('X2GOBROKER_AUTHSERVICE_LOGCONFIG'):
-    X2GOBROKER_AUTHSERVICE_LOGCONFIG=os.environ['X2GOBROKER_AUTHSERVICE_LOGCONFIG']
-else:
-    X2GOBROKER_AUTHSERVICE_LOGCONFIG="/etc/x2go/broker/x2gobroker-authservice-logger.conf"
-if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
-    X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
-else:
-    X2GOBROKER_AUTHSERVICE_SOCKET="/run/x2gobroker/x2gobroker-authservice.socket"
-
-# standalone daemon mode (x2gobroker-authservice as daemon) or interactive mode (called from the cmdline)?
-if getpass.getuser() in (X2GOBROKER_DAEMON_USER, 'root'):
-
-    # we run in standalone daemon mode, so let's use the system configuration for logging
-    logging.config.fileConfig(X2GOBROKER_AUTHSERVICE_LOGCONFIG)
-
-    # create authservice logger
-    logger_authservice = logging.getLogger('authservice')
-
-else:
-    logger_root = logging.getLogger()
-    stderr_handler = logging.StreamHandler(sys.stderr)
-    stderr_handler.setFormatter(logging.Formatter(fmt='%(asctime)s - %(name)s - %(levelname)s - %(message)s', datefmt=''))
-
-    # all loggers stream to stderr...
-    logger_root.addHandler(stderr_handler)
-
-    logger_authservice = logging.getLogger('authservice')
-    logger_authservice.addHandler(stderr_handler)
-    logger_authservice.propagate = 0
 
 class AuthClient(asyncore.dispatcher_with_send):
 
@@ -103,36 +58,16 @@ class AuthClient(asyncore.dispatcher_with_send):
         self.close()
 
 
-class AuthService(asyncore.dispatcher_with_send):
-
-    def __init__(self, socketfile, owner='root', group_owner='root', permissions='0660'):
-        asyncore.dispatcher_with_send.__init__(self)
-        self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM)
-        self.set_reuse_addr()
-        self.bind(socketfile)
-        os.chown(socketfile, getpwnam(owner).pw_uid, getgrnam(group_owner).gr_gid)
-        os.chmod(socketfile, int(permissions, 8))
-        self.listen(1)
-
-    def handle_accept(self):
-        conn, _ = self.accept()
-        AuthClient(conn)
-
-
-def loop():
-    asyncore.loop()
-
-
 def authenticate(username, password, service="x2gobroker"):
     s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
-    logger_authservice.debug('connecting to authentication service socket {socket}'.format(socket=X2GOBROKER_AUTHSERVICE_SOCKET))
-    s.connect(X2GOBROKER_AUTHSERVICE_SOCKET)
-    logger_authservice.debug('sending username={username}, password=<hidden>, service={service} to authentication service'.format(username=username, service=service))
+    logger_broker.debug('connecting to authentication service socket {socket}'.format(socket=x2gobroker.defaults.X2GOBROKER_AUTHSERVICE_SOCKET))
+    s.connect(x2gobroker.defaults.X2GOBROKER_AUTHSERVICE_SOCKET)
+    logger_broker.debug('sending username={username}, password=<hidden>, service={service} to authentication service'.format(username=username, service=service))
     s.send('{username} {password} {service}\n'.format(username=username, password=password, service=service))
     result = s.recv(1024)
     s.close()
     if result.startswith('ok'):
-        logger_authservice.info('authentication against PAM service »{service}« succeeded for user »{username}«'.format(username=username, service=service))
+        logger_broker.info('authentication against PAM service »{service}« succeeded for user »{username}«'.format(username=username, service=service))
         return True
-    logger_authservice.info('authentication against service »{service}« failed for user »{username}«'.format(username=username, service=service))
+    logger_broker.info('authentication against service »{service}« failed for user »{username}«'.format(username=username, service=service))
     return False
diff --git a/x2gobroker/web/extras.py b/x2gobroker/web/extras.py
index f61c676..cdb810b 100644
--- a/x2gobroker/web/extras.py
+++ b/x2gobroker/web/extras.py
@@ -42,7 +42,7 @@ class X2GoBrokerPubKeyService(tornado.web.RequestHandler):
         for http_header_item in self.http_header_items.keys():
             self.set_header(http_header_item, self.http_header_items[http_header_item])
 
-    def get(self):
+    def get(self, *args, **kwargs):
 
         output = ""
 
@@ -56,7 +56,4 @@ class X2GoBrokerPubKeyService(tornado.web.RequestHandler):
             pubkey = paramiko.DSSKey(filename='{home}/.ssh/id_dsa'.format(home=broker_home))
             output += 'ssh-dss {pubkey} {user}@{hostname}\n'.format(pubkey=str(pubkey.get_base64()), user=x2gobroker.defaults.X2GOBROKER_DAEMON_USER, hostname=x2gobroker.defaults.X2GOBROKER_HOSTNAME)
 
-        if not output:
-            raise tornado.web.HTTPError(404)
-
         self.write(output)


hooks/post-receive
-- 
x2gobroker.git (HTTP(S) Session broker for X2Go)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).




More information about the x2go-commits mailing list