From 08fad75a940354b01288a90759887238757023bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Mart=C3=ADn?= Date: Thu, 1 Sep 2011 18:57:53 +0200 Subject: [PATCH 1/6] Feature #788: Change oneuser --time description from hours to seconds --- src/cli/oneuser | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cli/oneuser b/src/cli/oneuser index a740411d0c..43ffc13268 100755 --- a/src/cli/oneuser +++ b/src/cli/oneuser @@ -104,7 +104,7 @@ cmd=CommandParser::CmdParser.new(ARGV) do :name => "time", :large => "--time x", :format => Integer, - :description => "Token duration in hours, (default 1)" + :description => "Token duration in seconds, defaults to 3600 (1 h)" } create_options = [READ_FILE, PLAIN, SSH, X509, KEY, CERT] From d145cd8303419ebc8a03c873f147f12a15a2279c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Mart=C3=ADn?= Date: Fri, 2 Sep 2011 06:40:35 -0700 Subject: [PATCH 2/6] Feature #788: Add new 'oneuser key' command, similar to the 2.2 'oneauth key' --- src/cli/one_helper/oneuser_helper.rb | 16 +++++++++++----- src/cli/oneuser | 27 ++++++++++++++++++++++++--- 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb index b481f9291b..a9acaf3d46 100644 --- a/src/cli/one_helper/oneuser_helper.rb +++ b/src/cli/one_helper/oneuser_helper.rb @@ -37,7 +37,7 @@ class OneUserHelper < OpenNebulaHelper::OneHelper return -1, "Can not read file: #{arg}" end else - if options[:plain] + if options[:plain] || options[:ssh] password = arg.gsub(/\s/, '') else password = Digest::SHA1.hexdigest(arg) @@ -49,9 +49,11 @@ class OneUserHelper < OpenNebulaHelper::OneHelper def password(options) if options[:ssh] - require 'ssh_auth' + if !options[:key] + return -1, "You have to specify the --key option" + end - options[:key] ||= ENV['HOME']+'/.ssh/id_rsa' + require 'ssh_auth' begin sshauth = SshAuth.new(:private_key=>options[:key]) @@ -61,10 +63,14 @@ class OneUserHelper < OpenNebulaHelper::OneHelper return 0, sshauth.public_key elsif options[:x509] - require 'x509_auth' - options[:cert] ||= ENV['X509_USER_CERT'] + if !options[:cert] + return -1, "You have to specify the --cert option" + end + + require 'x509_auth' + begin cert = [File.read(options[:cert])] x509auth = X509Auth.new(:certs_pem=>cert) diff --git a/src/cli/oneuser b/src/cli/oneuser index 43ffc13268..531db2b15e 100755 --- a/src/cli/oneuser +++ b/src/cli/oneuser @@ -139,20 +139,21 @@ cmd=CommandParser::CmdParser.new(ARGV) do oneuser create my_user my_password oneuser create my_user /tmp/mypass -r oneuser create my_user --ssh --key /tmp/id_rsa + oneuser create my_user --ssh -r /tmp/public_key oneuser create my_user --x509 --cert /tmp/my_cert.pem EOT command :create, create_desc, :username, [:password, nil], :options=>create_options do - if options[:ssh] or options[:x509] + if args[1] + pass = args[1] + else rc = helper.password(options) if rc.first == 0 pass = rc[1] else exit_with_code *rc end - else - pass = args[1] end helper.create_resource(options) do |user| @@ -175,6 +176,26 @@ cmd=CommandParser::CmdParser.new(ARGV) do helper.login(args[0], options) end + key_desc = <<-EOT.unindent + Generates a public key from a private SSH key + EOT + + command :key, key_desc, :options=>[KEY] do + require 'ssh_auth' + + options[:key] ||= ENV['HOME']+'/.ssh/id_rsa' + + begin + sshauth = SshAuth.new(:private_key=>options[:key]) + rescue Exception => e + exit_with_code -1, e.message + end + + puts sshauth.public_key + exit_with_code 0 + end + + delete_desc = <<-EOT.unindent Deletes the given User EOT From 7213800115c2e07f8c20bd90078f0d4b0fe5b84e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Mart=C3=ADn?