/mandos/release : revision 237.23.1

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-ctl

Committer: Teddy Hogeborn
Date: 2014-07-25 22:44:20 UTC
mto: (237.7.272 trunk)
mto: This revision was merged to the branch mainline in revision 321.
Revision ID: teddy@recompile.se-20140725224420-4a5ct2ptt0hsc92z

Require Python 2.7.

This is in preparation for the eventual move to Python 3, which will
happen as soon as all Python modules required by Mandos are available.
The mandos-ctl and mandos-monitor programs are already portable
between Python 2.6 and Python 3 without changes; this change will
bring the requirement up to Python 2.7.

* INSTALL (Prerequisites/Libraries/Mandos Server): Document
                                                   requirement of
                                                   Python 2.7; remove
                                                   Python-argparse
                                                   which is in the
                                                   Python 2.7 standard
                                                   library.
* debian/control (Source: mandos/Build-Depends-Indep): Depend on
                                                       exactly the
                                                       python2.7
                                                       package and all
                                                       the Python 2.7
                                                       versions of the
                                                       python modules.
  (Package: mandos/Depends): - '' - but still depend on python (<=2.7)
                            and the generic versions of the Python
                            modules; this is for mandos-ctl and
                            mandos-monitor, both of which are
                            compatible with Python 3, and use
                            #!/usr/bin/python.
* mandos: Use #!/usr/bin/python2.7 instead of #!/usr/bin/python.

files added:
debian/mandos-client.examples

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

initramfs-unpack

intro.xml

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

dbus-mandos.conf

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

mandos-ctl

# Mandos Monitor - Control and monitor the Mandos server

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License

# along with this program. If not, see <http://www.gnu.org/licenses/>.

# Contact the authors at <mandos@fukt.bsnet.se>.

from __future__ import division, absolute_import, unicode_literals

# along with this program. If not, see

# <http://www.gnu.org/licenses/>.

# Contact the authors at <mandos@recompile.se>.

from __future__ import (division, absolute_import, print_function,

unicode_literals)

try:

from future_builtins import *

except ImportError:

pass

import sys

import dbus

from optparse import OptionParser

import argparse

import locale

import datetime

import re

import os

import collections

import doctest

import dbus

if sys.version_info[0] == 2:

str = unicode

locale.setlocale(locale.LC_ALL, "")

"ApprovalDelay": "Approval Delay",

"ApprovalDuration": "Approval Duration",

"Checker": "Checker",

"ExtendedTimeout" : "Extended Timeout"

}

defaultkeywords = ("Name", "Enabled", "Timeout", "LastCheckedOK")

domain = "se.bsnet.fukt"

domain = "se.recompile"

busname = domain + ".Mandos"

server_path = "/"

server_interface = domain + ".Mandos"

client_interface = domain + ".Mandos.Client"

version = "1.2.3"

version = "1.6.7"

def timedelta_to_milliseconds(td):

"""Convert a datetime.timedelta object to milliseconds"""

def milliseconds_to_string(ms):

td = datetime.timedelta(0, 0, 0, ms)

return ("%(days)s%(hours)02d:%(minutes)02d:%(seconds)02d"

% { "days": "%dT" % td.days if td.days else "",

"hours": td.seconds // 3600,

"minutes": (td.seconds % 3600) // 60,

"seconds": td.seconds % 60,

})

return ("{days}{hours:02}:{minutes:02}:{seconds:02}"

.format(days = "{0}T".format(td.days) if td.days else "",

hours = td.seconds // 3600,

minutes = (td.seconds % 3600) // 60,

seconds = td.seconds % 60,

))

def rfc3339_duration_to_delta(duration):

"""Parse an RFC 3339 "duration" and return a datetime.timedelta

>>> rfc3339_duration_to_delta("P7D")

datetime.timedelta(7)

>>> rfc3339_duration_to_delta("PT60S")

datetime.timedelta(0, 60)

100

>>> rfc3339_duration_to_delta("PT60M")

101

datetime.timedelta(0, 3600)

102

>>> rfc3339_duration_to_delta("PT24H")

103

datetime.timedelta(1)

104

>>> rfc3339_duration_to_delta("P1W")

105

datetime.timedelta(7)

106

>>> rfc3339_duration_to_delta("PT5M30S")

107

datetime.timedelta(0, 330)

