shaba/virt-manager
1
0
Fork 0
mirror of https://github.com/virt-manager/virt-manager.git synced 2025-02-01 05:47:21 +03:00
Code Issues Projects Releases Wiki Activity
virt-manager/virtManager/connectauth.py

210 lines
5.9 KiB
Python
Raw Normal View History

connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
#
# Copyright (C) 2012 Red Hat, Inc.
# Copyright (C) 2012 Cole Robinson <crobinso@redhat.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
# MA 02110-1301 USA.
#
Disable pylint warnings about gi.repository Since pylint still can't handle the dynamic nature of gobject introspection.
2013-04-11 17:16:33 -04:00
# pylint: disable=E0611
Fix GObject deprecation warnings with latest pygobject
2013-02-16 14:03:30 -05:00
from gi.repository import GLib
Disable pylint warnings about gi.repository Since pylint still can't handle the dynamic nature of gobject introspection.
2013-04-11 17:16:33 -04:00
# pylint: enable=E0611
Convert to use GTK3 and GObject Introspection bindings Switch over to use GObject introspection bindings for all python modules related to GObject/GTK3/etc. It is not possible to mix and match old pyggtk/pygobject manual bindings with new introspection based bindings so it must be all changed in one go. Imports like import gtk Change to from gi.repository import Gtk The vmmGObject class is changed to always inherit from GObject.GObject There is no compelling reason to avoid a GObject dep for the virt-manager TUI & it horribly messed up the code. Signal declarations are changed from vmmChooseCD.signal_new(vmmChooseCD, "cdrom-chosen", [object, str]) To __gsignals__ = { "cdrom-chosen": (GObject.SignalFlags.RUN_FIRST, None, [object, str]) } which is required by new GObject bindings Most of the rest of the change is simply dealing with renamed constants / classes. Alot of legacy compat code was removed - ie helpers which check to see if certain GTK2 methods are available are no longer required since we're mandating GTK3 only. The event loop is replaced with LibvirtGLib's event loop. Still todo - Rip out all DBus stuff & make vmmEngine class inherit GtkApplication which provides unique support & DBus method handling - Switch to use LibvirtGConfig & LibvirtGObject for libvirt interaction - Possibly switch to Python 3 too ? - Figure out why GNOME keyring is missing Introspection support My suggestion is that the standalone GIT repo for virt-install only live on as a support branch for legacy platforms. A stable-0.9 branch of virt-manager can be kept for legacy PyGtk2 based virt-manager releases. The virt-manager master branch should exclusively use GObject inspection and ideally Python3 and contain both the virt-manager and virt-install codebases in one since they are intimately related to each other & using separate GIT repos has needlessly complicated life for everyone. crobinso: Some locking fixes Misc cleanups and dropping now-useless code Fix dbus usage Fix graph cell renderer regression Fix a couple tooltip issues
2012-05-14 14:24:56 +01:00
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
import logging
import os
Drop use of gtk threading In general it complicates things for minor simplifications in some cases. I think it's better just to learn that anything invoked from a thread that _might_ touch the UI should just be dispatched in an idle callback. Anything UI bits that we need immediately in a thread can just use some creative trickery (like is done in connectauth) to block in a safe manner.