= Date: Fri, 2 Sep 2011 16:07:45 +0200 Subject: [PATCH 3/6] Feature #788: Change 'oneuser passwd' to accept a public ssh key --- src/cli/oneuser | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/cli/oneuser b/src/cli/oneuser index 531db2b15e..49559db58e 100755 --- a/src/cli/oneuser +++ b/src/cli/oneuser @@ -212,15 +212,15 @@ cmd=CommandParser::CmdParser.new(ARGV) do command :passwd, passwd_desc, :userid, :password, :options=>create_options do - if options[:ssh] or options[:x509] + if args[1] + pass = args[1] + else rc = helper.password(options) if rc.first == 0 pass = rc[1] else exit_with_code *rc end - else - pass = args[1] end helper.perform_action(args[0],options,"Password changed") do |user| From c8d45c9985cf60109db9c76e4df1693f74c12824 Mon Sep 17 00:00:00 2001 From: "Ruben S. Montero" Date: Fri, 2 Sep 2011 16:14:14 +0200 Subject: [PATCH 4/6] feature #788: Changed description of oneuser key command. Do not hash x509 passwords --- src/cli/one_helper/oneuser_helper.rb | 2 +- src/cli/oneuser | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb index a9acaf3d46..bca7a4c27c 100644 --- a/src/cli/one_helper/oneuser_helper.rb +++ b/src/cli/one_helper/oneuser_helper.rb @@ -37,7 +37,7 @@ class OneUserHelper < OpenNebulaHelper::OneHelper return -1, "Can not read file: #{arg}" end else - if options[:plain] || options[:ssh] + if options[:plain] || options[:ssh] || options[:x509] password = arg.gsub(/\s/, '') else password = Digest::SHA1.hexdigest(arg) diff --git a/src/cli/oneuser b/src/cli/oneuser index 531db2b15e..bab3cf787c 100755 --- a/src/cli/oneuser +++ b/src/cli/oneuser @@ -177,7 +177,7 @@ cmd=CommandParser::CmdParser.new(ARGV) do end key_desc = <<-EOT.unindent - Generates a public key from a private SSH key + Shows a public key from a private SSH key. Use it as password for the SSH authentication mechanism. EOT command :key, key_desc, :options=>[KEY] do From 6fd97be3029459a11e4fac505a978b6e307bc916 Mon Sep 17 00:00:00 2001 From: "Ruben S. Montero" Date: Fri, 2 Sep 2011 16:17:26 +0200 Subject: [PATCH 5/6] feature #788: better formatting for oneuser command help --- src/cli/oneuser | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/cli/oneuser b/src/cli/oneuser index 778e340dce..0f35fd6c0d 100755 --- a/src/cli/oneuser +++ b/src/cli/oneuser @@ -177,7 +177,8 @@ cmd=CommandParser::CmdParser.new(ARGV) do end key_desc = <<-EOT.unindent - Shows a public key from a private SSH key. Use it as password for the SSH authentication mechanism. + Shows a public key from a private SSH key. Use it as password + for the SSH authentication mechanism. EOT command :key, key_desc, :options=>[KEY] do From 2709d144a8dd02b8d19794a06c034dfcc7a1e402 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Mart=C3=ADn?= Date: Fri, 2 Sep 2011 16:20:14 +0200 Subject: [PATCH 6/6] Feature #788: Make 'oneuser passwd' second parameter optional, so --key can be used --- src/cli/oneuser | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cli/oneuser b/src/cli/oneuser index 0f35fd6c0d..e46b8a757b 100755 --- a/src/cli/oneuser +++ b/src/cli/oneuser @@ -211,7 +211,7 @@ cmd=CommandParser::CmdParser.new(ARGV) do Changes the given User's password EOT - command :passwd, passwd_desc, :userid, :password, + command :passwd, passwd_desc, :userid, [:password, nil], :options=>create_options do if args[1] pass = args[1]