import (
"io/ioutil"
"log/syslog"
+ "os"
"context"
"errors"
} else if arg == "debug" {
logger.SetLevel(logrus.DebugLevel)
} else {
- logger.Warnf("unkown option: %s\n", arg)
+ logger.Warnf("unknown option: %s\n", arg)
}
}
+ if hostname == "" || hostname == "-" {
+ h, err := os.Hostname()
+ if err != nil {
+ logger.WithError(err).Warnf("cannot get hostname -- try using an explicit hostname in pam config")
+ return fmt.Errorf("cannot get hostname: %w", err)
+ }
+ hostname = h
+ }
logger.Debugf("username=%q arvados_api_host=%q hostname=%q insecure=%t", username, apiHost, hostname, insecure)
- if apiHost == "" || hostname == "" {
+ if apiHost == "" {
logger.Warnf("cannot authenticate: config error: arvados_api_host and hostname must be non-empty")
return errors.New("config error")
}
return err
}
if len(vms.Items) == 0 {
- return fmt.Errorf("no results for hostname %q", hostname)
+ // It's possible there is no VM entry for the
+ // configured hostname, but typically this just means
+ // the user does not have permission to see (let alone
+ // log in to) this VM.
+ return errors.New("permission denied")
} else if len(vms.Items) > 1 {
return fmt.Errorf("multiple results for hostname %q", hostname)
} else if vms.Items[0].Hostname != hostname {