emissary 1.3.18 → 1.3.19

data/lib/emissary/agent/ping.rb

@@ -1,37 +0,0 @@
-#   Copyright 2010 The New York Times
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
-#
-#
-module Emissary
-  class Agent::Ping < Agent
-    def valid_methods
-      [:ping, :pong]
-    end
-    
-    def ping
-      reply = message.response
-      reply.method = :pong
-
-      ::Emissary.logger.debug "Received PING: originator: #{message.originator}"
-      ::Emissary.logger.debug "Sending PONG : originator: #{reply.originator}"
-
-      reply
-    end
-    
-    def pong
-      ::Emissary.logger.debug "Received PONG"
-      throw :skip_implicit_response
-    end
-  end
-end

data/lib/emissary/agent/proxy.rb

@@ -1,26 +0,0 @@
-#   Copyright 2010 The New York Times
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
-#
-#
-module Emissary
-  class Agent::Proxy < Agent
-    def valid_methods
-      [ :any ]
-    end
-		
-    def activate
-      throw :skip_implicit_response 
-    end
-  end
-end

data/lib/emissary/agent/rabbitmq.rb

@@ -1,233 +0,0 @@
-#   Copyright 2010 The New York Times
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
-#
-#
-require 'escape'
-
-module Emissary
-  class Agent::Rabbitmq < Agent
-    NIMBUL_VHOST    = '/nimbul'
-
-    NODE_CONFIG_ACL = '^i-[a-f0-9.]+$'
-    NODE_READ_ACL   = '^(amq.*|i-[a-f0-9.]+|request.%%ID%%.*)$'
-    NODE_WRITE_ACL  = '^(amq.*|i-[a-f0-9.]+|(startup|info|shutdown).%%ID%%.*|nimbul)$'
-    
-    QUEUE_INFO_ITEMS = %w[
-        name durable auto_delete arguments pid owner_pid
-        exclusive_consumer_pid exclusive_consumer_tag
-        messages_ready messages_unacknowledged messages_uncommitted
-        messages acks_uncommitted consumers transactions memory      
-    ]
-    
-    EXCHANGE_INFO_ITEMS = %w[
-      name type durable auto_delete arguments
-    ]
-    
-    CONNECTION_INFO_ITEMS = %w[
-        pid address port peer_address peer_port state channels user
-        vhost timeout frame_max client_properties recv_oct recv_cnt
-        send_oct send_cnt send_pend
-    ]
-    
-    CHANNEL_INFO_ITEMS = %w[
-      pid connection number user vhost transactional consumer_count
-      messages_unacknowledged acks_uncommitted prefetch_count
-    ]
-    
-    BINDINGS_INFO_COLUMNS = %w[ exchange_name queue_name routing_key arguments ]
-    CONSUMER_INFO_COLUMNS = %w[ queue_name channel_process_id consumer_tag must_acknowledge ]
-    
-    class CommandExecutionError < StandardError; end
-
-    def valid_methods
-      [
-        :add_user,
-        :delete_user,
-        :change_password,
-        :list_users,
-        
-        :add_vhost,
-        :delete_vhost,
-        :list_vhosts,
-        
-        :add_node_account,
-        :del_node_account,
-        
-        :list_user_vhosts,
-        :list_vhost_users,
-        
-        :list_queues,
-        :list_bindings,
-        :list_exchanges,
-        :list_connections,
-        :list_channels,
-        :list_consumers
-      ]
-    end
-  
-    def list_queues(vhost)
-      vhost = vhost.empty? ? '/' : vhost
-      rabbitmqctl(:list_queues, '-p', vhost, QUEUE_INFO_ITEMS.join(" ")).collect do |line|
-        Hash[*QUEUE_INFO_ITEMS.zip(line.split(/\s+/)).flatten]
-      end
-    end
-    
-    def list_bindings(vhost)
-      vhost = vhost.empty? ? '/' : vhost
-      rabbitmqctl(:list_bindings, '-p', vhost).collect do |line|
-        Hash[*BINDINGS_INFO_COLUMNS.zip(line.split(/\s+/)).flatten]
-      end
-    end
-
-    def list_exchanges(vhost)
-      vhost = vhost.empty? ? '/' : vhost
-      rabbitmqctl(:list_exchanges, '-p', vhost, EXCHANGE_INFO_ITEMS.join(" ")).collect do |line|
-        Hash[*EXCHANGE_INFO_ITEMS.zip(line.split(/\s+/)).flatten]
-      end
-    end
-      
-    def list_connections
-      rabbitmqctl(:list_connections, CONNECTION_INFO_ITEMS.join(" ")).collect do |line|
-        Hash[*CONNECTION_INFO_ITEMS.zip(line.split(/\s+/)).flatten]
