opennebula 4.8.0 → 4.9.80.beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/NOTICE +1 -1
  3. data/lib/opennebula.rb +1 -1
  4. data/lib/opennebula/ldap_auth.rb +97 -11
  5. data/lib/opennebula/ssh_auth.rb +3 -27
  6. data/lib/opennebula/user.rb +15 -1
  7. data/lib/opennebula/virtual_machine.rb +12 -3
  8. data/lib/opennebula/x509_auth.rb +5 -35
  9. metadata +18 -18
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a6fa857703d3467963c8695ce0b2fa13a395b98b
4
- data.tar.gz: 1f8e477fd663688db8e3dfc0c42294b2c487a78f
3
+ metadata.gz: 42545275d236ad905c7717b1927435e9a488a90f
4
+ data.tar.gz: 816f67281352c3d865624c23192837ebb5f37fa6
5
5
  SHA512:
6
- metadata.gz: ecca11cfc987315d5b9920da0b3149246306e28148ccce3d4dd88d6f711b55cc93f9a025892022ffb756e6e1b1b5ec730a7c1f2cc5e347c46809ccb6fb40a688
7
- data.tar.gz: 6294197a08dc4c6a1c0951caba175e4daf6d325a7cfd2d9e87c5b00f5335b421c33d81d0cc0c89f6d665695c68fb9fa7b568f44f8bc892455052a9c1695075af
6
+ metadata.gz: c4ae1c7e5d8165a72102eb2aaca7c483b7cf14b5fba21a7397c8fe0ccf429b492b729e259bdf33aa4087b7f9a7f08a2ff0dbbbbabd8a8c63996f47a45e3a5491
7
+ data.tar.gz: ba6fecc6ab0d1aa568196d10e23a6c4e8ef9940f62934ebb77405c44eeed2093b5d7ce9204cacbd4ae9d0d7539a5a7b8542460ed9d7bfd19cefe5d407da1557f
data/NOTICE CHANGED
@@ -1,6 +1,6 @@
1
1
  OpenNebula Open Source Project
2
2
  --------------------------------------------------------------------------------
3
- Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs
3
+ Copyright 2002-2014, OpenNebula Project, OpenNebula Systems (formerly C12G Labs)
4
4
  --------------------------------------------------------------------------------
5
5
 
6
6
  You can find more information about the project, release notes and
data/lib/opennebula.rb CHANGED
@@ -56,5 +56,5 @@ require 'opennebula/system'
56
56
  module OpenNebula
57
57
 
58
58
  # OpenNebula version
59
- VERSION = '4.8.0'
59
+ VERSION = '4.9.80'
60
60
  end
data/lib/opennebula/ldap_auth.rb CHANGED
@@ -15,22 +15,39 @@
15
15
  # ---------------------------------------------------------------------------- #
16
16
 
17
17
  require 'rubygems'
18
+ require 'opennebula'
18
19
  require 'net/ldap'
20
+ require 'yaml'
21
+
22
+ if !defined?(ONE_LOCATION)
23
+ ONE_LOCATION=ENV["ONE_LOCATION"]
24
+ end
25
+
26
+ if !ONE_LOCATION
27
+ VAR_LOCATION="/var/lib/one/"
28
+ else
29
+ VAR_LOCATION=ONE_LOCATION+"/var/"
30
+ end
19
31
 
20
32
  module OpenNebula; end
21
33
 
22
34
  class OpenNebula::LdapAuth
23
35
  def initialize(options)
24
36
  @options={
25
- :host => 'localhost',
26
- :port => 389,
27
- :user => nil,
28
- :password => nil,
29
- :base => nil,
30
- :auth_method => :simple,
31
- :user_field => 'cn',
32
- :user_group_field => 'dn',
33
- :group_field => 'member'
37
+ :host => 'localhost',
38
+ :port => 389,
39
+ :user => nil,
40
+ :password => nil,
41
+ :base => nil,
42
+ :auth_method => :simple,
43
+ :user_field => 'cn',
44
+ :user_group_field => 'dn',
45
+ :group_field => 'member',
46
+ :mapping_generate => true,
47
+ :mapping_timeout => 300,
48
+ :mapping_filename => 'server1.yaml',
49
+ :mapping_key => 'GROUP_DN',
50
+ :mapping_default => 1
34
51
  }.merge(options)
35
52
 
