[X2Go-Commits] x2gobroker.git - build-main (branch) updated: 0.0.1.0-24-g5d0e87d

X2Go dev team git-admin at x2go.org
Tue Apr 23 23:21:53 CEST 2013


The branch, build-main has been updated
       via  5d0e87dc21b65c1ddbc3b9de20d6cd9424625e1e (commit)
      from  5c84b2ac39cabc4f1ae3051fb220c7f65149d561 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 debian/changelog            |    2 +
 sbin/x2gobroker-authservice |   96 +++++++++++++++++++++++++++++++++++--------
 x2gobroker/authservice.py   |   81 ++++--------------------------------
 3 files changed, 90 insertions(+), 89 deletions(-)

The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index f5c5c79..622208b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -14,6 +14,8 @@ x2gobroker (0.0.1.1-0~x2go1) UNRELEASED; urgency=low
     - x2gobroker-pubkeyauthorizer: no logging-to-file support anymore.
       (Fixes: #175).
     - Fix name of get() method for /pubkeys/ URL path. (Fixes: #176).
+    - Move AuthService server code fully into x2gobroker-authservice
+      daemon script.
   * /debian/control:
     + Fix --root parameter in DEB_PYTHON_INSTALL_ARGS.
     + Let bin:package x2gobroker-authservice depend on python-x2gobroker (of the
diff --git a/sbin/x2gobroker-authservice b/sbin/x2gobroker-authservice
index 5f0bd13..534a532 100755
--- a/sbin/x2gobroker-authservice
+++ b/sbin/x2gobroker-authservice
@@ -26,12 +26,10 @@ import sys
 import setproctitle
 import argparse
 import logging
-
-try:
-    import x2gobroker.authservice
-except ImportError:
-    sys.path.insert(0, os.path.join(os.getcwd(), '..'))
-    import x2gobroker.authservice
+import asyncore
+import socket
+import getpass
+import logging.config
 
 PROG_NAME = os.path.basename(sys.argv[0])
 PROG_OPTIONS = sys.argv[1:]
@@ -40,23 +38,89 @@ setproctitle.setproctitle("%s %s" % (PROG_NAME, " ".join(PROG_OPTIONS)))
 from x2gobroker import __VERSION__
 from x2gobroker import __AUTHOR__
 
+
+class AuthService(asyncore.dispatcher_with_send):
+
+    def __init__(self, socketfile, owner='root', group_owner='root', permissions='0660'):
+        asyncore.dispatcher_with_send.__init__(self)
+        self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM)
+        self.set_reuse_addr()
+        self.bind(socketfile)
+        os.chown(socketfile, getpwnam(owner).pw_uid, getgrnam(group_owner).gr_gid)
+        os.chmod(socketfile, int(permissions, 8))
+        self.listen(1)
+
+    def handle_accept(self):
+        conn, _ = self.accept()
+        AuthClient(conn)
+
+
+def loop():
+    asyncore.loop()
+
+
+# normally this would go into defaults.py, however, we do not want to pull in defaults.py here as that will create
+# unwanted logfiles (access.log, broker.log, error.log) when x2gobroker-authservice is installed as standalone service
+if os.environ.has_key('X2GOBROKER_DEBUG'):
+    X2GOBROKER_DEBUG = ( os.environ['X2GOBROKER_DEBUG'].lower() in ('1', 'on', 'true', 'yes', ) )
+else:
+    X2GOBROKER_DEBUG = False
+if os.environ.has_key('X2GOBROKER_TESTSUITE'):
+    X2GOBROKER_TESTSUITE = ( os.environ['X2GOBROKER_TESTSUITE'].lower() in ('1', 'on', 'true', 'yes', ) )
+else:
+    X2GOBROKER_TESTSUITE = False
+if os.environ.has_key('X2GOBROKER_DAEMON_USER'):
+    X2GOBROKER_DAEMON_USER=os.environ['X2GOBROKER_DAEMON_USER']
+else:
+    X2GOBROKER_DAEMON_USER="x2gobroker"
+if os.environ.has_key('X2GOBROKER_AUTHSERVICE_LOGCONFIG'):
+    X2GOBROKER_AUTHSERVICE_LOGCONFIG=os.environ['X2GOBROKER_AUTHSERVICE_LOGCONFIG']
+else:
+    X2GOBROKER_AUTHSERVICE_LOGCONFIG="/etc/x2go/broker/x2gobroker-authservice-logger.conf"
+if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
+    X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
+else:
+    X2GOBROKER_AUTHSERVICE_SOCKET="/run/x2gobroker/x2gobroker-authservice.socket"
+
+# standalone daemon mode (x2gobroker-authservice as daemon) or interactive mode (called from the cmdline)?
+if getpass.getuser() in (X2GOBROKER_DAEMON_USER, 'root'):
+
+    # we run in standalone daemon mode, so let's use the system configuration for logging
+    logging.config.fileConfig(X2GOBROKER_AUTHSERVICE_LOGCONFIG)
+
+    # create authservice logger
+    logger_authservice = logging.getLogger('authservice')
+
+else:
+    logger_root = logging.getLogger()
+    stderr_handler = logging.StreamHandler(sys.stderr)
+    stderr_handler.setFormatter(logging.Formatter(fmt='%(asctime)s - %(name)s - %(levelname)s - %(message)s', datefmt=''))
+
+    # all loggers stream to stderr...
+    logger_root.addHandler(stderr_handler)
+
+    logger_authservice = logging.getLogger('authservice')
+    logger_authservice.addHandler(stderr_handler)
+    logger_authservice.propagate = 0
+
+
 # raise log level to DEBUG if requested...
-if x2gobroker.authservice.X2GOBROKER_DEBUG and not x2gobroker.authservice.X2GOBROKER_TESTSUITE:
-    x2gobroker.authservice.logger_authservice.setLevel(logging.DEBUG)
+if X2GOBROKER_DEBUG and not X2GOBROKER_TESTSUITE:
+    logger_authservice.setLevel(logging.DEBUG)
 
