[X2Go-Commits] x2gobroker.git - statusflag (branch) updated: 0.0.1.0-24-g5d0e87d

X2Go dev team git-admin at x2go.org
Tue Jun 4 21:10:09 CEST 2013


The branch, statusflag has been updated
       via  5d0e87dc21b65c1ddbc3b9de20d6cd9424625e1e (commit)
      from  5c84b2ac39cabc4f1ae3051fb220c7f65149d561 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 debian/changelog            |    2 +
 sbin/x2gobroker-authservice |   96 +++++++++++++++++++++++++++++++++++--------
 x2gobroker/authservice.py   |   81 ++++--------------------------------
 3 files changed, 90 insertions(+), 89 deletions(-)

The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index f5c5c79..622208b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -14,6 +14,8 @@ x2gobroker (0.0.1.1-0~x2go1) UNRELEASED; urgency=low
     - x2gobroker-pubkeyauthorizer: no logging-to-file support anymore.
       (Fixes: #175).
     - Fix name of get() method for /pubkeys/ URL path. (Fixes: #176).
+    - Move AuthService server code fully into x2gobroker-authservice
+      daemon script.
   * /debian/control:
     + Fix --root parameter in DEB_PYTHON_INSTALL_ARGS.
     + Let bin:package x2gobroker-authservice depend on python-x2gobroker (of the
diff --git a/sbin/x2gobroker-authservice b/sbin/x2gobroker-authservice
index 5f0bd13..534a532 100755
--- a/sbin/x2gobroker-authservice
+++ b/sbin/x2gobroker-authservice
@@ -26,12 +26,10 @@ import sys
 import setproctitle
 import argparse
 import logging
-
-try:
-    import x2gobroker.authservice
-except ImportError:
-    sys.path.insert(0, os.path.join(os.getcwd(), '..'))
-    import x2gobroker.authservice
+import asyncore
+import socket
+import getpass
+import logging.config
 
 PROG_NAME = os.path.basename(sys.argv[0])
 PROG_OPTIONS = sys.argv[1:]
@@ -40,23 +38,89 @@ setproctitle.setproctitle("%s %s" % (PROG_NAME, " ".join(PROG_OPTIONS)))
 from x2gobroker import __VERSION__
 from x2gobroker import __AUTHOR__
 
+
+class AuthService(asyncore.dispatcher_with_send):
+
+    def __init__(self, socketfile, owner='root', group_owner='root', permissions='0660'):
+        asyncore.dispatcher_with_send.__init__(self)
+        self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM)
+        self.set_reuse_addr()
+        self.bind(socketfile)
+        os.chown(socketfile, getpwnam(owner).pw_uid, getgrnam(group_owner).gr_gid)
+        os.chmod(socketfile, int(permissions, 8))
+        self.listen(1)
+
+    def handle_accept(self):
+        conn, _ = self.accept()
+        AuthClient(conn)
+
+
+def loop():
+    asyncore.loop()
+
+
+# normally this would go into defaults.py, however, we do not want to pull in defaults.py here as that will create
+# unwanted logfiles (access.log, broker.log, error.log) when x2gobroker-authservice is installed as standalone service
+if os.environ.has_key('X2GOBROKER_DEBUG'):
+    X2GOBROKER_DEBUG = ( os.environ['X2GOBROKER_DEBUG'].lower() in ('1', 'on', 'true', 'yes', ) )
+else:
+    X2GOBROKER_DEBUG = False
+if os.environ.has_key('X2GOBROKER_TESTSUITE'):
+    X2GOBROKER_TESTSUITE = ( os.environ['X2GOBROKER_TESTSUITE'].lower() in ('1', 'on', 'true', 'yes', ) )
+else:
+    X2GOBROKER_TESTSUITE = False
+if os.environ.has_key('X2GOBROKER_DAEMON_USER'):
+    X2GOBROKER_DAEMON_USER=os.environ['X2GOBROKER_DAEMON_USER']
+else:
+    X2GOBROKER_DAEMON_USER="x2gobroker"
+if os.environ.has_key('X2GOBROKER_AUTHSERVICE_LOGCONFIG'):
+    X2GOBROKER_AUTHSERVICE_LOGCONFIG=os.environ['X2GOBROKER_AUTHSERVICE_LOGCONFIG']
+else:
+    X2GOBROKER_AUTHSERVICE_LOGCONFIG="/etc/x2go/broker/x2gobroker-authservice-logger.conf"
+if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
+    X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
+else:
+    X2GOBROKER_AUTHSERVICE_SOCKET="/run/x2gobroker/x2gobroker-authservice.socket"
+
+# standalone daemon mode (x2gobroker-authservice as daemon) or interactive mode (called from the cmdline)?
+if getpass.getuser() in (X2GOBROKER_DAEMON_USER, 'root'):
+
+    # we run in standalone daemon mode, so let's use the system configuration for logging
+    logging.config.fileConfig(X2GOBROKER_AUTHSERVICE_LOGCONFIG)
+
+    # create authservice logger
+    logger_authservice = logging.getLogger('authservice')
+
+else:
+    logger_root = logging.getLogger()
+    stderr_handler = logging.StreamHandler(sys.stderr)
+    stderr_handler.setFormatter(logging.Formatter(fmt='%(asctime)s - %(name)s - %(levelname)s - %(message)s', datefmt=''))
+
+    # all loggers stream to stderr...
+    logger_root.addHandler(stderr_handler)
+
+    logger_authservice = logging.getLogger('authservice')
+    logger_authservice.addHandler(stderr_handler)
+    logger_authservice.propagate = 0
+
+
 # raise log level to DEBUG if requested...
-if x2gobroker.authservice.X2GOBROKER_DEBUG and not x2gobroker.authservice.X2GOBROKER_TESTSUITE:
-    x2gobroker.authservice.logger_authservice.setLevel(logging.DEBUG)
+if X2GOBROKER_DEBUG and not X2GOBROKER_TESTSUITE:
+    logger_authservice.setLevel(logging.DEBUG)
 