36
53
  ops={}
@@ -47,9 +64,61 @@ class OpenNebula::LdapAuth
47
64
  ops[:port]=@options[:port].to_i if @options[:port]
48
65
  ops[:encryption]=@options[:encryption] if @options[:encryption]
49
66
 
67
+ @options[:mapping_file_path] = VAR_LOCATION + @options[:mapping_filename]
68
+ generate_mapping if @options[:mapping_generate]
69
+ load_mapping
70
+
50
71
  @ldap=Net::LDAP.new(ops)
51
72
  end
52
73
 
74
+ def generate_mapping
75
+ file=@options[:mapping_file_path]
76
+ generate = false
77
+
78
+ if File.exists?(file)
79
+ stat = File.stat(file)
80
+ age = Time.now.to_i - stat.mtime.to_i
81
+ generate = true if age > @options[:mapping_timeout]
82
+ else
83
+ generate = true
84
+ end
85
+
86
+ return if !generate
87
+
88
+ client = OpenNebula::Client.new
89
+ group_pool = OpenNebula::GroupPool.new(client)
90
+ group_pool.info
91
+
92
+ groups = group_pool.to_hash['']
93
+ groups=[group_pool.get_hash['GROUP_POOL']['GROUP']].flatten
94
+
95
+ yaml={}
96
+
97
+ groups.each do |group|
98
+ if group['TEMPLATE'] && group['TEMPLATE'][@options[:mapping_key]]
99
+ yaml[group['TEMPLATE'][@options[:mapping_key]]] = group['ID']
100
+ end
101
+ end
102
+
103
+ File.open(file, 'w') do |f|
104
+ f.write(yaml.to_yaml)
105
+ end
106
+ end
107
+
108
+ def load_mapping
109
+ file=@options[:mapping_file_path]
110
+
111
+ @mapping = {}
112
+
113
+ if File.exists?(file)
114
+ @mapping = YAML.load(File.read(file))
115
+ end
116
+
117
+ if @mapping.class != Hash
118
+ @mapping = {}
119
+ end
120
+ end
121
+
53
122
  def find_user(name)
54
123
  begin
55
124
  result=@ldap.search(
@@ -57,12 +126,14 @@ class OpenNebula::LdapAuth
57
126
  :filter => "#{@options[:user_field]}=#{name}")
58
127
 
59
128
  if result && result.first
60
- [result.first.dn, result.first[@options[:user_group_field]]]
129
+ @user = result.first
130
+ [@user.dn, @user[@options[:user_group_field]]]
61
131
  else
62
132
  result=@ldap.search(:base => name)
63
133
 
64
134
  if result && result.first
65
- [name, result.first[@options[:user_group_field]]]
135
+ @user = result.first
136
+ [name, @user[@options[:user_group_field]]]
66
137
  else
67
138
  [nil, nil]
68
139
  end
@@ -99,5 +170,20 @@ class OpenNebula::LdapAuth
99
170
  false
100
171
  end
101
172
  end
173
+
174
+ def get_groups
175
+ groups = []
176
+
177
+ [@user['memberOf']].flatten.each do |group|
178
+ if @mapping[group]
179
+ groups << @mapping[group]
180
+ else
181
+ groups << @options[:mapping_default]
182
+ end
183
+ end
184
+
185
+ groups.delete(false)
186
+ groups.compact
187
+ end
102
188
  end
103
189
 