108

>>> rfc3339_duration_to_delta("P1DT3M20S")

109

datetime.timedelta(1, 200)

110

"""

111

112

# Parsing an RFC 3339 duration with regular expressions is not

113

# possible - there would have to be multiple places for the same

114

# values, like seconds. The current code, while more esoteric, is

115

# cleaner without depending on a parsing library. If Python had a

116

# built-in library for parsing we would use it, but we'd like to

117

# avoid excessive use of external libraries.

118

119

# New type for defining tokens, syntax, and semantics all-in-one

120

Token = collections.namedtuple("Token",

121

("regexp", # To match token; if

122

# "value" is not None,

123

# must have a "group"

124

# containing digits

125

"value", # datetime.timedelta or

126

# None

127

"followers")) # Tokens valid after

128

# this token

129

# RFC 3339 "duration" tokens, syntax, and semantics; taken from

130

# the "duration" ABNF definition in RFC 3339, Appendix A.

131

token_end = Token(re.compile(r"$"), None, frozenset())

132

token_second = Token(re.compile(r"(\d+)S"),

133

datetime.timedelta(seconds=1),

134

frozenset((token_end,)))

135

token_minute = Token(re.compile(r"(\d+)M"),

136

datetime.timedelta(minutes=1),

137

frozenset((token_second, token_end)))

138

token_hour = Token(re.compile(r"(\d+)H"),

139

datetime.timedelta(hours=1),

140

frozenset((token_minute, token_end)))

141

token_time = Token(re.compile(r"T"),

142

None,

143

frozenset((token_hour, token_minute,

144

token_second)))

145

token_day = Token(re.compile(r"(\d+)D"),

146

datetime.timedelta(days=1),

147

frozenset((token_time, token_end)))

148

token_month = Token(re.compile(r"(\d+)M"),

149

datetime.timedelta(weeks=4),

150

frozenset((token_day, token_end)))

151

token_year = Token(re.compile(r"(\d+)Y"),

152

datetime.timedelta(weeks=52),

153

frozenset((token_month, token_end)))

154

token_week = Token(re.compile(r"(\d+)W"),

155

datetime.timedelta(weeks=1),

156

frozenset((token_end,)))

157

token_duration = Token(re.compile(r"P"), None,

158

frozenset((token_year, token_month,

159

token_day, token_time,

160

token_week)))

161

# Define starting values

162

value = datetime.timedelta() # Value so far

163

found_token = None

164

followers = frozenset((token_duration,)) # Following valid tokens

165

s = duration # String left to parse

166

# Loop until end token is found

167

while found_token is not token_end:

168

# Search for any currently valid tokens

169

for token in followers:

170

match = token.regexp.match(s)

171

if match is not None:

172

# Token found

173

if token.value is not None:

174

# Value found, parse digits

175

factor = int(match.group(1), 10)

176

# Add to value so far

177

value += factor * token.value

178

# Strip token from string

179

s = token.regexp.sub("", s, 1)

180

# Go to found token

181

found_token = token

182

# Set valid next tokens

183

followers = found_token.followers

184

break

185

else:

186

# No currently valid tokens were found

187

raise ValueError("Invalid RFC 3339 duration")

188

# End token found

189

return value

190

191

192

def string_to_delta(interval):

193

"""Parse a string and return a datetime.timedelta

194

195

>>> string_to_delta("7d")

196

datetime.timedelta(7)

197

>>> string_to_delta("60s")

205

>>> string_to_delta("5m 30s")

206

datetime.timedelta(0, 330)

207

"""

timevalue = datetime.timedelta(0)

regexp = re.compile("\d+[dsmhw]")

for s in regexp.findall(interval):

try:

100

suffix = unicode(s[-1])

101

value = int(s[:-1])

102

if suffix == "d":

103

delta = datetime.timedelta(value)

104

elif suffix == "s":

105

delta = datetime.timedelta(0, value)

106

elif suffix == "m":

107

delta = datetime.timedelta(0, 0, 0, 0, value)

108

elif suffix == "h":

109

delta = datetime.timedelta(0, 0, 0, 0, 0, value)

110

elif suffix == "w":

111

delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)

112

else:

113

raise ValueError

114

except (ValueError, IndexError):

115

raise ValueError

116

timevalue += delta

117

return timevalue

208

209

try:

210

return rfc3339_duration_to_delta(interval)

211

except ValueError:

212

pass

213

214

value = datetime.timedelta(0)

215

regexp = re.compile(r"(\d+)([dsmhw]?)")

