/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-ctl

  • Committer: teddy at recompile
  • Date: 2020-02-05 21:39:28 UTC
  • Revision ID: teddy@recompile.se-20200205213928-vpvt0fwfg47ikv6f
Allow users to alter ask-password-mandos.service

If a user uses dracut with systemd and wishes to modify the options
passed to password-agent(8mandos) or mandos-client(8mandos), they
should be able to do so by simply creating a file
/etc/systemd/system/ask-password-mandos.service.d/override.conf,
containing, for instance:

[Service]
Environment=MANDOS_CLIENT_OPTIONS=--debug

Adding PASSWORD_AGENT_OPTIONS should also be possible (but should not
normally be needed).

* dracut-module/ask-password-mandos.service ([Service]/ExecStart): Add
  $PASSWORD_AGENT_OPTIONS before "--" and "$MANDOS_CLIENT_OPTIONS" to
  end of line.
* dracut-module/module-setup.sh (install): Install all files named
  /etc/systemd/system/ask-password-mandos.service.d/*.conf if any
  exists.  Also add --dh-params before $MANDOS_CLIENT_OPTIONS instead
  of at end of line.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
1
#!/usr/bin/python3 -bbI
2
2
# -*- after-save-hook: (lambda () (let ((command (if (fboundp 'file-local-name) (file-local-name (buffer-file-name)) (or (file-remote-p (buffer-file-name) 'localname) (buffer-file-name))))) (if (= (progn (if (get-buffer "*Test*") (kill-buffer "*Test*")) (process-file-shell-command (format "%s --check" (shell-quote-argument command)) nil "*Test*")) 0) (let ((w (get-buffer-window "*Test*"))) (if w (delete-window w))) (progn (with-current-buffer "*Test*" (compilation-mode)) (display-buffer "*Test*" '(display-buffer-in-side-window)))))); coding: utf-8 -*-
3
3
#
4
 
# Mandos Control - Control or query the Mandos server
 
4
# Mandos Monitor - Control and monitor the Mandos server
5
5
#
6
 
# Copyright © 2008-2020 Teddy Hogeborn
7
 
# Copyright © 2008-2020 Björn Påhlsson
 
6
# Copyright © 2008-2019 Teddy Hogeborn
 
7
# Copyright © 2008-2019 Björn Påhlsson
8
8
#
9
9
# This file is part of Mandos.
10
10
#
89
89
 
90
90
locale.setlocale(locale.LC_ALL, "")
91
91
 
92
 
version = "1.8.14"
 
92
version = "1.8.9"
93
93
 
94
94
 
95
95
def main():
102
102
    clientnames = options.client
103
103
 
104
104
    if options.debug:
105
 
        logging.getLogger("").setLevel(logging.DEBUG)
 
105
        log.setLevel(logging.DEBUG)
106
106
 
107
107
    if dbussy is not None and ravel is not None:
108
108
        bus = dbussy_adapter.CachingBus(dbussy, ravel)
726
726
            with self.convert_exception(dbus.Error):
727
727
                value =  method(*args)
728
728
            # DBussy returns values either as an empty list or as a
729
 
            # list of one element with the return value
 
729
            # tuple: (signature, value)
730
730
            if value:
731
731
                return self.type_filter(value[0])
732
732
 
738
738
 
739
739
        def type_filter(self, value):
740
740
            """Convert the most bothersome types to Python types"""
741
 
            # A D-Bus Variant value is represented as the Python type
742
 
            # Tuple[dbussy.DBUS.Signature, Any]
743
741
            if isinstance(value, tuple):
744
742
                if (len(value) == 2
745
743
                    and isinstance(value[0],
2439
2437
        busname = "se.recompile.Mandos"
2440
2438
        client_interface = "se.recompile.Mandos.Client"
2441
2439
        command.Approve().run(self.bus.clients, self.bus)
2442
 
        self.assertTrue(self.bus.clients)
2443
2440
        for clientpath in self.bus.clients:
2444
2441
            self.assertIn(("Approve", busname, clientpath,
2445
2442
                           client_interface, (True,)), self.bus.calls)
2448
2445
        busname = "se.recompile.Mandos"
2449
2446
        client_interface = "se.recompile.Mandos.Client"
2450
2447
        command.Deny().run(self.bus.clients, self.bus)
2451
 
        self.assertTrue(self.bus.clients)
2452
2448
        for clientpath in self.bus.clients:
2453
2449
            self.assertIn(("Approve", busname, clientpath,
2454
2450
                           client_interface, (False,)),
2455
2451
                          self.bus.calls)
2456
2452
 
2457
2453
    def test_Remove(self):
2458
 
        busname = "se.recompile.Mandos"
2459
 
        server_path = "/"
2460
 
        server_interface = "se.recompile.Mandos"
2461
 
        orig_clients = self.bus.clients.copy()
2462
2454
        command.Remove().run(self.bus.clients, self.bus)
2463
 
        self.assertFalse(self.bus.clients)
2464
 
        for clientpath in orig_clients:
2465
 
            self.assertIn(("RemoveClient", busname,
2466
 
                           server_path, server_interface,
 
2455
        for clientpath in self.bus.clients:
 
2456
            self.assertIn(("RemoveClient", dbus_busname,
 
2457
                           dbus_server_path, dbus_server_interface,
2467
2458
                           (clientpath,)), self.bus.calls)
2468
2459
 
2469
2460
    expected_json = {
2671
2662
        else:
2672
2663
            cmd_args = [() for x in range(len(self.values_to_get))]
2673
2664
            values_to_get = self.values_to_get
2674
 
        self.assertTrue(values_to_get)
2675
2665
        for value_to_get, cmd_arg in zip(values_to_get, cmd_args):
2676
2666
            for clientpath in self.bus.clients:
2677
2667
                self.bus.clients[clientpath][self.propname] = (
2678
2668
                    Unique())
2679
2669
            self.command(*cmd_arg).run(self.bus.clients, self.bus)
2680
 
            self.assertTrue(self.bus.clients)
2681
2670
            for clientpath in self.bus.clients:
2682
2671
                value = (self.bus.clients[clientpath]
2683
2672
                         [self.propname])