opennebula 4.8.0 → 4.9.80.beta

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/NOTICE +1 -1
  3. data/lib/opennebula.rb +1 -1
  4. data/lib/opennebula/ldap_auth.rb +97 -11
  5. data/lib/opennebula/ssh_auth.rb +3 -27
  6. data/lib/opennebula/user.rb +15 -1
  7. data/lib/opennebula/virtual_machine.rb +12 -3
  8. data/lib/opennebula/x509_auth.rb +5 -35
  9. metadata +18 -18
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a6fa857703d3467963c8695ce0b2fa13a395b98b
4
- data.tar.gz: 1f8e477fd663688db8e3dfc0c42294b2c487a78f
3
+ metadata.gz: 42545275d236ad905c7717b1927435e9a488a90f
4
+ data.tar.gz: 816f67281352c3d865624c23192837ebb5f37fa6
5
5
  SHA512:
6
- metadata.gz: ecca11cfc987315d5b9920da0b3149246306e28148ccce3d4dd88d6f711b55cc93f9a025892022ffb756e6e1b1b5ec730a7c1f2cc5e347c46809ccb6fb40a688
7
- data.tar.gz: 6294197a08dc4c6a1c0951caba175e4daf6d325a7cfd2d9e87c5b00f5335b421c33d81d0cc0c89f6d665695c68fb9fa7b568f44f8bc892455052a9c1695075af
6
+ metadata.gz: c4ae1c7e5d8165a72102eb2aaca7c483b7cf14b5fba21a7397c8fe0ccf429b492b729e259bdf33aa4087b7f9a7f08a2ff0dbbbbabd8a8c63996f47a45e3a5491
7
+ data.tar.gz: ba6fecc6ab0d1aa568196d10e23a6c4e8ef9940f62934ebb77405c44eeed2093b5d7ce9204cacbd4ae9d0d7539a5a7b8542460ed9d7bfd19cefe5d407da1557f
data/NOTICE CHANGED
@@ -1,6 +1,6 @@
1
1
  OpenNebula Open Source Project
2
2
  --------------------------------------------------------------------------------
3
- Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs
3
+ Copyright 2002-2014, OpenNebula Project, OpenNebula Systems (formerly C12G Labs)
4
4
  --------------------------------------------------------------------------------
5
5
 
6
6
  You can find more information about the project, release notes and
data/lib/opennebula.rb CHANGED
@@ -56,5 +56,5 @@ require 'opennebula/system'
56
56
  module OpenNebula
57
57
 
58
58
  # OpenNebula version
59
- VERSION = '4.8.0'
59
+ VERSION = '4.9.80'
60
60
  end
data/lib/opennebula/ldap_auth.rb CHANGED
@@ -15,22 +15,39 @@
15
15
  # ---------------------------------------------------------------------------- #
16
16
 
17
17
  require 'rubygems'
18
+ require 'opennebula'
18
19
  require 'net/ldap'
20
+ require 'yaml'
21
+
22
+ if !defined?(ONE_LOCATION)
23
+ ONE_LOCATION=ENV["ONE_LOCATION"]
24
+ end
25
+
26
+ if !ONE_LOCATION
27
+ VAR_LOCATION="/var/lib/one/"
28
+ else
29
+ VAR_LOCATION=ONE_LOCATION+"/var/"
30
+ end
19
31
 
20
32
  module OpenNebula; end
21
33
 
22
34
  class OpenNebula::LdapAuth
23
35
  def initialize(options)
24
36
  @options={
25
- :host => 'localhost',
26
- :port => 389,
27
- :user => nil,
28
- :password => nil,
29
- :base => nil,
30
- :auth_method => :simple,
31
- :user_field => 'cn',
32
- :user_group_field => 'dn',
33
- :group_field => 'member'
37
+ :host => 'localhost',
38
+ :port => 389,
39
+ :user => nil,
40
+ :password => nil,
41
+ :base => nil,
42
+ :auth_method => :simple,
43
+ :user_field => 'cn',
44
+ :user_group_field => 'dn',
45
+ :group_field => 'member',
46
+ :mapping_generate => true,
47
+ :mapping_timeout => 300,
48
+ :mapping_filename => 'server1.yaml',
49
+ :mapping_key => 'GROUP_DN',
50
+ :mapping_default => 1
34
51
  }.merge(options)
35
52
 