216

217

for num, suffix in regexp.findall(interval):

218

if suffix == "d":

219

value += datetime.timedelta(int(num))

220

elif suffix == "s":

221

value += datetime.timedelta(0, int(num))

222

elif suffix == "m":

223

value += datetime.timedelta(0, 0, 0, 0, int(num))

224

elif suffix == "h":

225

value += datetime.timedelta(0, 0, 0, 0, 0, int(num))

226

elif suffix == "w":

227

value += datetime.timedelta(0, 0, 0, 0, 0, 0, int(num))

228

elif suffix == "":

229

value += datetime.timedelta(0, 0, 0, int(num))

230

return value

118

231

119

232

def print_clients(clients, keywords):

120

233

def valuetostring(value, keyword):

121

234

if type(value) is dbus.Boolean:

122

235

return "Yes" if value else "No"

123

236

if keyword in ("Timeout", "Interval", "ApprovalDelay",

124

"ApprovalDuration"):

237

"ApprovalDuration", "ExtendedTimeout"):

125

238

return milliseconds_to_string(value)

126

return unicode(value)

239

return str(value)

127

240

128

241

# Create format string to print table rows

129

format_string = " ".join("%%-%ds" %

130

max(len(tablewords[key]),

131

max(len(valuetostring(client[key],

132

key))

133

for client in

134

clients))

135

for key in keywords)

242

format_string = " ".join("{{{key}:{width}}}".format(

243

width = max(len(tablewords[key]),

244

max(len(valuetostring(client[key],

245

key))

246

for client in

247

clients)),

248

key = key) for key in keywords)

136

249

# Print header line

137

print format_string % tuple(tablewords[key] for key in keywords)

250

print(format_string.format(**tablewords))

138

251

for client in clients:

139

print format_string % tuple(valuetostring(client[key], key)

140

for key in keywords)

252

print(format_string.format(**dict((key,

253

valuetostring(client[key],

254

key))

255

for key in keywords)))

141

256

142

257

def has_actions(options):

143

258

return any((options.enable,

149

264

options.remove,

150

265

options.checker is not None,

151

266

options.timeout is not None,

267

options.extended_timeout is not None,

152

268

options.interval is not None,

153

269

options.approved_by_default is not None,

154

270

options.approval_delay is not None,

157

273

options.secret is not None,

158

274

options.approve,

159

275

options.deny))

160

276

161

277

def main():

162

parser = OptionParser(version = "%%prog %s" % version)

163

parser.add_option("-a", "--all", action="store_true",

164

help="Select all clients")

165

parser.add_option("-v", "--verbose", action="store_true",

166

help="Print all fields")

167

parser.add_option("-e", "--enable", action="store_true",

168

help="Enable client")

169

parser.add_option("-d", "--disable", action="store_true",

170

help="disable client")

171

parser.add_option("-b", "--bump-timeout", action="store_true",

172

help="Bump timeout for client")

173

parser.add_option("--start-checker", action="store_true",

174

help="Start checker for client")

175

parser.add_option("--stop-checker", action="store_true",

176

help="Stop checker for client")

177

parser.add_option("-V", "--is-enabled", action="store_true",

178

help="Check if client is enabled")

179

parser.add_option("-r", "--remove", action="store_true",

180

help="Remove client")

181

parser.add_option("-c", "--checker", type="string",

182

help="Set checker command for client")

183

parser.add_option("-t", "--timeout", type="string",

184

help="Set timeout for client")

185

parser.add_option("-i", "--interval", type="string",

186

help="Set checker interval for client")

187

parser.add_option("--approve-by-default", action="store_true",

188

dest="approved_by_default",

189

help="Set client to be approved by default")

190

parser.add_option("--deny-by-default", action="store_false",

191

dest="approved_by_default",

192

help="Set client to be denied by default")

193

parser.add_option("--approval-delay", type="string",

194

help="Set delay before client approve/deny")

195

parser.add_option("--approval-duration", type="string",

196

help="Set duration of one client approval")

197

parser.add_option("-H", "--host", type="string",

198

help="Set host for client")

199

parser.add_option("-s", "--secret", type="string",

200

help="Set password blob (file) for client")

201

parser.add_option("-A", "--approve", action="store_true",

202

help="Approve any current client request")

203

parser.add_option("-D", "--deny", action="store_true",

204

help="Deny any current client request")

205

options, client_names = parser.parse_args()

206

207

if has_actions(options) and not client_names and not options.all:

208

parser.error("Options require clients names or --all.")

209

if options.verbose and has_actions(options):

210

parser.error("--verbose can only be used alone or with"

211

" --all.")

212

if options.all and not has_actions(options):

213

parser.error("--all requires an action.")

214

215

try:

216

bus = dbus.SystemBus()

217

mandos_dbus_objc = bus.get_object(busname, server_path)

218

except dbus.exceptions.DBusException:

219

print >> sys.stderr, "Could not connect to Mandos server"

220

sys.exit(1)

278

parser = argparse.ArgumentParser()

279

parser.add_argument("--version", action="version",

280

version = "%(prog)s {0}".format(version),

281

help="show version number and exit")

282

parser.add_argument("-a", "--all", action="store_true",

283

help="Select all clients")

284

parser.add_argument("-v", "--verbose", action="store_true",

285

help="Print all fields")

286

parser.add_argument("-e", "--enable", action="store_true",

287

help="Enable client")

288

parser.add_argument("-d", "--disable", action="store_true",

289

help="disable client")

290

parser.add_argument("-b", "--bump-timeout", action="store_true",

291

help="Bump timeout for client")

292

parser.add_argument("--start-checker", action="store_true",

293

help="Start checker for client")

294

parser.add_argument("--stop-checker", action="store_true",

295

help="Stop checker for client")

296

parser.add_argument("-V", "--is-enabled", action="store_true",

297

help="Check if client is enabled")

298

parser.add_argument("-r", "--remove", action="store_true",

299

help="Remove client")

300

parser.add_argument("-c", "--checker",

301

help="Set checker command for client")

302

parser.add_argument("-t", "--timeout",

303

help="Set timeout for client")

304

parser.add_argument("--extended-timeout",

305

help="Set extended timeout for client")

306

parser.add_argument("-i", "--interval",

307

help="Set checker interval for client")

308

parser.add_argument("--approve-by-default", action="store_true",

309

default=None, dest="approved_by_default",

310

help="Set client to be approved by default")

311

parser.add_argument("--deny-by-default", action="store_false",

312

dest="approved_by_default",

313

help="Set client to be denied by default")

314

parser.add_argument("--approval-delay",

315

help="Set delay before client approve/deny")

316

parser.add_argument("--approval-duration",

317

help="Set duration of one client approval")

318

parser.add_argument("-H", "--host", help="Set host for client")

319

parser.add_argument("-s", "--secret",

320

type=argparse.FileType(mode="rb"),

321

help="Set password blob (file) for client")

322

parser.add_argument("-A", "--approve", action="store_true",

323

help="Approve any current client request")

324

parser.add_argument("-D", "--deny", action="store_true",

325

help="Deny any current client request")

326

parser.add_argument("--check", action="store_true",

327

help="Run self-test")

328

parser.add_argument("client", nargs="*", help="Client name")

329

options = parser.parse_args()

221

330

222

mandos_serv = dbus.Interface(mandos_dbus_objc,

223

dbus_interface = server_interface)

331

if has_actions(options) and not (options.client or options.all):

332

parser.error("Options require clients names or --all.")

333

if options.verbose and has_actions(options):

334

parser.error("--verbose can only be used alone or with"

335

" --all.")

336

if options.all and not has_actions(options):

337

parser.error("--all requires an action.")

224

338

225

#block stderr since dbus library prints to stderr

226

null = os.open(os.path.devnull, os.O_RDWR)

227

stderrcopy = os.dup(sys.stderr.fileno())

228

os.dup2(null, sys.stderr.fileno())

229

os.close(null)

339

if options.check:

340

fail_count, test_count = doctest.testmod()

341

sys.exit(os.EX_OK if fail_count == 0 else 1)

342

343

try:

344

bus = dbus.SystemBus()

345

mandos_dbus_objc = bus.get_object(busname, server_path)

346

except dbus.exceptions.DBusException:

347

print("Could not connect to Mandos server",

348

file=sys.stderr)

349

sys.exit(1)