-x2gobroker.authservice.logger_authservice.info('X2Go Session Broker ({version}), written by {author}'.format(version=__VERSION__, author=__AUTHOR__))
-x2gobroker.authservice.logger_authservice.info('Setting up the PAM authentication service\'s environment...')
-x2gobroker.authservice.logger_authservice.info('  X2GOBROKER_DEBUG: {value}'.format(value=x2gobroker.authservice.X2GOBROKER_DEBUG))
-x2gobroker.authservice.logger_authservice.info('  X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=x2gobroker.authservice.X2GOBROKER_AUTHSERVICE_SOCKET))
+logger_authservice.info('X2Go Session Broker ({version}), written by {author}'.format(version=__VERSION__, author=__AUTHOR__))
+logger_authservice.info('Setting up the PAM authentication service\'s environment...')
+logger_authservice.info('  X2GOBROKER_DEBUG: {value}'.format(value=X2GOBROKER_DEBUG))
+logger_authservice.info('  X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=X2GOBROKER_AUTHSERVICE_SOCKET))
 
 # check effective UID the broker runs as and complain appropriately...
 if os.geteuid() != 0:
-    x2gobroker.authservice.logger_authservice.warn('X2Go Session Broker\'s PAM authentication service should run with root privileges to guarantee proper access to all PAM modules.')
+    logger_authservice.warn('X2Go Session Broker\'s PAM authentication service should run with root privileges to guarantee proper access to all PAM modules.')
 
 if __name__ == '__main__':
 
     common_options = [
-        {'args':['-s','--socket-file'], 'default': x2gobroker.authservice.X2GOBROKER_AUTHSERVICE_SOCKET, 'metavar': 'AUTHSOCKET', 'help': 'socket file for AuthService communication', },
+        {'args':['-s','--socket-file'], 'default': X2GOBROKER_AUTHSERVICE_SOCKET, 'metavar': 'AUTHSOCKET', 'help': 'socket file for AuthService communication', },
         {'args':['-o','--owner'], 'default': 'root', 'help': 'owner of the AuthService socket file', },
         {'args':['-g','--group'], 'default': 'root', 'help': 'group ownership of the AuthService socket file', },
         {'args':['-p','--permissions'], 'default': '0660', 'help': 'set these file permissions for the AuthService socket file', },
@@ -76,8 +140,8 @@ if __name__ == '__main__':
     cmdline_args = p.parse_args()
 
     socket_file = cmdline_args.socket_file
-    x2gobroker.authservice.AuthService(socket_file, owner=cmdline_args.owner, group_owner=cmdline_args.group, permissions=cmdline_args.permissions)
+    AuthService(socket_file, owner=cmdline_args.owner, group_owner=cmdline_args.group, permissions=cmdline_args.permissions)
     try:
-        x2gobroker.authservice.loop()
+        loop()
     except KeyboardInterrupt:
         pass
diff --git a/x2gobroker/authservice.py b/x2gobroker/authservice.py
index 0f97a29..ae1518a 100644
--- a/x2gobroker/authservice.py
+++ b/x2gobroker/authservice.py
@@ -22,58 +22,13 @@
 
 import os
 import asyncore
-import pam
 import socket
 import getpass
-import logging
-import logging.config
 
-from pwd import getpwnam
-from grp import getgrnam
+# X2Go Session Broker modules
+import x2gobroker.defaults
+from x2gobroker.loggers import logger_broker
 
