%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /proc/self/root/proc/3522530/root/usr/lib/python2.7/site-packages/salt/states/
Upload File :
Create Path :
Current File : //proc/self/root/proc/3522530/root/usr/lib/python2.7/site-packages/salt/states/ssh_auth.pyo

�
���^c@@s�dZddlmZmZmZddlZddlZddlmZd�Z	d�Z
ddddd	dd
�Zddddd	dd�Z
dS(u~
Control of entries in SSH authorized_key files
==============================================

The information stored in a user's SSH authorized key file can be easily
controlled via the ssh_auth state. Defaults can be set by the enc, options,
and comment keys. These defaults can be overridden by including them in the
name.

Since the YAML specification limits the length of simple keys to 1024
characters, and since SSH keys are often longer than that, you may have
to use a YAML 'explicit key', as demonstrated in the second example below.

.. code-block:: yaml

    AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY==:
      ssh_auth.present:
        - user: root
        - enc: ssh-dss

    ? AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY==...
    :
      ssh_auth.present:
        - user: root
        - enc: ssh-dss

    thatch:
      ssh_auth.present:
        - user: root
        - source: salt://ssh_keys/thatch.id_rsa.pub
        - config: '%h/.ssh/authorized_keys'

    sshkeys:
      ssh_auth.present:
        - user: root
        - enc: ssh-rsa
        - options:
          - option1="value1"
          - option2="value2 flag2"
        - comment: myuser
        - names:
          - AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY==
          - ssh-dss AAAAB3NzaCL0sQ9fJ5bYTEyY== user@domain
          - option3="value3" ssh-dss AAAAB3NzaC1kcQ9J5bYTEyY== other@testdomain
          - AAAAB3NzaC1kcQ9fJFF435bYTEyY== newcomment
i(tabsolute_importtunicode_literalstprint_functionN(tsixc
C@sGd}|r�td|||dtd|�}	|	r�d}xEtj|	�D]4\}
}|dkrhqJn|dj||
�7}qJW|r�||fSntjtdjj	j
dd�}|r�t|fStd	j|�fSn�t
jd
�}
|
j|�}|s:|j�}|d}t|�dkr�|d
}q�nr|jd
�rd|jd
�jd�}n|jd�j�}|d}|d
}t|�dkr�|d}ntd|||||d|d|�}|dkr�dj||�}nH|dkrdj||�}n'|dkr=t}dj||�}n||fS(u"
    Run checks for "present"
    ussh.check_key_filetsaltenvtfingerprint_hash_typeuuexistsuSet to {0}: {1}
u	test.pingussh_auth.erroru-All host keys in file {0} are already presentu$^(.*?)\s?((?:ssh\-|ecds)[\w-]+\s.+)$iiiu,iu
ssh.check_keytconfiguupdateu)Key {0} for user {1} is set to be updateduaddu'Key {0} for user {1} is set to be addedu;The authorized host key {0} is already present for user {1}N(tNonet__salt__t__env__Rt	iteritemstformattsystmodulest
__module__t__context__tpoptFalsetTruetretcompiletsearchtsplittlentgroup(tusertnametenctcommenttoptionstsourceRRtresulttkeystkeytstatusterrtsshretfullkeytkey_and_commenttcompstcheck((s8/usr/lib/python2.7/site-packages/salt/states/ssh_auth.pyt
_present_test:sp	





	c
C@sd}|r�td|||dtd|�}	|	r�d}xEt|	j��D]1\}
}|dkrkqMn|dj|
�7}qMW|r�||fSntjtdjj	j
dd�}|r�t|fStd	j|�fSn�t
jd
�}
|
j|�}|s:|j�}|d}t|�dkr�|d
}q�nr|jd
�rd|jd
�jd�}n|jd�j�}|d}|d
}t|�dkr�|d}ntd|||||d|d|�}|dks�|dkrdj||�}nd}t}||fS(u!
    Run checks for "absent"
    ussh.check_key_fileRRuuadduSet to remove: {0}
u	test.pingussh_auth.erroru,All host keys in file {0} are already absentu$^(.*?)\s?((?:ssh\-|ecds)[\w-]+\s.+)$iiiu,iu
ssh.check_keyRuupdateuexistsu'Key {0} for user {1} is set for removaluKey is already absentN(RRR	tlisttitemsRRR
RRRRRRRRRRR(RRRRRRRRRR R!R"R#R$R%R&R'R(((s8/usr/lib/python2.7/site-packages/salt/states/ssh_auth.pyt_absent_test�sd	





	ussh-rsauu.ssh/authorized_keyscK@s,i|d6id6td6dd6}	|dkrtjd�}
|
j|�}|s�|jd+d�}|d}t|�d	kr|d}qq|jd�r�|jd�jd
�}n|jd	�jd+d	�}
|
d}|
d}t|
�dkr|
d	}qntdrNt	|||||p-g|||�\|	d<|	d<|	S|dkrvt
d
|d+dt�}n|dkr�|r�d}nV|dkr�|r�t
d|dt�}t}tjd�}
|j
�jd�}x|D]�}|
j|�}|s.t
d||d|dtd|�}q�|jd�}|d}|d}t|�d	krm|d	nd}t
d||d|d|d|p�gd|d|�}q�Wn7t
d||d|d|d|p�gd|d|�}|dkrd|	d|<dj||�|	d<|	S|dkrAdj||�|	d<n�|d krtd!|	d|<d"j||�|	d<n�|dkr�t|	d<d#j|�|	d<n�|d$kr�t|	d<tjt
d%jjjd&d+�}|r�||	d<q(d'|	d<n/|d(ks|d)kr(t|	d<d*|	d<n|	S(,u�
    Verifies that the specified SSH key is present for the specified user

    name
        The SSH key to manage

    user
        The user who owns the SSH authorized keys file to modify

    enc
        Defines what type of key is being used; can be ed25519, ecdsa, ssh-rsa
        or ssh-dss

    comment
        The comment to be placed with the SSH public key

    source
        The source file for the key(s). Can contain any number of public keys,
        in standard "authorized_keys" format. If this is set, comment and enc
        will be ignored.

