Would anyone know if up2dateAuth module could be used to replace username/password auth to query RHN/SPWLK server via RHN API?
On Jun 7, 2012, at 6:33 PM, "Musayev, Ilya" <imusa...@webmd.net> wrote: > While RHN has a limitation on locking the host from the Web UI, user is still > able to run yum operations from the host (granted user has proper access). > > I wrote a simple YUM plugin to check if the host is locked in RHN and if it > is, prevent yum usage on the host. > > Needless to say, this is proof of concept and my python skills are lacking, > nevertheless it works. > > TODO: > * Move Authentication part into config - easy to do but not secure > * Use alternative method of authentication used by rhnplugin - need to see > how that can be done - if it all possible > > I need help with understanding how i can leverage rhnplugin type of auth with > RHN Lock Yum Plugin. > > The proof of concept code is below - if you could make any suggestions and > improvements - it would be appreciated. > > > Thanks > ilya > > > > ----------- /etc/yum/pluginconf.d/rhnlockplugin.conf -------- > [main] > enabled=1 > ------------ > > > ---------- /usr/share/yum-plugins/rhnlockplugin.py ---------- > > from yum.plugins import PluginYumExit, TYPE_CORE, TYPE_INTERACTIVE > from xml.dom import minidom > import xmlrpclib > > requires_api_version = '2.3' > plugin_type = (TYPE_CORE, TYPE_INTERACTIVE) > > def init_hook(conduit): > conduit.info(2, 'Checking if system is locked in RHN/Spacewalk') > SATELLITE_URL = "http://spacewalk.hostname.com/rpc/api"; > SATELLITE_LOGIN = "admin" > SATELLITE_PASSWORD = "password" > > client = xmlrpclib.Server(SATELLITE_URL, verbose=0) > > key = client.auth.login(SATELLITE_LOGIN, SATELLITE_PASSWORD) > > #---------------------------------------------------------------------- > def getSystemID(xml): > """ > Print out all names found in xml > """ > doc = minidom.parse(xml) > node = doc.documentElement > members = doc.getElementsByTagName("member") > > for member in members: > name = member.getElementsByTagName("name")[0].firstChild.data > if name == "system_id": > value = \ > member.getElementsByTagName("string")[0].firstChild.data > return value.replace("ID-","") > > def getLockStatus(sysID): > """ > Function to check if the host is locked > """ > details = client.system.getDetails(key, int(sysID)) > if details['lock_status']: > #print "ERROR: Skipping RHN/Spacewalk locked system %s" % sysID > raise PluginYumExit('ERROR: Skipping RHN/Spacewalk locked system: > %s' % sysID) > else: > print "NOTE: This host in not locked in RHN/Spacewalk" > > systemIDfile = '/etc/sysconfig/rhn/systemid' > mySystemID = getSystemID(systemIDfile) > getLockStatus(getSystemID(systemIDfile)) > > client.auth.logout(key) > ----------------------------------- > > _______________________________________________ > Spacewalk-devel mailing list > Spacewalk-devel@redhat.com > https://www.redhat.com/mailman/listinfo/spacewalk-devel > _______________________________________________ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel
