Commit f1211ab7 authored by Daniele Venzano's avatar Daniele Venzano

Use PAM module instead of su for PAM login

parent 74489c4a
......@@ -37,7 +37,7 @@ class APIEndpoint:
:type master: zoe_api.master_api.APIManager
:type sql: zoe_lib.sql_manager.SQLManager
"""
def __init__(self, master_api, sql_manager: zoe_lib.state.SQLManager):
def __init__(self, master_api, sql_manager: zoe_lib.state.sql_manager.SQLManager):
self.master = master_api
self.sql = sql_manager
......
......@@ -18,7 +18,7 @@
import logging
from typing import Union
import pexpect
import pam
from zoe_api.auth.file import PlainTextAuthenticator
from zoe_api.auth.ldap import LDAPAuthenticator
......@@ -56,18 +56,24 @@ class BaseAuthenticator:
def pam_authenticate(username, password):
"""Use su for testing credentials. Using directly the PAM library would be easier, but would also require Zoe to run as root."""
"""Use the PAM module to authenticate. Zoe needs access to /etc/shadow."""
try:
child = pexpect.spawn('/bin/su', ['-', username])
child.expect('Password:')
child.sendline(password)
result = child.expect(['su: Authentication failure', username])
child.close()
except pexpect.TIMEOUT as err:
log.error("Error authenticating. Reason: {}".format(err))
return False
if result == 0:
return False
else:
return True
p = pam.pam()
return p.authenticate(username, password)
# def pam_authenticate(username, password):
# """Use su for testing credentials. Using directly the PAM library would be easier, but would also require Zoe to run as root."""
#
# try:
# child = pexpect.spawn('/bin/su', ['-', username])
# child.expect('Password:')
# child.sendline(password)
# result = child.expect(['su: Authentication failure', username])
# child.close()
# except pexpect.TIMEOUT as err:
# log.error("Error authenticating. Reason: {}".format(err))
# return False
# if result == 0:
# return False
# else:
# return True
......@@ -147,16 +147,16 @@ def quota_ls_cmd(api: ZoeAPI, args):
if 'name' in args:
filters['name'] = args.name
quotas = api.quota.list(filters)
tabular_data = [[q['id'], q['name'], q['concurrent_executions'], q['memory'], q['cores']] for q in sorted(quotas, key=lambda x: x['id'])]
headers = ['ID', 'Name', 'Conc. Executions', 'Memory', 'Cores']
tabular_data = [[q['id'], q['name'], q['concurrent_executions'], q['memory'], q['cores'], quota['runtime_limit']] for q in sorted(quotas, key=lambda x: x['id'])]
headers = ['ID', 'Name', 'Conc. Executions', 'Memory', 'Cores', 'Runtime limit (h)']
print(tabulate(tabular_data, headers))
def quota_get_cmd(api: ZoeAPI, args):
"""Get a quota by its ID."""
quota = api.quota.get(args.id)
tabular_data = [[quota['id'], quota['name'], quota['concurrent_executions'], quota['memory'], quota['cores']]]
headers = ['ID', 'Name', 'Conc. Executions', 'Memory', 'Cores']
tabular_data = [[quota['id'], quota['name'], quota['concurrent_executions'], quota['memory'], quota['cores'], quota['runtime_limit']]]
headers = ['ID', 'Name', 'Conc. Executions', 'Memory', 'Cores', 'Runtime limit (h)']
print(tabulate(tabular_data, headers))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment