Re: [Spacewalk-devel] Deployment of images built with SUSE Studio
Johannes Renner wrote: % On 06/04/2012 08:47 PM, Miroslav Suchy wrote: % So here is the latest version of the patches. % % Committed (with some white space and check style fixes). Thanks for contribution. % % Thank you very much, here is already a first follow up patch: % % Replace default string with the new constant RhnHelper.DEFAULT_FORWARD, % just for being consistent with recent changes here. % % Regards, % Johannes Applied. Thanks. -- Michael Mráka Satellite Engineering, Red Hat ___ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel
[Spacewalk-devel] YUM RHN Lock Plugin
While RHN has a limitation on locking the host from the Web UI, user is still
able to run yum operations from the host (granted user has proper access).
I wrote a simple YUM plugin to check if the host is locked in RHN and if it is,
prevent yum usage on the host.
Needless to say, this is proof of concept and my python skills are lacking,
nevertheless it works.
TODO:
* Move Authentication part into config - easy to do but not secure
* Use alternative method of authentication used by rhnplugin - need to see how
that can be done - if it all possible
I need help with understanding how i can leverage rhnplugin type of auth with
RHN Lock Yum Plugin.
The proof of concept code is below - if you could make any suggestions and
improvements - it would be appreciated.
Thanks
ilya
--- /etc/yum/pluginconf.d/rhnlockplugin.conf
[main]
enabled=1
-- /usr/share/yum-plugins/rhnlockplugin.py --
from yum.plugins import PluginYumExit, TYPE_CORE, TYPE_INTERACTIVE
from xml.dom import minidom
import xmlrpclib
requires_api_version = '2.3'
plugin_type = (TYPE_CORE, TYPE_INTERACTIVE)
def init_hook(conduit):
conduit.info(2, 'Checking if system is locked in RHN/Spacewalk')
SATELLITE_URL = http://spacewalk.hostname.com/rpc/api;
SATELLITE_LOGIN = admin
SATELLITE_PASSWORD = password
client = xmlrpclib.Server(SATELLITE_URL, verbose=0)
key = client.auth.login(SATELLITE_LOGIN, SATELLITE_PASSWORD)
#--
def getSystemID(xml):
Print out all names found in xml
doc = minidom.parse(xml)
node = doc.documentElement
members = doc.getElementsByTagName(member)
for member in members:
name = member.getElementsByTagName(name)[0].firstChild.data
if name == system_id:
value = \
member.getElementsByTagName(string)[0].firstChild.data
return value.replace(ID-,)
def getLockStatus(sysID):
Function to check if the host is locked
details = client.system.getDetails(key, int(sysID))
if details['lock_status']:
#print ERROR: Skipping RHN/Spacewalk locked system %s % sysID
raise PluginYumExit('ERROR: Skipping RHN/Spacewalk locked system:
%s' % sysID)
else:
print NOTE: This host in not locked in RHN/Spacewalk
systemIDfile = '/etc/sysconfig/rhn/systemid'
mySystemID = getSystemID(systemIDfile)
getLockStatus(getSystemID(systemIDfile))
client.auth.logout(key)
---
___
Spacewalk-devel mailing list
Spacewalk-devel@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-devel
Re: [Spacewalk-devel] YUM RHN Lock Plugin
Would anyone know if up2dateAuth module could be used to replace
username/password auth to query RHN/SPWLK server via RHN API?
On Jun 7, 2012, at 6:33 PM, Musayev, Ilya imusa...@webmd.net wrote:
While RHN has a limitation on locking the host from the Web UI, user is still
able to run yum operations from the host (granted user has proper access).
I wrote a simple YUM plugin to check if the host is locked in RHN and if it
is, prevent yum usage on the host.
Needless to say, this is proof of concept and my python skills are lacking,
nevertheless it works.
TODO:
* Move Authentication part into config - easy to do but not secure
* Use alternative method of authentication used by rhnplugin - need to see
how that can be done - if it all possible
I need help with understanding how i can leverage rhnplugin type of auth with
RHN Lock Yum Plugin.
The proof of concept code is below - if you could make any suggestions and
improvements - it would be appreciated.
Thanks
ilya
--- /etc/yum/pluginconf.d/rhnlockplugin.conf
[main]
enabled=1
-- /usr/share/yum-plugins/rhnlockplugin.py --
from yum.plugins import PluginYumExit, TYPE_CORE, TYPE_INTERACTIVE
from xml.dom import minidom
import xmlrpclib
requires_api_version = '2.3'
plugin_type = (TYPE_CORE, TYPE_INTERACTIVE)
def init_hook(conduit):
conduit.info(2, 'Checking if system is locked in RHN/Spacewalk')
SATELLITE_URL = http://spacewalk.hostname.com/rpc/api;
SATELLITE_LOGIN = admin
SATELLITE_PASSWORD = password
client = xmlrpclib.Server(SATELLITE_URL, verbose=0)
key = client.auth.login(SATELLITE_LOGIN, SATELLITE_PASSWORD)
#--
def getSystemID(xml):
Print out all names found in xml
doc = minidom.parse(xml)
node = doc.documentElement
members = doc.getElementsByTagName(member)
for member in members:
name = member.getElementsByTagName(name)[0].firstChild.data
if name == system_id:
value = \
member.getElementsByTagName(string)[0].firstChild.data
return value.replace(ID-,)
def getLockStatus(sysID):
Function to check if the host is locked
details = client.system.getDetails(key, int(sysID))
if details['lock_status']:
#print ERROR: Skipping RHN/Spacewalk locked system %s % sysID
raise PluginYumExit('ERROR: Skipping RHN/Spacewalk locked system:
%s' % sysID)
else:
print NOTE: This host in not locked in RHN/Spacewalk
systemIDfile = '/etc/sysconfig/rhn/systemid'
mySystemID = getSystemID(systemIDfile)
getLockStatus(getSystemID(systemIDfile))
client.auth.logout(key)
---
___
Spacewalk-devel mailing list
Spacewalk-devel@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-devel
___
Spacewalk-devel mailing list
Spacewalk-devel@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-devel