-# normally this would go into defaults.py, however, we do not want to pull in defaults.py here as that will create
-# unwanted logfiles (access.log, broker.log, error.log) when x2gobroker-authservice is installed as standalone service
-if os.environ.has_key('X2GOBROKER_DEBUG'):
-    X2GOBROKER_DEBUG = ( os.environ['X2GOBROKER_DEBUG'].lower() in ('1', 'on', 'true', 'yes', ) )
-else:
-    X2GOBROKER_DEBUG = False
-if os.environ.has_key('X2GOBROKER_TESTSUITE'):
-    X2GOBROKER_TESTSUITE = ( os.environ['X2GOBROKER_TESTSUITE'].lower() in ('1', 'on', 'true', 'yes', ) )
-else:
-    X2GOBROKER_TESTSUITE = False
-if os.environ.has_key('X2GOBROKER_DAEMON_USER'):
-    X2GOBROKER_DAEMON_USER=os.environ['X2GOBROKER_DAEMON_USER']
-else:
-    X2GOBROKER_DAEMON_USER="x2gobroker"
-if os.environ.has_key('X2GOBROKER_AUTHSERVICE_LOGCONFIG'):
-    X2GOBROKER_AUTHSERVICE_LOGCONFIG=os.environ['X2GOBROKER_AUTHSERVICE_LOGCONFIG']
-else:
-    X2GOBROKER_AUTHSERVICE_LOGCONFIG="/etc/x2go/broker/x2gobroker-authservice-logger.conf"
-if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
-    X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
-else:
-    X2GOBROKER_AUTHSERVICE_SOCKET="/run/x2gobroker/x2gobroker-authservice.socket"
-
-# standalone daemon mode (x2gobroker-authservice as daemon) or interactive mode (called from the cmdline)?
-if getpass.getuser() in (X2GOBROKER_DAEMON_USER, 'root'):
-
-    # we run in standalone daemon mode, so let's use the system configuration for logging
-    logging.config.fileConfig(X2GOBROKER_AUTHSERVICE_LOGCONFIG)
-
-    # create authservice logger
-    logger_authservice = logging.getLogger('authservice')
-
-else:
-    logger_root = logging.getLogger()
-    stderr_handler = logging.StreamHandler(sys.stderr)
-    stderr_handler.setFormatter(logging.Formatter(fmt='%(asctime)s - %(name)s - %(levelname)s - %(message)s', datefmt=''))
-
-    # all loggers stream to stderr...
-    logger_root.addHandler(stderr_handler)
-
-    logger_authservice = logging.getLogger('authservice')
-    logger_authservice.addHandler(stderr_handler)
-    logger_authservice.propagate = 0
 
 class AuthClient(asyncore.dispatcher_with_send):
 
@@ -103,36 +58,16 @@ class AuthClient(asyncore.dispatcher_with_send):
         self.close()
 
 
-class AuthService(asyncore.dispatcher_with_send):
-
-    def __init__(self, socketfile, owner='root', group_owner='root', permissions='0660'):
-        asyncore.dispatcher_with_send.__init__(self)
-        self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM)
-        self.set_reuse_addr()
-        self.bind(socketfile)
-        os.chown(socketfile, getpwnam(owner).pw_uid, getgrnam(group_owner).gr_gid)
-        os.chmod(socketfile, int(permissions, 8))
-        self.listen(1)
-
-    def handle_accept(self):
-        conn, _ = self.accept()
-        AuthClient(conn)
-
-
-def loop():
-    asyncore.loop()
-
-
 def authenticate(username, password, service="x2gobroker"):
     s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
-    logger_authservice.debug('connecting to authentication service socket {socket}'.format(socket=X2GOBROKER_AUTHSERVICE_SOCKET))
-    s.connect(X2GOBROKER_AUTHSERVICE_SOCKET)
-    logger_authservice.debug('sending username={username}, password=<hidden>, service={service} to authentication service'.format(username=username, service=service))
+    logger_broker.debug('connecting to authentication service socket {socket}'.format(socket=x2gobroker.defaults.X2GOBROKER_AUTHSERVICE_SOCKET))
+    s.connect(x2gobroker.defaults.X2GOBROKER_AUTHSERVICE_SOCKET)
+    logger_broker.debug('sending username={username}, password=<hidden>, service={service} to authentication service'.format(username=username, service=service))
     s.send('{username} {password} {service}\n'.format(username=username, password=password, service=service))
     result = s.recv(1024)
     s.close()
     if result.startswith('ok'):
-        logger_authservice.info('authentication against PAM service »{service}« succeeded for user »{username}«'.format(username=username, service=service))
+        logger_broker.info('authentication against PAM service »{service}« succeeded for user »{username}«'.format(username=username, service=service))
         return True
-    logger_authservice.info('authentication against service »{service}« failed for user »{username}«'.format(username=username, service=service))
+    logger_broker.info('authentication against service »{service}« failed for user »{username}«'.format(username=username, service=service))
     return False


hooks/post-receive
-- 
x2gobroker.git (HTTP(S) Session broker for X2Go)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).




More information about the x2go-commits mailing list