-x2gobroker.authservice.logger_authservice.info('X2Go Session Broker ({version}), written by {author}'.format(version=__VERSION__, author=__AUTHOR__))
-x2gobroker.authservice.logger_authservice.info('Setting up the PAM authentication service\'s environment...')
-x2gobroker.authservice.logger_authservice.info('  X2GOBROKER_DEBUG: {value}'.format(value=x2gobroker.authservice.X2GOBROKER_DEBUG))
-x2gobroker.authservice.logger_authservice.info('  X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=x2gobroker.authservice.X2GOBROKER_AUTHSERVICE_SOCKET))
+logger_authservice.info('X2Go Session Broker ({version}), written by {author}'.format(version=__VERSION__, author=__AUTHOR__))
+logger_authservice.info('Setting up the PAM authentication service\'s environment...')
+logger_authservice.info('  X2GOBROKER_DEBUG: {value}'.format(value=X2GOBROKER_DEBUG))
+logger_authservice.info('  X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=X2GOBROKER_AUTHSERVICE_SOCKET))
 
 # check effective UID the broker runs as and complain appropriately...
 if os.geteuid() != 0:
-    x2gobroker.authservice.logger_authservice.warn('X2Go Session Broker\'s PAM authentication service should run with root privileges to guarantee proper access to all PAM modules.')
+    logger_authservice.warn('X2Go Session Broker\'s PAM authentication service should run with root privileges to guarantee proper access to all PAM modules.')
 
 if __name__ == '__main__':
 
     common_options = [
-        {'args':['-s','--socket-file'], 'default': x2gobroker.authservice.X2GOBROKER_AUTHSERVICE_SOCKET, 'metavar': 'AUTHSOCKET', 'help': 'socket file for AuthService communication', },
+        {'args':['-s','--socket-file'], 'default': X2GOBROKER_AUTHSERVICE_SOCKET, 'metavar': 'AUTHSOCKET', 'help': 'socket file for AuthService communication', },
         {'args':['-o','--owner'], 'default': 'root', 'help': 'owner of the AuthService socket file', },
         {'args':['-g','--group'], 'default': 'root', 'help': 'group ownership of the AuthService socket file', },
         {'args':['-p','--permissions'], 'default': '0660', 'help': 'set these file permissions for the AuthService socket file', },
@@ -76,8 +140,8 @@ if __name__ == '__main__':
     cmdline_args = p.parse_args()
 
     socket_file = cmdline_args.socket_file
-    x2gobroker.authservice.AuthService(socket_file, owner=cmdline_args.owner, group_owner=cmdline_args.group, permissions=cmdline_args.permissions)
+    AuthService(socket_file, owner=cmdline_args.owner, group_owner=cmdline_args.group, permissions=cmdline_args.permissions)
     try:
-        x2gobroker.authservice.loop()
+        loop()
     except KeyboardInterrupt:
         pass
diff --git a/x2gobroker/authservice.py b/x2gobroker/authservice.py
index 0f97a29..ae1518a 100644
--- a/x2gobroker/authservice.py
+++ b/x2gobroker/authservice.py
@@ -22,58 +22,13 @@
 
 import os
 import asyncore
-import pam
 import socket
 import getpass
-import logging
-import logging.config
 
-from pwd import getpwnam
-from grp import getgrnam
+# X2Go Session Broker modules
+import x2gobroker.defaults
+from x2gobroker.loggers import logger_broker
 