350

351

mandos_serv = dbus.Interface(mandos_dbus_objc,

352

dbus_interface = server_interface)

353

354

#block stderr since dbus library prints to stderr

355

null = os.open(os.path.devnull, os.O_RDWR)

356

stderrcopy = os.dup(sys.stderr.fileno())

357

os.dup2(null, sys.stderr.fileno())

358

os.close(null)

359

try:

230

360

try:

231

try:

232

mandos_clients = mandos_serv.GetAllClientsWithProperties()

233

finally:

234

#restore stderr

235

os.dup2(stderrcopy, sys.stderr.fileno())

236

os.close(stderrcopy)

237

except dbus.exceptions.DBusException, e:

238

print >> sys.stderr, "Access denied: Accessing mandos server through dbus."

239

sys.exit(1)

240

241

# Compile dict of (clients: properties) to process

242

clients={}

243

244

if options.all or not client_names:

245

clients = dict((bus.get_object(busname, path), properties)

246

for path, properties in

247

mandos_clients.iteritems())

248

else:

249

for name in client_names:

250

for path, client in mandos_clients.iteritems():

251

if client["Name"] == name:

252

client_objc = bus.get_object(busname, path)

253

clients[client_objc] = client

254

break

255

else:

256

print >> sys.stderr, "Client not found on server: %r" % name

257

sys.exit(1)

258

259

if not has_actions(options) and clients:

260

if options.verbose:

261

keywords = ("Name", "Enabled", "Timeout",

262

"LastCheckedOK", "Created", "Interval",

263

"Host", "Fingerprint", "CheckerRunning",

264

"LastEnabled", "ApprovalPending",

265

"ApprovedByDefault",

266

"LastApprovalRequest", "ApprovalDelay",

267

"ApprovalDuration", "Checker")

361

mandos_clients = mandos_serv.GetAllClientsWithProperties()

362

finally:

363

#restore stderr

364

os.dup2(stderrcopy, sys.stderr.fileno())

365

os.close(stderrcopy)

366

except dbus.exceptions.DBusException:

367

print("Access denied: Accessing mandos server through dbus.",

368

file=sys.stderr)

369

sys.exit(1)

370

371

# Compile dict of (clients: properties) to process

372

clients={}

373

374

if options.all or not options.client:

375

clients = dict((bus.get_object(busname, path), properties)

376

for path, properties in

377

mandos_clients.items())

378

else:

379

for name in options.client:

380

for path, client in mandos_clients.iteritems():

381

if client["Name"] == name:

382

client_objc = bus.get_object(busname, path)

383

clients[client_objc] = client

384

break

268

385

else:

269

keywords = defaultkeywords

270

271

print_clients(clients.values(), keywords)

386

print("Client not found on server: {0!r}"

387

.format(name), file=sys.stderr)

388

sys.exit(1)

389

390

if not has_actions(options) and clients:

391

if options.verbose:

392

keywords = ("Name", "Enabled", "Timeout",

393

"LastCheckedOK", "Created", "Interval",

394

"Host", "Fingerprint", "CheckerRunning",

395

"LastEnabled", "ApprovalPending",

396

"ApprovedByDefault",

397

"LastApprovalRequest", "ApprovalDelay",

398

"ApprovalDuration", "Checker",

399

"ExtendedTimeout")

272

400

else:

273

# Process each client in the list by all selected options

274

for client in clients:

275

if options.remove:

276

mandos_serv.RemoveClient(client.__dbus_object_path__)

277

if options.enable:

278

client.Enable(dbus_interface=client_interface)

279

if options.disable:

280

client.Disable(dbus_interface=client_interface)

281

if options.bump_timeout:

282

client.CheckedOK(dbus_interface=client_interface)

283

if options.start_checker:

284

client.StartChecker(dbus_interface=client_interface)

285

if options.stop_checker:

286

client.StopChecker(dbus_interface=client_interface)

287

if options.is_enabled:

288

sys.exit(0 if client.Get(client_interface,

289

"Enabled",

290

dbus_interface=dbus.PROPERTIES_IFACE)

291

else 1)

292

if options.checker:

293

client.Set(client_interface, "Checker", options.checker,

294

dbus_interface=dbus.PROPERTIES_IFACE)

295

if options.host:

296

client.Set(client_interface, "Host", options.host,

297

dbus_interface=dbus.PROPERTIES_IFACE)

298

if options.interval:

299

client.Set(client_interface, "Interval",

300

timedelta_to_milliseconds

301

(string_to_delta(options.interval)),

302

dbus_interface=dbus.PROPERTIES_IFACE)

303

if options.approval_delay:

304

client.Set(client_interface, "ApprovalDelay",

305

timedelta_to_milliseconds

306

(string_to_delta(options.