2012-02-10 14:07:51 -05:00
import time
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
import dbus
import libvirt
Revive pep8 and clean up the code autopep8 is pretty cool :)
2013-04-13 14:34:52 -04:00
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
def do_we_have_session():
pid = os.getpid()
try:
bus = dbus.SystemBus()
except:
logging.exception("Error getting system bus handle")
Use systemd for login session lookup, if available
2012-07-07 10:39:06 -04:00
return
# Check systemd
try:
manager = dbus.Interface(bus.get_object(
"org.freedesktop.login1",
"/org/freedesktop/login1"),
"org.freedesktop.login1.Manager")
ret = manager.GetSessionByPID(pid)
logging.debug("Found login1 session=%s", ret)
return True
except:
logging.exception("Couldn't connect to logind")
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
# Check ConsoleKit
try:
manager = dbus.Interface(bus.get_object(
"org.freedesktop.ConsoleKit",
"/org/freedesktop/ConsoleKit/Manager"),
"org.freedesktop.ConsoleKit.Manager")
ret = manager.GetSessionForUnixProcess(pid)
logging.debug("Found ConsoleKit session=%s", ret)
Use systemd for login session lookup, if available
2012-07-07 10:39:06 -04:00
return True
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
except:
Use systemd for login session lookup, if available
2012-07-07 10:39:06 -04:00
logging.exception("Couldn't connect to ConsoleKit")
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
Use systemd for login session lookup, if available
2012-07-07 10:39:06 -04:00
return False
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
def creds_polkit(action):
"""
Libvirt openAuth callback for PolicyKit < 1.0
"""
if os.getuid() == 0:
logging.debug("Skipping policykit check as root")
return 0
logging.debug("Doing policykit for %s", action)
try:
# First try to use org.freedesktop.PolicyKit.AuthenticationAgent
# which is introduced with PolicyKit-0.7
bus = dbus.SessionBus()
obj = bus.get_object("org.freedesktop.PolicyKit.AuthenticationAgent",
"/")
pkit = dbus.Interface(obj,
"org.freedesktop.PolicyKit.AuthenticationAgent")
pkit.ObtainAuthorization(action, 0, os.getpid())
except dbus.exceptions.DBusException, e:
if (e.get_dbus_name() != "org.freedesktop.DBus.Error.ServiceUnknown"):
raise
# If PolicyKit < 0.7, fallback to org.gnome.PolicyKit
logging.debug("Falling back to org.gnome.PolicyKit")
obj = bus.get_object("org.gnome.PolicyKit",
"/org/gnome/PolicyKit/Manager")
pkit = dbus.Interface(obj, "org.gnome.PolicyKit.Manager")
pkit.ShowDialog(action, 0)
return 0
def creds_dialog(creds):
"""
Thread safe wrapper for libvirt openAuth user/pass callback
"""
Drop use of gtk threading In general it complicates things for minor simplifications in some cases. I think it's better just to learn that anything invoked from a thread that _might_ touch the UI should just be dispatched in an idle callback. Anything UI bits that we need immediately in a thread can just use some creative trickery (like is done in connectauth) to block in a safe manner.
2012-02-10 14:07:51 -05:00
retipc = []
def wrapper(fn, creds):
try:
ret = fn(creds)
except:
logging.exception("Error from creds dialog")
ret = -1
retipc.append(ret)
Fix GObject deprecation warnings with latest pygobject
2013-02-16 14:03:30 -05:00
GLib.idle_add(wrapper, creds_dialog_main, creds)
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
Drop use of gtk threading In general it complicates things for minor simplifications in some cases. I think it's better just to learn that anything invoked from a thread that _might_ touch the UI should just be dispatched in an idle callback. Anything UI bits that we need immediately in a thread can just use some creative trickery (like is done in connectauth) to block in a safe manner.