-# normally this would go into defaults.py, however, we do not want to pull in defaults.py here as that will create
-# unwanted logfiles (access.log, broker.log, error.log) when x2gobroker-authservice is installed as standalone service
-if os.environ.has_key('X2GOBROKER_DEBUG'):
-    X2GOBROKER_DEBUG = ( os.environ['X2GOBROKER_DEBUG'].lower() in ('1', 'on', 'true', 'yes', ) )
-else:
-    X2GOBROKER_DEBUG = False
-if os.environ.has_key('X2GOBROKER_TESTSUITE'):
-    X2GOBROKER_TESTSUITE = ( os.environ['X2GOBROKER_TESTSUITE'].lower() in ('1', 'on', 'true', 'yes', ) )
-else:
-    X2GOBROKER_TESTSUITE = False
-if os.environ.has_key('X2GOBROKER_DAEMON_USER'):
-    X2GOBROKER_DAEMON_USER=os.environ['X2GOBROKER_DAEMON_USER']
-else:
-    X2GOBROKER_DAEMON_USER="x2gobroker"
-if os.environ.has_key('X2GOBROKER_AUTHSERVICE_LOGCONFIG'):
-    X2GOBROKER_AUTHSERVICE_LOGCONFIG=os.environ['X2GOBROKER_AUTHSERVICE_LOGCONFIG']
-else:
-    X2GOBROKER_AUTHSERVICE_LOGCONFIG="/etc/x2go/broker/x2gobroker-authservice-logger.conf"
-if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
-    X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
-else:
-    X2GOBROKER_AUTHSERVICE_SOCKET="/run/x2gobroker/x2gobroker-authservice.socket"
-
-# standalone daemon mode (x2gobroker-authservice as daemon) or interactive mode (called from the cmdline)?
-if getpass.getuser() in (X2GOBROKER_DAEMON_USER, 'root'):
-
-    # we run in standalone daemon mode, so let's use the system configuration for logging
-    logging.config.fileConfig(X2GOBROKER_AUTHSERVICE_LOGCONFIG)
-
-    # create authservice logger
-    logger_authservice = logging.getLogger('authservice')
-
-else:
-    logger_root = logging.getLogger()
-    stderr_handler = logging.StreamHandler(sys.stderr)
-    stderr_handler.setFormatter(logging.Formatter(fmt='%(asctime)s - %(name)s - %(levelname)s - %(message)s', datefmt=''))
-
-    # all loggers stream to stderr...
-    logger_root.addHandler(stderr_handler)
-
-    logger_authservice = logging.getLogger('authservice')
-    logger_authservice.addHandler(stderr_handler)
-    logger_authservice.propagate = 0
 
 class AuthClient(asyncore.dispatcher_with_send):
 
@@ -103,36 +58,16 @@ class AuthClient(asyncore.dispatcher_with_send):
         self.close()
 
 
-class AuthService(asyncore.dispatcher_with_send):
-
-    def __init__(self, socketfile, owner='root', group_owner='root', permissions='0660'):
-        asyncore.dispatcher_with_send.__init__(self)
-        self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM)
-        self.set_reuse_addr()
-        self.bind(socketfile)
-        os.chown(socketfile, getpwnam(owner).pw_uid, getgrnam(group_owner).gr_gid)
-        os.chmod(socketfile, int(permissions, 8))
-        self.listen(1)
-
-    def handle_accept(self):
-        conn, _ = self.accept()
-        AuthClient(conn)
-
-
-def loop():
-    asyncore.loop()
-
-
 def authenticate(username, password, service="x2gobroker"):
     s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
-    logger_authservice.debug('connecting to authentication service socket {socket}'.format(socket=X2GOBROKER_AUTHSERVICE_SOCKET))
-    s.connect(X2GOBROKER_AUTHSERVICE_SOCKET)
-    logger_authservice.debug('sending username={username}, password=<hidden>, service={service} to authentication service'.format(username=username, service=service))
+    logger_broker.debug('connecting to authentication service socket {socket}'.format(socket=x2gobroker.defaults.X2GOBROKER_AUTHSERVICE_SOCKET))
+    s.connect(x2gobroker.defaults.X2GOBROKER_AUTHSERVICE_SOCKET)
+    logger_broker.debug('sending username={username}, password=<hidden>, service={service} to authentication service'.format(username=username, service=service))
     s.send('{username} {password} {service}\n'.format(username=username, password=password, service=service))
     result = s.recv(1024)
     s.close()
     if result.startswith('ok'):
-        logger_authservice.info('authentication against PAM service »{service}« succeeded for user »{username}«'.format(username=username, service=service))
+        logger_broker.info('authentication against PAM service »{service}« succeeded for user »{username}«'.format(username=username, service=service))
         return True
-    logger_authservice.info('authentication against service »{service}« failed for user »{username}«'.format(username=username, service=service))
+    logger_broker.info('authentication against service »{service}« failed for user »{username}«'.format(username=username, service=service))
     return False


hooks/post-receive
-- 
x2gobroker.git (HTTP(S) Session broker for X2Go)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).




More information about the x2go-commits mailing list