Generating authorized_keys file by information from LDAP

diff --git a/lib/cr_vmware_tpl/cobbler.py b/lib/cr_vmware_tpl/cobbler.py
index e3cb7b472f5fc926ba8ee1297bd962c7e313aff8..a5a8462cd4315fcc5701140721ab866818330bd1 100644 (file)
--- a/lib/cr_vmware_tpl/cobbler.py
+++ b/lib/cr_vmware_tpl/cobbler.py
@@ -46,7 +46,7 @@ from .config import CrTplConfiguration
 
 from .xlate import XLATOR
 
-__version__ = '0.8.5'
+__version__ = '0.8.6'
 
 LOG = logging.getLogger(__name__)
 
@@ -939,10 +939,13 @@ class Cobbler(BaseHandler):
                 LOG.debug(_("Output on {}:").format('STDERR') + '\n' + proc.stderr)
 
     # -------------------------------------------------------------------------
-    def ensure_keys(self):
+    def ensure_keys(self, tmp_auth_keys_file=None):
 
         local_keys_dir = self.base_dir / 'keys'
-        auth_keys_file = local_keys_dir / "auth_keys_pp_betrieb"
+        if tmp_auth_keys_file:
+            auth_keys_file = tmp_auth_keys_file
+        else:
+            auth_keys_file = local_keys_dir / "auth_keys_pp_betrieb"
         docroot = self.cfg.cobbler_ws_docroot / self.cfg.cobbler_ws_rel_filesdir
         remote_dir = docroot / self.cfg.system_status / 'keys'
         remote_file = remote_dir / "auth_keys_pp_betrieb"

diff --git a/lib/cr_vmware_tpl/handler.py b/lib/cr_vmware_tpl/handler.py
index 71db8aff3674a3b8eba9737ac799dd17c3722e33..ed95409cb60ad4b6bb4851226b2906c5c55f0de7 100644 (file)
--- a/lib/cr_vmware_tpl/handler.py
+++ b/lib/cr_vmware_tpl/handler.py
@@ -17,6 +17,10 @@ import datetime
 import socket
 import textwrap
 import signal
+import tempfile
+import os
+
+from pathlib import Path
 
 # Third party modules
 import pytz
@@ -53,7 +57,7 @@ from .cobbler import Cobbler
 
 from .xlate import XLATOR
 
-__version__ = '2.2.1'
+__version__ = '2.2.2'
 
 LOG = logging.getLogger(__name__)
 TZ = pytz.timezone('Europe/Berlin')
@@ -155,6 +159,7 @@ class CrTplHandler(BaseHandler):
         self.cobbler = None
         self.ldap = None
         self.ldap_server = None
+        self.auth_keys_file = None
 
         self.vsphere = VsphereConnection(
             self.cfg.vsphere_info, cluster=self.cfg.vsphere_cluster,
@@ -286,6 +291,11 @@ class CrTplHandler(BaseHandler):
 
         self.disconnect_ldap()
 
+        if self.auth_keys_file:
+            if self.auth_keys_file.exists():
+                LOG.debug(_("Removing {!r} ...").format(str(self.auth_keys_file)))
+                self.auth_keys_file.unlink()
+
     # -------------------------------------------------------------------------
     def __call__(self):
         """Executing the underlying action."""
@@ -337,7 +347,14 @@ class CrTplHandler(BaseHandler):
         self.cobbler.ensure_root_authkeys()
         self.cobbler.ensure_rsyslog_cfg_files()
         self.cobbler.ensure_snippets()
-        self.cobbler.ensure_keys()
+
+        self.cobbler.ensure_keys(self.auth_keys_file)
+        if self.auth_keys_file:
+            if self.auth_keys_file.exists():
+                LOG.debug(_("Removing {!r} ...").format(str(self.auth_keys_file)))
+                self.auth_keys_file.unlink()
+                self.auth_keys_file = None
+
         self.cobbler.ensure_system_ks()
         self.cobbler.ensure_repo_files()
         self.cobbler.ensure_bashrc()
@@ -1253,6 +1270,13 @@ class CrTplHandler(BaseHandler):
 
         LOG.info(_("Creating authorized keys of root from LDAP ..."))
 
+        prefix = 'tmp.authorized_keys.root.'
+        (fh, tmp_keys_file) = tempfile.mkstemp(prefix=prefix, text=True)
+        self.auth_keys_file = Path(tmp_keys_file)
+        os.close(fh)
+        LOG.debug(_("Using temporary file {!r} for authorized keys of root.").format(
+            tmp_keys_file))
+
         try:
             self.connect_ldap()
 
@@ -1285,6 +1309,8 @@ class CrTplHandler(BaseHandler):
         finally:
             self.disconnect_ldap()
 
+        self.auth_keys_file.write_text(auth_keys)
+
     # -------------------------------------------------------------------------
     def get_ldap_admins(self):