From 6d317b997da0d297a6bbf30800ab58c7e61c5c96 Mon Sep 17 00:00:00 2001 From: Peter Dahlberg Date: Tue, 30 Apr 2013 08:44:58 +0200 Subject: [PATCH] code update --- mc-vm-manager/VMHelper.py | 30 +++++++++++++++++++ mc-vm-manager/config.json | 61 +++++++++++++++++++++++++++++++++++++-- mc-vm-manager/manager.py | 6 ++++ 3 files changed, 94 insertions(+), 3 deletions(-) diff --git a/mc-vm-manager/VMHelper.py b/mc-vm-manager/VMHelper.py index 888b9f1..3f6fe74 100644 --- a/mc-vm-manager/VMHelper.py +++ b/mc-vm-manager/VMHelper.py @@ -4,6 +4,7 @@ import os, errno import threading import time import sys +import pwd from qmp import QEMUMonitorProtocol class VMHelper: @@ -269,3 +270,32 @@ class VMHelper: for cmd in commands: subprocess.call(cmd, stdout=open("/dev/null")) + + def generateAuthorizedKeys(self): + userkeys = {} + keydir = os.path.join(self.config["ssh"]["homedir"], self.config["ssh"]["keydir"]) + for filename in os.listdir(keydir): + fnsplit = filename.split("@") + if len(fnsplit) == 2: + user = fnsplit[0] + with open(os.path.join(keydir,filename)) as f: + userkeys[user] = userkeys[user].append(f.readline().rstrip('\n')) if user in userkeys else [f.readline().rstrip('\n')] + authorized_keys = "" + for user, keys in userkeys.items(): + prepend = 'no-agent-forwarding,no-user-rc,no-X11-forwarding,command="read",' + for vm, vals in self.config["VMs"].items(): + if vals["owner"] in userkeys: + prepend += 'permitopen="localhost:{0}",'.format(vals["vnc"]["display"] + 5900) + prepend += 'permitopen="127.0.0.1:{0}",'.format(vals["vnc"]["display"] + 5900) + prepend += 'permitopen="[::1]:{0}",'.format(vals["vnc"]["display"] + 5900) + prepend = prepend[:-1] + + for key in keys: + authorized_keys += prepend + " " + key + "\n" + + authorized_key_file = os.path.join(self.config["ssh"]["homedir"], ".ssh/authorized_keys") + with open(authorized_key_file, mode="w") as f: + f.write(authorized_keys) + + os.chmod(authorized_key_file ,0o600) + os.chown(authorized_key_file, pwd.getpwnam(self.config["ssh"]["user"]).pw_uid, pwd.getpwnam(self.config["ssh"]["user"]).pw_gid) diff --git a/mc-vm-manager/config.json b/mc-vm-manager/config.json index bde5caf..f1ec0e0 100644 --- a/mc-vm-manager/config.json +++ b/mc-vm-manager/config.json @@ -5,6 +5,12 @@ "pidfile": "/tmp/$VMID.pid", "qmpsocket" : "/tmp/$VMID.qmp" }, + "ssh": { + "user": "vm", + "homedir": "/home/vm", + "keydir": ".manager_keys" + + }, "VMs": { "foo": { "cpu": "kvm64", @@ -52,7 +58,7 @@ "keyboard" : "de", "kernel": "/home/markus/linux-3.2.11-dkl", "append": "root=/dev/vda", - "owner": "markus", + "owner": "peter", "autostart" : true }, "baz": { @@ -65,14 +71,63 @@ "dev": "tap-baz", "mac": "54:52:00:00:03:01", "ip": ["178.63.173.238"] + }, "vnc": { "display": 3 }, "keyboard" : "de", - "owner": "markus", - + "owner": "peter", "autostart" : true + }, + + "tuxzone-vm": { + "cpu": "host", + "smp": 2, + "memory": 2048, + "cdrom": "/root/grml64-full_2013.02.iso", + "disk": { + "hw": "virtio", + "file": "/dev/mapper/vg3-tuxzone--vm" + }, + "network": { + "hw": "virtio", + "dev": "tap-tuxzone", + "mac": "54:52:00:10:BA:BE", + "ip": ["185.15.245.188", "185.15.245.189"], + "ipv6": ["2a01:4f8:120:7fff:2::/80"] + + }, + "vnc": { + "display": 40 + }, + "keyboard" : "de", + "owner": "peter", + "autostart" : true + }, + + "binary-kitchen": { + "cpu": "kvm64", + "smp": 2, + "memory": 2048, + "disk": { + "hw": "virtio", + "file": "/dev/mapper/vg3-binkit" + }, + "network": { + "hw": "virtio", + "dev": "tap-binkit", + "mac": "54:52:00:00:20:01", + "ip": ["185.15.245.177"] + }, + "vnc": { + "display": 20 + }, + "kernel": "/home/markus/linux-3.8.3", + "append": "root=/dev/vda", + "keyboard": "de", + "owner": "markus", + "autostart": true } } } diff --git a/mc-vm-manager/manager.py b/mc-vm-manager/manager.py index dc3a93a..ea894e5 100755 --- a/mc-vm-manager/manager.py +++ b/mc-vm-manager/manager.py @@ -114,6 +114,9 @@ def vmm_monitor(args): except: print("unable to issue monitor command!") +def vmm_authorized(args): + helper.generateAuthorizedKeys() + def main(): #maybe we need to create a lockfile @@ -125,6 +128,9 @@ def main(): parser_start.add_argument('vmid', action='store', help='the ID of the VM') parser_start.set_defaults(func=vmm_start) + parser_authorized = subparsers.add_parser('gen-auth-keys', help='Regenerates authorized_keys file') + parser_authorized.set_defaults(func=vmm_authorized) + parser_stop = subparsers.add_parser('stop', help='Shutdown VM with ACPI poweroff') parser_stop.add_argument('vmid', action='store', help='the ID of the VM') parser_stop.add_argument('-t', action='store',type=int, help='forcefully quit after given timeout value (signed integer), implies -w')