36
53
  ops={}
@@ -47,9 +64,61 @@ class OpenNebula::LdapAuth
47
64
  ops[:port]=@options[:port].to_i if @options[:port]
48
65
  ops[:encryption]=@options[:encryption] if @options[:encryption]
49
66
 
67
+ @options[:mapping_file_path] = VAR_LOCATION + @options[:mapping_filename]
68
+ generate_mapping if @options[:mapping_generate]
69
+ load_mapping
70
+
50
71
  @ldap=Net::LDAP.new(ops)
51
72
  end
52
73
 
74
+ def generate_mapping
75
+ file=@options[:mapping_file_path]
76
+ generate = false
77
+
78
+ if File.exists?(file)
79
+ stat = File.stat(file)
80
+ age = Time.now.to_i - stat.mtime.to_i
81
+ generate = true if age > @options[:mapping_timeout]
82
+ else
83
+ generate = true
84
+ end
85
+
86
+ return if !generate
87
+
88
+ client = OpenNebula::Client.new
89
+ group_pool = OpenNebula::GroupPool.new(client)
90
+ group_pool.info
91
+
92
+ groups = group_pool.to_hash['']
93
+ groups=[group_pool.get_hash['GROUP_POOL']['GROUP']].flatten
94
+
95
+ yaml={}
96
+
97
+ groups.each do |group|
98
+ if group['TEMPLATE'] && group['TEMPLATE'][@options[:mapping_key]]
99
+ yaml[group['TEMPLATE'][@options[:mapping_key]]] = group['ID']
100
+ end
101
+ end
102
+
103
+ File.open(file, 'w') do |f|
104
+ f.write(yaml.to_yaml)
105
+ end
106
+ end
107
+
108
+ def load_mapping
109
+ file=@options[:mapping_file_path]
110
+
111
+ @mapping = {}
112
+
113
+ if File.exists?(file)
114
+ @mapping = YAML.load(File.read(file))
115
+ end
116
+
117
+ if @mapping.class != Hash
118
+ @mapping = {}
119
+ end
120
+ end
121
+
53
122
  def find_user(name)
54
123
  begin
55
124
  result=@ldap.search(
@@ -57,12 +126,14 @@ class OpenNebula::LdapAuth
57
126
  :filter => "#{@options[:user_field]}=#{name}")
58
127
 
59
128
  if result && result.first
60
- [result.first.dn, result.first[@options[:user_group_field]]]
129
+ @user = result.first
130
+ [@user.dn, @user[@options[:user_group_field]]]
61
131
  else
62
132
  result=@ldap.search(:base => name)
63
133
 
64
134
  if result && result.first
65
- [name, result.first[@options[:user_group_field]]]
135
+ @user = result.first
136
+ [name, @user[@options[:user_group_field]]]
66
137
  else
67
138
  [nil, nil]
68
139
  end
@@ -99,5 +170,20 @@ class OpenNebula::LdapAuth
99
170
  false
100
171
  end
101
172
  end
173
+
174
+ def get_groups
175
+ groups = []
176
+
177
+ [@user['memberOf']].flatten.each do |group|
178
+ if @mapping[group]
179
+ groups << @mapping[group]
180
+ else
181
+ groups << @options[:mapping_default]
182
+ end
183
+ end
184
+
185
+ groups.delete(false)
186
+ groups.compact
187
+ end
102
188
  end
103
189
 