data/lib/opennebula/ssh_auth.rb CHANGED
@@ -26,8 +26,6 @@ module OpenNebula; end
26
26
  # as auth method is defined. It also holds some helper methods to be used
27
27
  # by oneauth command
28
28
  class OpenNebula::SshAuth
29
- LOGIN_PATH = ENV['HOME']+'/.one/one_ssh'
30
-
31
29
  # Initialize SshAuth object
32
30
  #
33
31
  # @param [Hash] default options for path
@@ -66,35 +64,13 @@ class OpenNebula::SshAuth
66
64
  @public_key_rsa = OpenSSL::PKey::RSA.new(Base64::decode64(@public_key))
67
65
  end
68
66
 
69
- # Creates the login file for ssh authentication at ~/.one/one_ssh.
67
+ # Creates a login token for ssh authentication.
70
68
  # By default it is valid for 1 hour but it can be changed to any number
71
69
  # of seconds with expire parameter (in seconds)
72
- def login(user, expire=3600)
70
+ def login_token(user, expire=3600)
73
71
  expire ||= 3600
74
72
 
75
- # Init proxy file path and creates ~/.one directory if needed
76
- proxy_dir = File.dirname(LOGIN_PATH)
77
-
78
- begin
79
- FileUtils.mkdir_p(proxy_dir)
80
- rescue Errno::EEXIST
81
- end
82
-
83
- # Generate security token
84
- time = Time.now.to_i + expire.to_i
85
-
86
- secret_plain = "#{user}:#{time}"
87
- secret_crypted = encrypt(secret_plain)
88
-
89
- proxy = "#{user}:#{secret_crypted}"
90
-
91
- file = File.open(LOGIN_PATH, "w")
92
- file.write(proxy)
93
- file.close
94
-
95
- File.chmod(0600,LOGIN_PATH)
96
-
97
- secret_crypted
73
+ return encrypt("#{user}:#{Time.now.to_i + expire.to_i}")
98
74
  end
99
75
 
100
76
  # Returns a valid password string to create a user using this auth driver.
data/lib/opennebula/user.rb CHANGED
@@ -33,7 +33,8 @@ module OpenNebula
33
33
  :delgroup => "user.delgroup",
34
34
  :update => "user.update",
35
35
  :chauth => "user.chauth",
36
- :quota => "user.quota"
36
+ :quota => "user.quota",
37
+ :login => "user.login"
37
38
  }
38
39
 
39
40
  SELF = -1
@@ -185,6 +186,19 @@ module OpenNebula
185
186
  return rc
186
187
  end
187
188
 
189
+ # Sets the LOGIN_TOKEN for the user
190
+ #
191
+ # @param username [String] of the user
192
+ # @param token [String] the login token, if empty OpenNebula will
193
+ # generate one
194
+ # @param expire [String] valid period of the token in secs. If <= 0
195
+ # the token will be reset
196
+ # @return [String, OpenNebula::Error] token in case of success, Error
197
+ # otherwise
198
+ def login(username, token, expire)
199
+ return @client.call(USER_METHODS[:login], username, token, expire)
200
+ end
201
+
188
202
  #######################################################################
189
203
  # Helpers to get User information
190
204
  #######################################################################
data/lib/opennebula/virtual_machine.rb CHANGED
@@ -202,9 +202,9 @@ module OpenNebula
202
202
  # @return [String] The USER_TEMPLATE
203
203
  def user_template_xml
204
204
  if NOKOGIRI
205
- @xml.xpath('TEMPLATE').to_s
205
+ @xml.xpath('USER_TEMPLATE').to_s
206
206
  else
207
- @xml.elements['TEMPLATE'].to_s
207
+ @xml.elements['USER_TEMPLATE'].to_s
208
208
  end
209
209
  end
210
210
 