    .. note::
        The source file must contain keys in the format ``<enc> <key>
        <comment>``. If you have generated a keypair using PuTTYgen, then you
        will need to do the following to retrieve an OpenSSH-compatible public
        key.

        1. In PuTTYgen, click ``Load``, and select the *private* key file (not
           the public key), and click ``Open``.
        2. Copy the public key from the box labeled ``Public key for pasting
           into OpenSSH authorized_keys file``.
        3. Paste it into a new file.

    options
        The options passed to the key, pass a list object

    config
        The location of the authorized keys file relative to the user's home
        directory, defaults to ".ssh/authorized_keys". Token expansion %u and
        %h for username and home path supported.

    fingerprint_hash_type
        The public key fingerprint hash type that the public key fingerprint
        was originally hashed with. This defaults to ``md5`` if not specified.

        .. versionadded:: 2016.11.7

        .. note::

            The default value of the ``fingerprint_hash_type`` will change to
            ``sha256`` in Salt 2017.7.0.
    unameuchangesuresultuucommentu$^(.*?)\s?((?:ssh\-|ecds)[\w-]+\s.+)$iiiu,iutestu
cp.get_urlRuno keyucp.get_file_stru^(ssh\-|ecds).*u
ussh.set_auth_key_from_fileRRu ussh.set_auth_keyRRRureplaceuUpdatedu4The authorized host key {0} for user {1} was updatedu	no changeu;The authorized host key {0} is already present for user {1}unewuNewu2The authorized host key {0} for user {1} was addedu5Failed to add the ssh key. Source file {0} is missingufailu	test.pingussh_auth.erroru[Failed to add the ssh key. Is the home directory available, and/or does the key file exist?uinvaliduInvalid public keyu@Invalid public ssh key, most likely has spaces or invalid syntaxN(RRRRRRRRt__opts__R)RR	RtrstriptmatchRRR
RRR(RRRRRRRRtkwargstretR$R%R&R'tsource_pathtdataR!tfilehasoptionstkeylinetkey_typet	key_valuetkey_commentR#((s8/usr/lib/python2.7/site-packages/salt/states/ssh_auth.pytpresent�s�>





			


"	





c
C@ssi|d6id6td6dd6}tdret|||||pDg|||�\|d<|d<|S|dkr9td|dt�}	t}
tjd	�}|	j�j	d
�}	x||	D]z}|j
|�}
|
s�td|||dtd|�|d<q�|j	d
�}td||dd|d|�|d<q�Wn�tjd�}|j|�}
|
s�|j	dd�}|d}t
|�dkr
|d}q
nr|
jd�r�|
jd�j	d�}n|
jd�j	�}|d}|d}t
|�dkr
|d}ntd||d|d|�|d<|ddkrNt|d<|S|ddkrod|d|<n|S(u�
    Verifies that the specified SSH key is absent

    name
        The SSH key to manage

    user
        The user who owns the SSH authorized keys file to modify

    enc
        Defines what type of key is being used; can be ed25519, ecdsa, ssh-rsa
        or ssh-dss

    comment
        The comment to be placed with the SSH public key

    options
        The options passed to the key, pass a list object

    source
        The source file for the key(s). Can contain any number of public keys,
        in standard "authorized_keys" format. If this is set, comment, enc and
        options will be ignored.

        .. versionadded:: 2015.8.0

    config
        The location of the authorized keys file relative to the user's home
        directory, defaults to ".ssh/authorized_keys". Token expansion %u and
        %h for username and home path supported.

    fingerprint_hash_type
        The public key fingerprint hash type that the public key fingerprint
        was originally hashed with. This defaults to ``md5`` if not specified.

        .. versionadded:: 2016.11.7

        .. note::

            The default value of the ``fingerprint_hash_type`` will change to
            ``sha256`` in Salt 2017.7.0.

    unameuchangesuresultuucommentutestucp.get_file_strRu^(ssh\-|ecds).*u
ussh.rm_auth_key_from_fileRu ussh.rm_auth_keyiRu$^(.*?)\s?((?:ssh\-|ecds)[\w-]+\s.+)$iiu,iu%User authorized keys file not presentuKey removeduRemovedN(RR-R,RR	RRRR.RR/RRRR(RRRRRRRRR1R!R4R$R5R%R&R'((s8/usr/lib/python2.7/site-packages/salt/states/ssh_auth.pytabsent�sv3


		










(t__doc__t
__future__RRRRRtsalt.extRR)R,RR9R:(((s8/usr/lib/python2.7/site-packages/salt/states/ssh_auth.pyt<module>/s$	K	G�

Zerion Mini Shell 1.0