Implement "bos setauth"

author David Howells <dhowells@redhat.com>

Mon, 14 Apr 2014 15:08:57 +0000 (16:08 +0100)

committer David Howells <dhowells@redhat.com>

Mon, 14 Apr 2014 15:08:57 +0000 (16:08 +0100)
author David Howells <dhowells@redhat.com>
Mon, 14 Apr 2014 15:08:57 +0000 (16:08 +0100)
committer David Howells <dhowells@redhat.com>
Mon, 14 Apr 2014 15:08:57 +0000 (16:08 +0100)
diff --git a/suite/commands/bos/setauth.py b/suite/commands/bos/setauth.py

new file mode 100644 (file)

index 0000000..47ff647
--- /dev/null
+++ b/suite/commands/bos/setauth.py
@@ -0,0 +1,61 @@
+#
+# AFS Server management toolkit: Set authorisation checking
+# -*- coding: utf-8 -*-
+#
+
+__copyright__ = """
+Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
+Written by David Howells (dhowells@redhat.com)
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public Licence version 2 as
+published by the Free Software Foundation.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public Licence for more details.
+
+You should have received a copy of the GNU General Public Licence
+along with this program; if not, write to the Free Software
+Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+"""
+
+from afs.exception import AFSArgumentError
+from afs.argparse import *
+from afs.lib.output import *
+import kafs
+
+help = "Set authorization checking requirements for all server processes"
+
+command_arguments = [
+    [ "server",         get_bosserver,          "rs",         "<machine name>" ],
+    [ "authrequired",   get_string,             "rs",         "<on | off>" ],
+    [ "cell",           get_cell,               "os",         "<cell name>" ],
+    [ "noauth",         get_auth,               "fn" ],
+    [ "localauth",      get_auth,               "fn" ],
+    [ "verbose",        get_verbose,            "fn" ],
+    [ "encrypt",        get_dummy,              "fn" ],
+]
+
+cant_combine_arguments = [
+    ( "cell",           "localauth" ),
+    ( "noauth",         "localauth" ),
+]
+
+description = r"""
+Set authorization checking requirements for all server processes
+"""
+
+def main(params):
+    auth = params["authrequired"]
+    if auth != "on" and auth != "off":
+        raise AFSArgumentError("Switch -authrequired can only take 'on' or 'off' as argument")
+
+    cell = params["cell"]
+    bos_conn = cell.open_bos_server(params["server"], params)
+
+    try:
+        ret = kafs.BOZO_SetNoAuthFlag(bos_conn, auth == "off")
+    except kafs.AbortBZACCESS:
+        error("you are not authorized for this operation (failed to set authentication flag)\n")
author	David Howells <dhowells@redhat.com>
	Mon, 14 Apr 2014 15:08:57 +0000 (16:08 +0100)
committer	David Howells <dhowells@redhat.com>
	Mon, 14 Apr 2014 15:08:57 +0000 (16:08 +0100)