-      end
-    end
-      
-    def list_channels
-      rabbitmqctl(:list_channels, CHANNEL_INFO_ITEMS.join(" ")).collect do |line|
-        Hash[*CHANNEL_INFO_ITEMS.zip(line.split(/\s+/)).flatten]
-      end
-    end
-    
-    def list_consumers(vhost)
-      vhost = vhost.empty? ? '/' : vhost
-      rabbitmqctl(:list_consumers, '-p', vhost).collect do |line|
-        Hash[*CONSUMER_INFO_COLUMNS.zip(line.split(/\s+/)).flatten]
-      end
-    end
-
-    def list_users
-      rabbitmqctl(:list_users)
-    end
-    
-    def list_vhosts
-      rabbitmqctl(:list_vhosts)
-    end
-    
-    def list_vhost_users(vhost)
-      vhost = vhost.empty? ? '/' : vhost
-      rabbitmqctl(:list_permissions, '-p', vhost).flatten.select { |l|
-        !l.nil?
-      }.collect {
-        |l| l.split(/\s+/)[0]
-      }
-    end
-    
-    def list_user_vhosts(user)
-      list_vhosts.select { |vhost| list_vhost_users(vhost).include? user }
-    end
-
-    def set_vhost_permissions(user, vhost, config, write, read)
-      vhost = vhost.empty? ? '/' : vhost
-      rabbitmqctl(:set_permissions, '-p', vhost, user, config, write, read)
-    end
-    
-    def del_vhost_permissions(user, vhost)
-      vhost = vhost.empty? ? '/' : vhost
-      rabbitmqctl(:clear_permissions, '-p', vhost, user)
-    end
-
-    def add_node_account_acl(user, namespace_id)
-      config_acl = NODE_CONFIG_ACL.gsub('%%ID%%', namespace_id.to_s)
-      write_acl  = NODE_WRITE_ACL.gsub('%%ID%%', namespace_id.to_s)
-      read_acl   = NODE_READ_ACL.gsub('%%ID%%', namespace_id.to_s)
-      
-      begin      
-        set_vhost_permissions(user, NIMBUL_VHOST, config_acl, write_acl, read_acl)
-      rescue CommandExecutionError => e
-        "problem adding account acls for user: #{user}: #{e.message}"
-      else
-        "successfully added account acls for user: #{user}"
-      end
-    end
-
-    def add_node_account(user, password, namespace_id)
-      begin
-        add_user(user, password)
-        add_node_account_acl(user, namespace_id.to_s)
-      rescue CommandExecutionError => e
-        "failed to add new node account: #{user}:#{namespace_id.to_s}"
-      end
-    end
-    
-    def del_node_account_acl(user, vhost)
-      begin
-        del_vhost_permissions(user, vhost)
-      rescue CommandExecutionError => e
-        "problem unmapping user from vhost: #{user}:#{vhost} #{e.message}"
-      else
-        "successfully unmapped user from vhost: #{user}:#{vhost}"
-      end
-    end
-  
-    def add_vhost(path)
-      begin
-        !!rabbitmqctl(:add_vhost, path)
-      rescue CommandExecutionError => e
-        raise e unless e.message.include? 'vhost_already_exists'
-      end
-    end
-    
-    def add_user(user, pass)
-      begin
-        !!rabbitmqctl(:add_user, user, pass)
-      rescue CommandExecutionError => e
-        raise e unless e.message.include? 'user_already_exists'
-      end
-    end
-    
-    def change_password(user, pass)
-      begin
-        !!rabbitmqctl(:change_password, user, pass)
-      rescue CommandExecutionError => e
-        return false if e.message.include? 'no_such_user'
-        raise e 
-      end
-    end
-    
-    def delete_user(user)
-      begin
-        !!rabbitmqctl(:delete_user, user)
-      rescue CommandExecutionError => e
-        raise e unless e.message.include? 'no_such_user'
-      end
-    end
-    
-    def delete_vhost(path)
-      begin
-        !!rabbitmqctl(:delete_vhost, path)
-      rescue CommandExecutionError => e
-        raise e unless e.message.include? 'no_such_vhost'
-      end
-    end
-
-    def rabbitmqctl(*args)
-      result = []
-      `rabbitmqctl #{Escape.shell_command([*args.collect{|a| a.to_s}])} 2>&1`.each do |line|
-        raise CommandExecutionError, $1 if line =~ /Error: (.*)/
-        result << line.chomp unless line =~ /\.\.\./
-      end
-      result
-    end
-  end
-end