2012-02-10 14:07:51 -05:00
while not retipc:
time.sleep(.1)
return retipc[0]
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
def creds_dialog_main(creds):
"""
Libvirt openAuth callback for username/password credentials
"""
Revive pep8 and clean up the code autopep8 is pretty cool :)
2013-04-13 14:34:52 -04:00
from gi.repository import Gtk # pylint: disable=E0611
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
Convert to use GTK3 and GObject Introspection bindings Switch over to use GObject introspection bindings for all python modules related to GObject/GTK3/etc. It is not possible to mix and match old pyggtk/pygobject manual bindings with new introspection based bindings so it must be all changed in one go. Imports like import gtk Change to from gi.repository import Gtk The vmmGObject class is changed to always inherit from GObject.GObject There is no compelling reason to avoid a GObject dep for the virt-manager TUI & it horribly messed up the code. Signal declarations are changed from vmmChooseCD.signal_new(vmmChooseCD, "cdrom-chosen", [object, str]) To __gsignals__ = { "cdrom-chosen": (GObject.SignalFlags.RUN_FIRST, None, [object, str]) } which is required by new GObject bindings Most of the rest of the change is simply dealing with renamed constants / classes. Alot of legacy compat code was removed - ie helpers which check to see if certain GTK2 methods are available are no longer required since we're mandating GTK3 only. The event loop is replaced with LibvirtGLib's event loop. Still todo - Rip out all DBus stuff & make vmmEngine class inherit GtkApplication which provides unique support & DBus method handling - Switch to use LibvirtGConfig & LibvirtGObject for libvirt interaction - Possibly switch to Python 3 too ? - Figure out why GNOME keyring is missing Introspection support My suggestion is that the standalone GIT repo for virt-install only live on as a support branch for legacy platforms. A stable-0.9 branch of virt-manager can be kept for legacy PyGtk2 based virt-manager releases. The virt-manager master branch should exclusively use GObject inspection and ideally Python3 and contain both the virt-manager and virt-install codebases in one since they are intimately related to each other & using separate GIT repos has needlessly complicated life for everyone. crobinso: Some locking fixes Misc cleanups and dropping now-useless code Fix dbus usage Fix graph cell renderer regression Fix a couple tooltip issues
2012-05-14 14:24:56 +01:00
dialog = Gtk.Dialog("Authentication required", None, 0,
(Gtk.STOCK_CANCEL, Gtk.ResponseType.CANCEL,
Gtk.STOCK_OK, Gtk.ResponseType.OK))
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
label = []
entry = []
Convert to use GTK3 and GObject Introspection bindings Switch over to use GObject introspection bindings for all python modules related to GObject/GTK3/etc. It is not possible to mix and match old pyggtk/pygobject manual bindings with new introspection based bindings so it must be all changed in one go. Imports like import gtk Change to from gi.repository import Gtk The vmmGObject class is changed to always inherit from GObject.GObject There is no compelling reason to avoid a GObject dep for the virt-manager TUI & it horribly messed up the code. Signal declarations are changed from vmmChooseCD.signal_new(vmmChooseCD, "cdrom-chosen", [object, str]) To __gsignals__ = { "cdrom-chosen": (GObject.SignalFlags.RUN_FIRST, None, [object, str]) } which is required by new GObject bindings Most of the rest of the change is simply dealing with renamed constants / classes. Alot of legacy compat code was removed - ie helpers which check to see if certain GTK2 methods are available are no longer required since we're mandating GTK3 only. The event loop is replaced with LibvirtGLib's event loop. Still todo - Rip out all DBus stuff & make vmmEngine class inherit GtkApplication which provides unique support & DBus method handling - Switch to use LibvirtGConfig & LibvirtGObject for libvirt interaction - Possibly switch to Python 3 too ? - Figure out why GNOME keyring is missing Introspection support My suggestion is that the standalone GIT repo for virt-install only live on as a support branch for legacy platforms. A stable-0.9 branch of virt-manager can be kept for legacy PyGtk2 based virt-manager releases. The virt-manager master branch should exclusively use GObject inspection and ideally Python3 and contain both the virt-manager and virt-install codebases in one since they are intimately related to each other & using separate GIT repos has needlessly complicated life for everyone. crobinso: Some locking fixes Misc cleanups and dropping now-useless code Fix dbus usage Fix graph cell renderer regression Fix a couple tooltip issues