@@ -224,7 +224,11 @@ module OpenNebula
224
224
  def deploy(host_id, enforce=false, ds_id=-1)
225
225
  enforce ||= false
226
226
  ds_id ||= -1
227
- return call(VM_METHODS[:deploy], @pe_id, host_id.to_i, enforce, ds_id.to_i)
227
+ return call(VM_METHODS[:deploy],
228
+ @pe_id,
229
+ host_id.to_i,
230
+ enforce,
231
+ ds_id.to_i)
228
232
  end
229
233
 
230
234
  # Shutdowns an already deployed VM
@@ -587,6 +591,11 @@ module OpenNebula
587
591
  self['GID'].to_i
588
592
  end
589
593
 
594
+ # Returns the deploy_id of the VirtualMachine (numeric value)
595
+ def deploy_id
596
+ self['DEPLOY_ID']
597
+ end
598
+
590
599
  private
591
600
  def action(name)
592
601
  return Error.new('ID not defined') if !@pe_id
data/lib/opennebula/x509_auth.rb CHANGED
@@ -34,8 +34,6 @@ class OpenNebula::X509Auth
34
34
  ETC_LOCATION = ENV["ONE_LOCATION"] + "/etc"
35
35
  end
36
36
 
37
- LOGIN_PATH = ENV['HOME']+'/.one/one_x509'
38
-
39
37
  X509_AUTH_CONF_PATH = ETC_LOCATION + "/auth/x509_auth.conf"
40
38
 
41
39
  X509_DEFAULTS = {
@@ -79,13 +77,6 @@ class OpenNebula::X509Auth
79
77
  # Client side
80
78
  ###########################################################################
81
79
 
82
- # Creates the login file for x509 authentication at ~/.one/one_x509.
83
- # By default it is valid as long as the certificate is valid. It can
84
- # be changed to any number of seconds with expire parameter (sec.)
85
- def login(user, expire=0)
86
- write_login(login_token(user,expire))
87
- end
88
-
89
80
  # Returns a valid password string to create a user using this auth driver.
90
81
  # In this case the dn of the user certificate.
91
82
  def password
@@ -95,8 +86,10 @@ class OpenNebula::X509Auth
95
86
  # Generates a login token in the form:
96
87
  # user_name:x509:user_name:time_expires:cert_chain
97
88
  # - user_name:time_expires is encrypted with the user certificate
98
- # - user_name:time_expires:cert_chain is base64 encoded
99
- def login_token(user, expire)
89
+ # - user_name:time_expires:cert_chain is base64 encoded.
90
+ # By default it is valid as long as the certificate is valid. It can
91
+ # be changed to any number of seconds with expire parameter (sec.)
92
+ def login_token(user, expire=0)
100
93
  if expire != 0
101
94
  expires = Time.now.to_i + expire.to_i
102
95
  else
@@ -107,13 +100,9 @@ class OpenNebula::X509Auth
107
100
  signed_text = encrypt(text_to_sign)
108
101
 
109
102
  certs_pem = @cert_chain.collect{|cert| cert.to_pem}.join(":")
110
-
111
103
  token = "#{signed_text}:#{certs_pem}"
112
- token64 = Base64::encode64(token).strip.delete("\n")
113
104
 
114
- login_out = "#{user}:#{token64}"
115
-
116
- login_out
105
+ return Base64::encode64(token).strip.delete("\n")
117
106
  end
118
107
 
119
108
  ###########################################################################
@@ -150,25 +139,6 @@ class OpenNebula::X509Auth
150
139
  end
151
140
 
