/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

merge
new approve/deny functionallity in mandos-monitor

Show diffs side-by-side

added added

removed removed

Lines of Context:
83
83
 
84
84
version = "1.0.14"
85
85
 
 
86
#logger = logging.getLogger(u'mandos')
86
87
logger = logging.Logger(u'mandos')
87
88
syslogger = (logging.handlers.SysLogHandler
88
89
             (facility = logging.handlers.SysLogHandler.LOG_DAEMON,
321
322
        self.checker_command = config[u"checker"]
322
323
        self.current_checker_command = None
323
324
        self.last_connect = None
 
325
        self._approved = None
 
326
        self.approved_by_default = config.get(u"approved_by_default",
 
327
                                              True)
324
328
        self.approvals_pending = 0
325
 
        self._approved = None
326
 
        self.approved_by_default = config.get(u"approved_by_default",
327
 
                                              False)
328
329
        self.approved_delay = string_to_delta(
329
330
            config[u"approved_delay"])
330
331
        self.approved_duration = string_to_delta(
331
332
            config[u"approved_duration"])
332
333
        self.changedstate = multiprocessing_manager.Condition(multiprocessing_manager.Lock())
333
 
 
 
334
    
334
335
    def send_changedstate(self):
335
336
        self.changedstate.acquire()
336
337
        self.changedstate.notify_all()
700
701
    # dbus.service.Object doesn't use super(), so we can't either.
701
702
    
702
703
    def __init__(self, bus = None, *args, **kwargs):
 
704
        self._approvals_pending = 0
703
705
        self.bus = bus
704
706
        Client.__init__(self, *args, **kwargs)
705
707
        # Only now, when this client is initialized, can it show up on
709
711
                                  + self.name.replace(u".", u"_")))
710
712
        DBusObjectWithProperties.__init__(self, self.bus,
711
713
                                          self.dbus_object_path)
 
714
 
 
715
    #Could possible return a bool(self._approvals_pending),
 
716
    #but this could mess up approvals_pending += 1 XXX 
 
717
    def _get_approvals_pending(self):
 
718
        return self._approvals_pending
 
719
    def _set_approvals_pending(self, value):
 
720
        old_value = self._approvals_pending
 
721
        self._approvals_pending = value
 
722
        bval = bool(value)
 
723
        if (hasattr(self, "dbus_object_path")
 
724
            and bval is not bool(old_value)):
 
725
            dbus_bool = dbus.Boolean(bval, variant_level=1)
 
726
            self.PropertyChanged(dbus.String(u"approved_pending"),
 
727
                                 dbus_bool)
 
728
 
 
729
    approvals_pending = property(_get_approvals_pending,
 
730
                                 _set_approvals_pending)
 
731
    del _get_approvals_pending, _set_approvals_pending
712
732
    
713
733
    @staticmethod
714
734
    def _datetime_to_dbus(dt, variant_level=0):
809
829
        return False
810
830
    
811
831
    def approve(self, value=True):
 
832
        self.send_changedstate()
812
833
        self._approved = value
813
 
        gobject.timeout_add(self._timedelta_to_milliseconds(self.approved_duration, self._reset_approved))
814
 
 
815
 
    def approved_pending(self):
816
 
        return self.approvals_pending > 0
817
 
 
 
834
        gobject.timeout_add(self._timedelta_to_milliseconds(self.approved_duration),
 
835
                            self._reset_approved)
 
836
    
818
837
    
819
838
    ## D-Bus methods, signals & properties
820
839
    _interface = u"se.bsnet.fukt.Mandos.Client"
840
859
        pass
841
860
    
842
861
    # GotSecret - signal
843
 
    # Is sent after succesfull transfer of secret from mandos-server to mandos-client
 
862
    # XXXTEDDY Is sent after succesfull transfer of secret from mandos-server to mandos-client
844
863
    @dbus.service.signal(_interface)
845
864
    def GotSecret(self):
846
865
        "D-Bus signal"
898
917
    # approved_pending - property
899
918
    @dbus_service_property(_interface, signature=u"b", access=u"read")
900
919
    def approved_pending_dbus_property(self):
901
 
        return dbus.Boolean(self.approved_pending())
 
920
        return dbus.Boolean(bool(self.approvals_pending))
902
921
    
903
922
    # approved_by_default - property
904
923
    @dbus_service_property(_interface, signature=u"b",
1322
1341
              self).process_request(request, client_address)
1323
1342
        self.child_pipe.close()
1324
1343
        self.add_pipe(parent_pipe)
1325
 
        
 
1344
 
1326
1345
    def add_pipe(self, parent_pipe):
1327
1346
        """Dummy function; override as necessary"""
1328
1347
        pass
1444
1463
        logger.debug(u"Handling IPC: FD = %d, condition = %s", source,
1445
1464
                     conditions_string)
1446
1465
 
1447
 
        # error or the other end of multiprocessing.Pipe has closed
 
1466
        # XXXTEDDY error or the other end of multiprocessing.Pipe has closed
1448
1467
        if condition & gobject.IO_HUP or condition & gobject.IO_ERR:
1449
1468
            return False
1450
1469
        
1491
1510
                parent_pipe.send(('function',))
1492
1511
            else:
1493
1512
                parent_pipe.send(('data', client_object.__getattribute__(attrname)))
1494
 
 
 
1513
        
1495
1514
        if command == 'setattr':
1496
1515
            attrname = request[1]
1497
1516
            value = request[2]
1498
1517
            setattr(client_object, attrname, value)
1499
 
            
 
1518
 
1500
1519
        return True
1501
1520
 
1502
1521
 
1690
1709
                        u"interval": u"5m",
1691
1710
                        u"checker": u"fping -q -- %%(host)s",
1692
1711
                        u"host": u"",
1693
 
                        u"approved_delay": u"5m",
 
1712
                        u"approved_delay": u"0s",
1694
1713
                        u"approved_duration": u"1s",
1695
1714
                        }
1696
1715
    client_config = configparser.SafeConfigParser(client_defaults)