2012-05-14 14:24:56 +01:00
box = Gtk.Table(2, len(creds))
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
box.set_border_width(6)
box.set_row_spacings(6)
box.set_col_spacings(12)
def _on_ent_activate(ent):
idx = entry.index(ent)
if idx < len(entry) - 1:
entry[idx + 1].grab_focus()
else:
Convert to use GTK3 and GObject Introspection bindings Switch over to use GObject introspection bindings for all python modules related to GObject/GTK3/etc. It is not possible to mix and match old pyggtk/pygobject manual bindings with new introspection based bindings so it must be all changed in one go. Imports like import gtk Change to from gi.repository import Gtk The vmmGObject class is changed to always inherit from GObject.GObject There is no compelling reason to avoid a GObject dep for the virt-manager TUI & it horribly messed up the code. Signal declarations are changed from vmmChooseCD.signal_new(vmmChooseCD, "cdrom-chosen", [object, str]) To __gsignals__ = { "cdrom-chosen": (GObject.SignalFlags.RUN_FIRST, None, [object, str]) } which is required by new GObject bindings Most of the rest of the change is simply dealing with renamed constants / classes. Alot of legacy compat code was removed - ie helpers which check to see if certain GTK2 methods are available are no longer required since we're mandating GTK3 only. The event loop is replaced with LibvirtGLib's event loop. Still todo - Rip out all DBus stuff & make vmmEngine class inherit GtkApplication which provides unique support & DBus method handling - Switch to use LibvirtGConfig & LibvirtGObject for libvirt interaction - Possibly switch to Python 3 too ? - Figure out why GNOME keyring is missing Introspection support My suggestion is that the standalone GIT repo for virt-install only live on as a support branch for legacy platforms. A stable-0.9 branch of virt-manager can be kept for legacy PyGtk2 based virt-manager releases. The virt-manager master branch should exclusively use GObject inspection and ideally Python3 and contain both the virt-manager and virt-install codebases in one since they are intimately related to each other & using separate GIT repos has needlessly complicated life for everyone. crobinso: Some locking fixes Misc cleanups and dropping now-useless code Fix dbus usage Fix graph cell renderer regression Fix a couple tooltip issues
2012-05-14 14:24:56 +01:00
dialog.response(Gtk.ResponseType.OK)
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
row = 0
for cred in creds:
if (cred[0] == libvirt.VIR_CRED_AUTHNAME or
cred[0] == libvirt.VIR_CRED_PASSPHRASE):
prompt = cred[1]
if not prompt.endswith(":"):
prompt += ":"
Convert to use GTK3 and GObject Introspection bindings Switch over to use GObject introspection bindings for all python modules related to GObject/GTK3/etc. It is not possible to mix and match old pyggtk/pygobject manual bindings with new introspection based bindings so it must be all changed in one go. Imports like import gtk Change to from gi.repository import Gtk The vmmGObject class is changed to always inherit from GObject.GObject There is no compelling reason to avoid a GObject dep for the virt-manager TUI & it horribly messed up the code. Signal declarations are changed from vmmChooseCD.signal_new(vmmChooseCD, "cdrom-chosen", [object, str]) To __gsignals__ = { "cdrom-chosen": (GObject.SignalFlags.RUN_FIRST, None, [object, str]) } which is required by new GObject bindings Most of the rest of the change is simply dealing with renamed constants / classes. Alot of legacy compat code was removed - ie helpers which check to see if certain GTK2 methods are available are no longer required since we're mandating GTK3 only. The event loop is replaced with LibvirtGLib's event loop. Still todo - Rip out all DBus stuff & make vmmEngine class inherit GtkApplication which provides unique support & DBus method handling - Switch to use LibvirtGConfig & LibvirtGObject for libvirt interaction - Possibly switch to Python 3 too ? - Figure out why GNOME keyring is missing Introspection support My suggestion is that the standalone GIT repo for virt-install only live on as a support branch for legacy platforms. A stable-0.9 branch of virt-manager can be kept for legacy PyGtk2 based virt-manager releases. The virt-manager master branch should exclusively use GObject inspection and ideally Python3 and contain both the virt-manager and virt-install codebases in one since they are intimately related to each other & using separate GIT repos has needlessly complicated life for everyone. crobinso: Some locking fixes Misc cleanups and dropping now-useless code Fix dbus usage Fix graph cell renderer regression Fix a couple tooltip issues