152
141
  private
153
- # Writes a login_txt to the login file as defined in LOGIN_PATH
154
- # constant
155
- def write_login(login_txt)
156
- # Inits login file path and creates ~/.one directory if needed
157
- # Set instance variables
158
- login_dir = File.dirname(LOGIN_PATH)
159
-
160
- begin
161
- FileUtils.mkdir_p(login_dir)
162
- rescue Errno::EEXIST
163
- end
164
-
165
- file = File.open(LOGIN_PATH, "w")
166
- file.write(login_txt)
167
- file.close
168
-
169
- File.chmod(0600,LOGIN_PATH)
170
- end
171
-
172
142
  # Load class options form a configuration file (yaml syntax)
173
143
  def load_options(conf_file)
174
144
  if File.readable?(conf_file)
metadata CHANGED
@@ -1,41 +1,41 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: opennebula
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.8.0
4
+ version: 4.9.80.beta
5
5
  platform: ruby
6
6
  authors:
7
7
  - OpenNebula
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-07-31 00:00:00.000000000 Z
11
+ date: 2014-10-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - '>='
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
19
  version: '0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - '>='
24
+ - - ">="
25
25
  - !ruby/object:Gem::Version
26
26
  version: '0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: json
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '>='
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '>='
38
+ - - ">="
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
41
  description: Libraries needed to talk to OpenNebula
@@ -44,6 +44,8 @@ executables: []
44
44
  extensions: []
45
45
  extra_rdoc_files: []
46
46
  files:
47
+ - LICENSE
48
+ - NOTICE
47
49
  - lib/opennebula.rb
48
50
  - lib/opennebula/acl.rb
49
51
  - lib/opennebula/acl_pool.rb
@@ -63,9 +65,14 @@ files:
63
65
  - lib/opennebula/host_pool.rb
64
66
  - lib/opennebula/image.rb
65
67
  - lib/opennebula/image_pool.rb
68
+ - lib/opennebula/ldap_auth.rb
69
+ - lib/opennebula/ldap_auth_spec.rb
66
70
  - lib/opennebula/oneflow_client.rb
67
71
  - lib/opennebula/pool.rb
68
72
  - lib/opennebula/pool_element.rb
73
+ - lib/opennebula/server_cipher_auth.rb
74
+ - lib/opennebula/server_x509_auth.rb
75
+ - lib/opennebula/ssh_auth.rb
69
76
  - lib/opennebula/system.rb
70
77
  - lib/opennebula/template.rb
71
78
  - lib/opennebula/template_pool.rb
@@ -75,19 +82,12 @@ files:
75
82
  - lib/opennebula/virtual_machine_pool.rb
76
83
  - lib/opennebula/virtual_network.rb
77
84
  - lib/opennebula/virtual_network_pool.rb
85
+ - lib/opennebula/x509_auth.rb
78
86
  - lib/opennebula/xml_element.rb
79
87
  - lib/opennebula/xml_pool.rb
80
88
  - lib/opennebula/xml_utils.rb
81
89
  - lib/opennebula/zone.rb
82
90
  - lib/opennebula/zone_pool.rb
83
- - lib/opennebula/ldap_auth.rb
84
- - lib/opennebula/ldap_auth_spec.rb
85
- - lib/opennebula/server_cipher_auth.rb
86
- - lib/opennebula/server_x509_auth.rb
87
- - lib/opennebula/ssh_auth.rb
88
- - lib/opennebula/x509_auth.rb
89
- - NOTICE
90
- - LICENSE
91
91
  homepage: http://opennebula.org
92
92
  licenses: []
93
93
  metadata: {}
@@ -97,17 +97,17 @@ require_paths:
97
97
  - lib
98
98
  required_ruby_version: !ruby/object:Gem::Requirement
99
99
  requirements:
100
- - - '>='
100
+ - - ">="
101
101
  - !ruby/object:Gem::Version
102
102
  version: '0'
103
103
  required_rubygems_version: !ruby/object:Gem::Requirement
104
104
  requirements:
105
- - - '>='
105
+ - - ">"
106
106
  - !ruby/object:Gem::Version
107
- version: '0'
107
+ version: 1.3.1
108
108
  requirements: []
109
109
  rubyforge_project:
110
- rubygems_version: 2.0.14
110
+ rubygems_version: 2.2.2
111
111
  signing_key:
112
112
  specification_version: 4
113
113
  summary: OpenNebula Client API