projects / arvados.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3eedcb3)
added /etc/default/arvados_pam as a parameter
authorNico Cesar <nico@curoverse.com>
Wed, 8 Jul 2015 15:30:49 +0000 (11:30 -0400)
committerNico Cesar <nico@curoverse.com>
Wed, 8 Jul 2015 15:30:49 +0000 (11:30 -0400)
refs #6512

sdk/pam/arvados_pam.py patch | blob | history
sdk/pam/debian/arvados_pam [new file with mode: 0644] patch | blob

diff --git a/sdk/pam/arvados_pam.py b/sdk/pam/arvados_pam.py
index 84eef244cbe14f3bef29106881b27eee6b247038..bc65b0629426143c2575c52fbd833f48d60ea175 100644 (file)
--- a/sdk/pam/arvados_pam.py
+++ b/sdk/pam/arvados_pam.py
@@ -14,25 +14,30 @@ def auth_log(msg):
 
 def check_arvados_token(requested_username, token):
     auth_log("%s %s" % (requested_username, token))
-    ARVADOS_API_HOST='4xphq.arvadosapi.com' ## FIXME replace with puppet
-    # BUG: hostname stored on the API is just "foo.shell", not "foo.shell.zzzzz.arvadosapi.com"!
-    my_hostname='shell' ## FIXME replace with puppet
 
     try:
-       arv = arvados.api('v1',host=ARVADOS_API_HOST, token=token, cache=None)
+       f=file('/etc/default/arvados_pam')
+       config=dict([l for l in f.readlines() if not l.startswith('#') or l.strip()==""])
+       arvados_api_host=config['ARVADOS_API_HOST'].strip()
+       hostname=config['HOSTNAME'].strip()
+    except Exception as e:
+       auth_log("problem getting default values" % (str(e)))
+
+    try:
+       arv = arvados.api('v1',host=arvados_api_host, token=token, cache=None)
     except Exception as e:
        auth_log(str(e))
        return False
 
     try:
-       matches = arv.virtual_machines().list(filters=[['hostname','=',my_hostname]]).execute()['items']
+       matches = arv.virtual_machines().list(filters=[['hostname','=',hostname]]).execute()['items']
     except Exception as e:
        auth_log(str(e))
        return False
 
 
     if len(matches) != 1:
-        auth_log("libpam_arvados could not dertermine vm uuid for '%s'" % my_hostname)
+        auth_log("libpam_arvados could not dertermine vm uuid for '%s'" % hostname)
         return False
 
     this_vm_uuid = matches[0]['uuid']
diff --git a/sdk/pam/debian/arvados_pam b/sdk/pam/debian/arvados_pam
new file mode 100644 (file)
index 0000000..eae61d9
--- /dev/null
+++ b/sdk/pam/debian/arvados_pam
@@ -0,0 +1,10 @@
+# Default values for libpam arvados module
+#
+# ARVADOS_API_HOST should be te api hosts.
+# should be reachable, and will be called
+# from arvados_pam.py using Arvados Python SDK
+ARVADOS_API_HOST=zzzzz.arvadosapi.com
+
+# HOSTNAME is the hostname as is stored in the API object
+# something like "foo.shell" or "shell", but not"foo.shell.zzzzz.arvadosapi.com"!
+HOSTNAME=shell