2012-05-14 14:24:56 +01:00
text_label = Gtk.Label(label=prompt)
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
text_label.set_alignment(0.0, 0.5)
label.append(text_label)
else:
return -1
Convert to use GTK3 and GObject Introspection bindings Switch over to use GObject introspection bindings for all python modules related to GObject/GTK3/etc. It is not possible to mix and match old pyggtk/pygobject manual bindings with new introspection based bindings so it must be all changed in one go. Imports like import gtk Change to from gi.repository import Gtk The vmmGObject class is changed to always inherit from GObject.GObject There is no compelling reason to avoid a GObject dep for the virt-manager TUI & it horribly messed up the code. Signal declarations are changed from vmmChooseCD.signal_new(vmmChooseCD, "cdrom-chosen", [object, str]) To __gsignals__ = { "cdrom-chosen": (GObject.SignalFlags.RUN_FIRST, None, [object, str]) } which is required by new GObject bindings Most of the rest of the change is simply dealing with renamed constants / classes. Alot of legacy compat code was removed - ie helpers which check to see if certain GTK2 methods are available are no longer required since we're mandating GTK3 only. The event loop is replaced with LibvirtGLib's event loop. Still todo - Rip out all DBus stuff & make vmmEngine class inherit GtkApplication which provides unique support & DBus method handling - Switch to use LibvirtGConfig & LibvirtGObject for libvirt interaction - Possibly switch to Python 3 too ? - Figure out why GNOME keyring is missing Introspection support My suggestion is that the standalone GIT repo for virt-install only live on as a support branch for legacy platforms. A stable-0.9 branch of virt-manager can be kept for legacy PyGtk2 based virt-manager releases. The virt-manager master branch should exclusively use GObject inspection and ideally Python3 and contain both the virt-manager and virt-install codebases in one since they are intimately related to each other & using separate GIT repos has needlessly complicated life for everyone. crobinso: Some locking fixes Misc cleanups and dropping now-useless code Fix dbus usage Fix graph cell renderer regression Fix a couple tooltip issues
2012-05-14 14:24:56 +01:00
ent = Gtk.Entry()
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
if cred[0] == libvirt.VIR_CRED_PASSPHRASE:
ent.set_visibility(False)
ent.connect("activate", _on_ent_activate)
entry.append(ent)
Convert to use GTK3 and GObject Introspection bindings Switch over to use GObject introspection bindings for all python modules related to GObject/GTK3/etc. It is not possible to mix and match old pyggtk/pygobject manual bindings with new introspection based bindings so it must be all changed in one go. Imports like import gtk Change to from gi.repository import Gtk The vmmGObject class is changed to always inherit from GObject.GObject There is no compelling reason to avoid a GObject dep for the virt-manager TUI & it horribly messed up the code. Signal declarations are changed from vmmChooseCD.signal_new(vmmChooseCD, "cdrom-chosen", [object, str]) To __gsignals__ = { "cdrom-chosen": (GObject.SignalFlags.RUN_FIRST, None, [object, str]) } which is required by new GObject bindings Most of the rest of the change is simply dealing with renamed constants / classes. Alot of legacy compat code was removed - ie helpers which check to see if certain GTK2 methods are available are no longer required since we're mandating GTK3 only. The event loop is replaced with LibvirtGLib's event loop. Still todo - Rip out all DBus stuff & make vmmEngine class inherit GtkApplication which provides unique support & DBus method handling - Switch to use LibvirtGConfig & LibvirtGObject for libvirt interaction - Possibly switch to Python 3 too ? - Figure out why GNOME keyring is missing Introspection support My suggestion is that the standalone GIT repo for virt-install only live on as a support branch for legacy platforms. A stable-0.9 branch of virt-manager can be kept for legacy PyGtk2 based virt-manager releases. The virt-manager master branch should exclusively use GObject inspection and ideally Python3 and contain both the virt-manager and virt-install codebases in one since they are intimately related to each other & using separate GIT repos has needlessly complicated life for everyone. crobinso: Some locking fixes Misc cleanups and dropping now-useless code Fix dbus usage Fix graph cell renderer regression Fix a couple tooltip issues