data/lib/opennebula/ssh_auth.rb CHANGED
@@ -26,8 +26,6 @@ module OpenNebula; end
26
26
  # as auth method is defined. It also holds some helper methods to be used
27
27
  # by oneauth command
28
28
  class OpenNebula::SshAuth
29
- LOGIN_PATH = ENV['HOME']+'/.one/one_ssh'
30
-
31
29
  # Initialize SshAuth object
32
30
  #
33
31
  # @param [Hash] default options for path
@@ -66,35 +64,13 @@ class OpenNebula::SshAuth
66
64
  @public_key_rsa = OpenSSL::PKey::RSA.new(Base64::decode64(@public_key))
67
65
  end
68
66
 
69
- # Creates the login file for ssh authentication at ~/.one/one_ssh.
67
+ # Creates a login token for ssh authentication.
70
68
  # By default it is valid for 1 hour but it can be changed to any number
71
69
  # of seconds with expire parameter (in seconds)
72
- def login(user, expire=3600)
70
+ def login_token(user, expire=3600)
73
71
  expire ||= 3600
74
72
 
75
- # Init proxy file path and creates ~/.one directory if needed
76
- proxy_dir = File.dirname(LOGIN_PATH)
77
-
78
- begin
79
- FileUtils.mkdir_p(proxy_dir)
80
- rescue Errno::EEXIST
81
- end
82
-
83
- # Generate security token
84
- time = Time.now.to_i + expire.to_i
85
-
86
- secret_plain = "#{user}:#{time}"
87
- secret_crypted = encrypt(secret_plain)
88
-
89
- proxy = "#{user}:#{secret_crypted}"
90
-
91
- file = File.open(LOGIN_PATH, "w")
92
- file.write(proxy)
93
- file.close
94
-
95
- File.chmod(0600,LOGIN_PATH)
96
-
97
- secret_crypted
73
+ return encrypt("#{user}:#{Time.now.to_i + expire.to_i}")
98
74
  end
99
75
 
100
76
  # Returns a valid password string to create a user using this auth driver.
data/lib/opennebula/user.rb CHANGED
@@ -33,7 +33,8 @@ module OpenNebula
33
33
  :delgroup => "user.delgroup",
34
34
  :update => "user.update",
35
35
  :chauth => "user.chauth",
36
- :quota => "user.quota"
36
+ :quota => "user.quota",
37
+ :login => "user.login"
37
38
  }
38
39
 
39
40
  SELF = -1
@@ -185,6 +186,19 @@ module OpenNebula
185
186
  return rc
186
187
  end
187
188
 
189
+ # Sets the LOGIN_TOKEN for the user
190
+ #
191
+ # @param username [String] of the user
192
+ # @param token [String] the login token, if empty OpenNebula will
193
+ # generate one
194
+ # @param expire [String] valid period of the token in secs. If <= 0
195
+ # the token will be reset
196
+ # @return [String, OpenNebula::Error] token in case of success, Error
197
+ # otherwise
198
+ def login(username, token, expire)
199
+ return @client.call(USER_METHODS[:login], username, token, expire)
200
+ end
201
+
188
202
  #######################################################################
189
203
  # Helpers to get User information
190
204
  #######################################################################
data/lib/opennebula/virtual_machine.rb CHANGED
@@ -202,9 +202,9 @@ module OpenNebula
202
202
  # @return [String] The USER_TEMPLATE
203
203
  def user_template_xml
204
204
  if NOKOGIRI
205
- @xml.xpath('TEMPLATE').to_s
205
+ @xml.xpath('USER_TEMPLATE').to_s
206
206
  else
207
- @xml.elements['TEMPLATE'].to_s
207
+ @xml.elements['USER_TEMPLATE'].to_s
208
208
  end
209
209
  end
210
210
 