data/lib/emissary/agent/sshkeys.rb

@@ -1,152 +0,0 @@
-#   Copyright 2010 The New York Times
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
-#
-#
-require 'digest/md5'
-require 'base64'
-require 'etc'
-
-module Emissary
-  class Agent::Sshkeys < Agent
-    AUTH_KEY_FILE = '.ssh/authorized_keys'
-
-    attr_reader :user
-    
-    def valid_methods
-      [ :add, :delete, :update ]
-    end
-    
-    def post_init
-      begin
-        @user = Etc.getpwnam(args.shift)
-      rescue ArgumentError => e
-        if e.message =~ /can't find user/
-          raise "User '#{args.first}' does not exist on this system"
-        else
-          raise "Unhandled error attempting to retrieve data on user [#{args.first}]: #{e.message}"
-        end
-      end
-    end
-    
-    def add pubkey
-      raise "Missing 'key_uri' argument - can't download key!" if pubkey.nil?
-
-      pubkey_name = Digest::MD5.hexdigest(pubkey.split(/\s+/).join(' ').chomp)
-
-      begin
-        keys = get_keys(user)
-        if not keys.has_key?(pubkey_name)
-          keys[pubkey_name] = pubkey
-          write_keys(user, keys)
-          result = "Successfully added key [#{pubkey_name}] to user [#{user.name}]"
-        else
-          result = "Could not add key [#{pubkey_name}] to user [#{user.name}] - key already exists!"
-        end
-      rescue Exception => e
-        raise Exception, 'Possibly unable to add user key - error was: ' + e.message, caller
-      end
-
-      return result
-    end
-    
-    def delete pubkey
-      return 'No authorized_keys file - nothing changed' if not File.exists?(File.join(user.dir, AUTH_KEY_FILE))
-  
-      keyname = Digest::MD5.hexdigest(pubkey)
-      begin
-        keys = get_keys(user)
-        if keys.has_key?(keyname)
-          keys.delete(keyname)
-          write_keys(user, keys)
-          result = "Successfully removed key [#{keyname}] from user [#{user.name}]"
-        else
-          result = "Could not remove key [#{keyname}] from user [#{user.name}] - key not there!"
-        end
-      rescue Exception => e
-        raise "Possibly unable to remove key #{keyname} for user #{user.name} - error was: #{e.message}"
-      end
-  
-      return result
-    end
-
-    def update oldkey, newkey
-      return 'Not implemented'
-    end
-    
-    private
-    
-    def write_keys(user, keys)
-      auth_file_do(user, 'w') do |fp|
-        fp << keys.values.join("\n")
-      end
-    end
-  
-    def get_keys(user)
-      ::Emissary.logger.debug "retreiving ssh keys from file #{File.join(user.dir, AUTH_KEY_FILE)}"
-  
-      keys = {}
-      auth_file_do(user, 'r') do |fp|
-        fp.readlines.each do |line|
-          keys[Digest::MD5.hexdigest(line.chomp)] = line.chomp
-        end
-      end
-  
-      return keys
-    end
-  
-    def auth_file_setup(user)
-      user_auth_file = File.join(user.dir, AUTH_KEY_FILE)
-      user_ssh_dir   = File.dirname(user_auth_file)
-  
-      begin
-        if not File.directory?(user_ssh_dir)
-          Dir.mkdir(user_ssh_dir)
-          File.open(user_ssh_dir) do |f|
-            f.chown(user.uid, user.gid)
-            f.chmod(0700)
-          end
-        end
-        if not File.exists?(user_auth_file)
-          File.open(user_auth_file, 'a') do |f|
-            f.chown(user.uid, user.gid)
-            f.chmod(0600)
-          end
-        end
-      rescue Exception => e
-        raise "Error creating #{user_auth_file} -- #{e.message}"
-      end
-  
-      return user_auth_file
-    end
-  
-    def auth_file_do(user, mode = 'r', &block)
-      begin
-        auth_file = auth_file_setup(user)
-        File.open(auth_file, mode) do |f|
-          f.flock File::LOCK_EX
-          yield(f)
-          f.flock File::LOCK_UN
-        end
-      rescue Exception => e
-        case mode
-          when 'r': mode = 'reading from'
-          when 'a': mode = 'appending to'
-          when 'w': mode = 'writing to'
-          else mode = "unknown operation #{mode} for File.open() on "
-        end
-        raise "Error #{mode} file '#{auth_file}' --  #{e.message}"
-      end
-    end
-  end
-end