2012-05-14 14:24:56 +01:00
box.attach(label[row], 0, 1, row, row + 1, Gtk.AttachOptions.FILL, 0, 0, 0)
box.attach(entry[row], 1, 2, row, row + 1, Gtk.AttachOptions.FILL, 0, 0, 0)
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
row = row + 1
vbox = dialog.get_child()
vbox.add(box)
dialog.show_all()
res = dialog.run()
dialog.hide()
Convert to use GTK3 and GObject Introspection bindings Switch over to use GObject introspection bindings for all python modules related to GObject/GTK3/etc. It is not possible to mix and match old pyggtk/pygobject manual bindings with new introspection based bindings so it must be all changed in one go. Imports like import gtk Change to from gi.repository import Gtk The vmmGObject class is changed to always inherit from GObject.GObject There is no compelling reason to avoid a GObject dep for the virt-manager TUI & it horribly messed up the code. Signal declarations are changed from vmmChooseCD.signal_new(vmmChooseCD, "cdrom-chosen", [object, str]) To __gsignals__ = { "cdrom-chosen": (GObject.SignalFlags.RUN_FIRST, None, [object, str]) } which is required by new GObject bindings Most of the rest of the change is simply dealing with renamed constants / classes. Alot of legacy compat code was removed - ie helpers which check to see if certain GTK2 methods are available are no longer required since we're mandating GTK3 only. The event loop is replaced with LibvirtGLib's event loop. Still todo - Rip out all DBus stuff & make vmmEngine class inherit GtkApplication which provides unique support & DBus method handling - Switch to use LibvirtGConfig & LibvirtGObject for libvirt interaction - Possibly switch to Python 3 too ? - Figure out why GNOME keyring is missing Introspection support My suggestion is that the standalone GIT repo for virt-install only live on as a support branch for legacy platforms. A stable-0.9 branch of virt-manager can be kept for legacy PyGtk2 based virt-manager releases. The virt-manager master branch should exclusively use GObject inspection and ideally Python3 and contain both the virt-manager and virt-install codebases in one since they are intimately related to each other & using separate GIT repos has needlessly complicated life for everyone. crobinso: Some locking fixes Misc cleanups and dropping now-useless code Fix dbus usage Fix graph cell renderer regression Fix a couple tooltip issues
2012-05-14 14:24:56 +01:00
if res == Gtk.ResponseType.OK:
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
row = 0
for cred in creds:
cred[4] = entry[row].get_text()
row = row + 1
Drop use of gtk threading In general it complicates things for minor simplifications in some cases. I think it's better just to learn that anything invoked from a thread that _might_ touch the UI should just be dispatched in an idle callback. Anything UI bits that we need immediately in a thread can just use some creative trickery (like is done in connectauth) to block in a safe manner.
2012-02-10 14:07:51 -05:00
ret = 0
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
else:
Drop use of gtk threading In general it complicates things for minor simplifications in some cases. I think it's better just to learn that anything invoked from a thread that _might_ touch the UI should just be dispatched in an idle callback. Anything UI bits that we need immediately in a thread can just use some creative trickery (like is done in connectauth) to block in a safe manner.
2012-02-10 14:07:51 -05:00
ret = -1
dialog.destroy()
return ret
connection: Move auth helpers to own file
2012-02-10 07:54:32 -05:00
def acquire_tgt():
"""
Try to get kerberos ticket if openAuth seems to require it
"""
logging.debug("In acquire tgt.")
try:
bus = dbus.SessionBus()
ka = bus.get_object('org.gnome.KrbAuthDialog',
'/org/gnome/KrbAuthDialog')
ret = ka.acquireTgt("", dbus_interface='org.gnome.KrbAuthDialog')
except Exception, e:
logging.info("Cannot acquire tgt" + str(e))
ret = False
return ret
Reference in New Issue Copy Permalink