@@ -224,7 +224,11 @@ module OpenNebula
224
224
  def deploy(host_id, enforce=false, ds_id=-1)
225
225
  enforce ||= false
226
226
  ds_id ||= -1
227
- return call(VM_METHODS[:deploy], @pe_id, host_id.to_i, enforce, ds_id.to_i)
227
+ return call(VM_METHODS[:deploy],
228
+ @pe_id,
229
+ host_id.to_i,
230
+ enforce,
231
+ ds_id.to_i)
228
232
  end
229
233
 
230
234
  # Shutdowns an already deployed VM
@@ -587,6 +591,11 @@ module OpenNebula
587
591
  self['GID'].to_i
588
592
  end
589
593
 
594
+ # Returns the deploy_id of the VirtualMachine (numeric value)
595
+ def deploy_id
596
+ self['DEPLOY_ID']
597
+ end
598
+
590
599
  private
591
600
  def action(name)
592
601
  return Error.new('ID not defined') if !@pe_id
data/lib/opennebula/x509_auth.rb CHANGED
@@ -34,8 +34,6 @@ class OpenNebula::X509Auth
34
34
  ETC_LOCATION = ENV["ONE_LOCATION"] + "/etc"
35
35
  end
36
36
 
37
- LOGIN_PATH = ENV['HOME']+'/.one/one_x509'
38
-
39
37
  X509_AUTH_CONF_PATH = ETC_LOCATION + "/auth/x509_auth.conf"
40
38
 
41
39
  X509_DEFAULTS = {
@@ -79,13 +77,6 @@ class OpenNebula::X509Auth
79
77
  # Client side
80
78
  ###########################################################################
81
79
 
82
- # Creates the login file for x509 authentication at ~/.one/one_x509.
83
- # By default it is valid as long as the certificate is valid. It can
84
- # be changed to any number of seconds with expire parameter (sec.)
85
- def login(user, expire=0)
86
- write_login(login_token(user,expire))
87
- end
88
-
89
80
  # Returns a valid password string to create a user using this auth driver.
90
81
  # In this case the dn of the user certificate.
91
82
  def password
@@ -95,8 +86,10 @@ class OpenNebula::X509Auth
95
86
  # Generates a login token in the form:
96
87
  # user_name:x509:user_name:time_expires:cert_chain
97
88
  # - user_name:time_expires is encrypted with the user certificate
98
- # - user_name:time_expires:cert_chain is base64 encoded
99
- def login_token(user, expire)
89
+ # - user_name:time_expires:cert_chain is base64 encoded.
90
+ # By default it is valid as long as the certificate is valid. It can
91
+ # be changed to any number of seconds with expire parameter (sec.)
92
+ def login_token(user, expire=0)
100
93
  if expire != 0
101
94
  expires = Time.now.to_i + expire.to_i
102
95
  else
@@ -107,13 +100,9 @@ class OpenNebula::X509Auth
107
100
  signed_text = encrypt(text_to_sign)
108
101
 
109
102
  certs_pem = @cert_chain.collect{|cert| cert.to_pem}.join(":")
110
-
111
103
  token = "#{signed_text}:#{certs_pem}"
112
- token64 = Base64::encode64(token).strip.delete("\n")
113
104
 
114
- login_out = "#{user}:#{token64}"
115
-
116
- login_out
105
+ return Base64::encode64(token).strip.delete("\n")
117
106
  end
118
107
 
119
108
  ###########################################################################
@@ -150,25 +139,6 @@ class OpenNebula::X509Auth
150
139
  end
151
140
 
