Skip to content

Commit

Permalink
Merge pull request #143 from shon/master
Browse files Browse the repository at this point in the history
ssh_unauthorize
  • Loading branch information
Sébastien Pierre committed Mar 26, 2013
2 parents fbe82a5 + 3b86aa2 commit 28ab754
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 4 deletions.
24 changes: 23 additions & 1 deletion src/cuisine.py
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,8 @@
"""

from __future__ import with_statement
import base64, hashlib, os, re, string, tempfile, subprocess, types, functools, StringIO
import base64, hashlib, os, re, string, tempfile, subprocess, types
import tempfile, functools, StringIO
import fabric, fabric.api, fabric.operations, fabric.context_managers

VERSION = "0.5.6"
Expand Down Expand Up @@ -1174,6 +1175,27 @@ def ssh_authorize(user, key):
file_write(keyf, key, owner=user, group=group, mode="600")
return False

def ssh_unauthorize(user, key):
"""Removes the given key to the '.ssh/authorized_keys' for the given
user."""
d = user_check(user, need_passwd=False)
group = d["gid"]
keyf = d["home"] + "/.ssh/authorized_keys"
if file_exists(keyf):
tmpfile = tempfile.NamedTemporaryFile()
fabric.operations.get(keyf, tmpfile.name)
keys = [line.strip() for line in tmpfile]
tmpfile.close()
if key in keys:
tmpfile = tempfile.NamedTemporaryFile()
keys.remove(key)
content = '\n'.join(keys) + '\n'
tmpfile.write(content)
tmpfile.flush()
fabric.operations.put(tmpfile.name, keyf, mode=0600)
tmpfile.close()
return True

# =============================================================================
#
# UPSTART
Expand Down
17 changes: 14 additions & 3 deletions tests/all.py
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,8 @@ def testInstall( self ):

class SSHKeys(unittest.TestCase):

key = "ssh-dss XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX= user@cuisine"""

def testKeygen( self ):
pass
# if cuisine.ssh_keygen(USER):
Expand All @@ -229,9 +231,18 @@ def testKeygen( self ):
# print "SSH keys created"

def testAuthorize( self ):
key = "ssh-dss XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX= user@cuisine"""
cuisine.ssh_authorize(USER, key)
# FIXME: Should check that the key is present, and only one
cuisine.ssh_authorize(USER, self.key)
d = cuisine.user_check(USER, need_passwd=False)
keyf = d["home"] + "/.ssh/authorized_keys"
keys = [line.strip() for line in open(keyf)]
assert keys.count(self.key) == 1

def testUnauthorize( self ):
cuisine.ssh_unauthorize(USER, self.key)
d = cuisine.user_check(USER, need_passwd=False)
keyf = d["home"] + "/.ssh/authorized_keys"
keys = [line.strip() for line in open(keyf)]
assert keys.count(self.key) == 0

if __name__ == "__main__":
# We bypass fabric as we want the tests to be run locally
Expand Down

0 comments on commit 28ab754

Please sign in to comment.