307

approval_delay)),

308

dbus_interface=dbus.PROPERTIES_IFACE)

309

if options.approval_duration:

310

client.Set(client_interface, "ApprovalDuration",

311

timedelta_to_milliseconds

312

(string_to_delta(options.

313

approval_duration)),

314

dbus_interface=dbus.PROPERTIES_IFACE)

315

if options.timeout:

316

client.Set(client_interface, "Timeout",

317

timedelta_to_milliseconds

318

(string_to_delta(options.timeout)),

319

dbus_interface=dbus.PROPERTIES_IFACE)

320

if options.secret:

321

client.Set(client_interface, "Secret",

322

dbus.ByteArray(open(options.secret,

323

"rb").read()),

324

dbus_interface=dbus.PROPERTIES_IFACE)

325

if options.approved_by_default is not None:

326

client.Set(client_interface, "ApprovedByDefault",

327

dbus.Boolean(options

328

.approved_by_default),

329

dbus_interface=dbus.PROPERTIES_IFACE)

330

if options.approve:

331

client.Approve(dbus.Boolean(True),

332

dbus_interface=client_interface)

333

elif options.deny:

334

client.Approve(dbus.Boolean(False),

335

dbus_interface=client_interface)

401

keywords = defaultkeywords

402

403

print_clients(clients.values(), keywords)

404

else:

405

# Process each client in the list by all selected options

406

for client in clients:

407

def set_client_prop(prop, value):

408

"""Set a Client D-Bus property"""

409

client.Set(client_interface, prop, value,

410

dbus_interface=dbus.PROPERTIES_IFACE)

411

def set_client_prop_ms(prop, value):

412

"""Set a Client D-Bus property, converted

413

from a string to milliseconds."""

414

set_client_prop(prop,

415

timedelta_to_milliseconds

416

(string_to_delta(value)))

417

if options.remove:

418

mandos_serv.RemoveClient(client.__dbus_object_path__)

419

if options.enable:

420

set_client_prop("Enabled", dbus.Boolean(True))

421

if options.disable:

422

set_client_prop("Enabled", dbus.Boolean(False))

423

if options.bump_timeout:

424

set_client_prop("LastCheckedOK", "")

425

if options.start_checker:

426

set_client_prop("CheckerRunning", dbus.Boolean(True))

427

if options.stop_checker:

428

set_client_prop("CheckerRunning", dbus.Boolean(False))

429

if options.is_enabled:

430

sys.exit(0 if client.Get(client_interface,

431

"Enabled",

432

dbus_interface=

433

dbus.PROPERTIES_IFACE)

434

else 1)

435

if options.checker is not None:

436

set_client_prop("Checker", options.checker)

437

if options.host is not None:

438

set_client_prop("Host", options.host)

439

if options.interval is not None:

440

set_client_prop_ms("Interval", options.interval)

441

if options.approval_delay is not None:

442

set_client_prop_ms("ApprovalDelay",

443

options.approval_delay)

444

if options.approval_duration is not None:

445

set_client_prop_ms("ApprovalDuration",

446

options.approval_duration)

447

if options.timeout is not None:

448

set_client_prop_ms("Timeout", options.timeout)

449

if options.extended_timeout is not None:

450

set_client_prop_ms("ExtendedTimeout",

451

options.extended_timeout)

452

if options.secret is not None:

453

set_client_prop("Secret",

454

dbus.ByteArray(options.secret.read()))

455

if options.approved_by_default is not None:

456

set_client_prop("ApprovedByDefault",

457

dbus.Boolean(options

458

.approved_by_default))

459

if options.approve:

460

client.Approve(dbus.Boolean(True),

461

dbus_interface=client_interface)

462

elif options.deny:

463

client.Approve(dbus.Boolean(False),

464

dbus_interface=client_interface)

336

465

337

466

if __name__ == "__main__":

338

467

main()

Older »