152
141
  private
153
- # Writes a login_txt to the login file as defined in LOGIN_PATH
154
- # constant
155
- def write_login(login_txt)
156
- # Inits login file path and creates ~/.one directory if needed
157
- # Set instance variables
158
- login_dir = File.dirname(LOGIN_PATH)
159
-
160
- begin
161
- FileUtils.mkdir_p(login_dir)
162
- rescue Errno::EEXIST
163
- end
164
-
165
- file = File.open(LOGIN_PATH, "w")
166
- file.write(login_txt)
167
- file.close
168
-
169
- File.chmod(0600,LOGIN_PATH)
170
- end
171
-
172
142
  # Load class options form a configuration file (yaml syntax)
173
143
  def load_options(conf_file)
174
144
  if File.readable?(conf_file)
metadata CHANGED
@@ -1,41 +1,41 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: opennebula
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.8.0
4
+ version: 4.9.80.beta
5
5
  platform: ruby
6
6
  authors:
7
7
  - OpenNebula
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-07-31 00:00:00.000000000 Z
11
+ date: 2014-10-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - '>='
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
19
  version: '0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - '>='
24
+ - - ">="
25
25
  - !ruby/object:Gem::Version
26
26
  version: '0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: json
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '>='
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '>='
38
+ - - ">="
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
41
  description: Libraries needed to talk to OpenNebula
@@ -44,6 +44,8 @@ executables: []
44
44
  extensions: []
45
45
  extra_rdoc_files: []
46
46
  files:
47
+ - LICENSE
48
+ - NOTICE
47
49
  - lib/opennebula.rb
48
50
  - lib/opennebula/acl.rb
49
51
  - lib/opennebula/acl_pool.rb
@@ -63,9 +65,14 @@ files:
63
65
  - lib/opennebula/host_pool.rb
64
66
  - lib/opennebula/image.rb
65
67
  - lib/opennebula/image_pool.rb
68
+ - lib/opennebula/ldap_auth.rb
69
+ - lib/opennebula/ldap_auth_spec.rb
66
70
  - lib/opennebula/oneflow_client.rb
67
71
  - lib/opennebula/pool.rb
68
72
  - lib/opennebula/pool_element.rb
73
+ - lib/opennebula/server_cipher_auth.rb
74
+ - lib/opennebula/server_x509_auth.rb
75
+ - lib/opennebula/ssh_auth.rb
69
76
  - lib/opennebula/system.rb
70
77
  - lib/opennebula/template.rb
71
78
  - lib/opennebula/template_pool.rb
@@ -75,19 +82,12 @@ files:
75
82
  - lib/opennebula/virtual_machine_pool.rb
76
83
  - lib/opennebula/virtual_network.rb
77
84
  - lib/opennebula/virtual_network_pool.rb
85
+ - lib/opennebula/x509_auth.rb
78
86
  - lib/opennebula/xml_element.rb
79
87
  - lib/opennebula/xml_pool.rb
80
88
  - lib/opennebula/xml_utils.rb
81
89
  - lib/opennebula/zone.rb
82
90
  - lib/opennebula/zone_pool.rb
83
- - lib/opennebula/ldap_auth.rb
84
- - lib/opennebula/ldap_auth_spec.rb
85
- - lib/opennebula/server_cipher_auth.rb
86
- - lib/opennebula/server_x509_auth.rb
87
- - lib/opennebula/ssh_auth.rb
88
- - lib/opennebula/x509_auth.rb
89
- - NOTICE
90
- - LICENSE
91
91
  homepage: http://opennebula.org
92
92
  licenses: []
93
93
  metadata: {}
@@ -97,17 +97,17 @@ require_paths:
97
97
  - lib
98
98
  required_ruby_version: !ruby/object:Gem::Requirement
99
99
  requirements:
100
- - - '>='
100
+ - - ">="
101
101
  - !ruby/object:Gem::Version
102
102
  version: '0'
103
103
  required_rubygems_version: !ruby/object:Gem::Requirement
104
104
  requirements:
105
- - - '>='
105
+ - - ">"
106
106
  - !ruby/object:Gem::Version
107
- version: '0'
107
+ version: 1.3.1
108
108
  requirements: []
109
109
  rubyforge_project:
110
- rubygems_version: 2.0.14
110
+ rubygems_version: 2.2.2
111
111
  signing_key:
112
112
  specification_version: 4
113
113
  summary: OpenNebula Client API