[pve-devel] r5363 - in pve-access-control/trunk: . PVE PVE/API2
svn-commits at proxmox.com
svn-commits at proxmox.com
Wed Jan 12 12:41:51 CET 2011
Author: dietmar
Date: 2011-01-12 12:41:51 +0100 (Wed, 12 Jan 2011)
New Revision: 5363
Modified:
pve-access-control/trunk/ChangeLog
pve-access-control/trunk/PVE/API2/ACL.pm
pve-access-control/trunk/PVE/API2/Group.pm
pve-access-control/trunk/PVE/API2/Role.pm
pve-access-control/trunk/PVE/API2/User.pm
pve-access-control/trunk/PVE/AccessControl.pm
pve-access-control/trunk/pveum
Log:
2011-01-12 root <root at maui.maurer-it.com>
* PVE/AccessControl.pm: use new PVE::Cluster class and read data
from cluster filesystem (instead of local filesystem).
Modified: pve-access-control/trunk/ChangeLog
===================================================================
--- pve-access-control/trunk/ChangeLog 2011-01-12 08:16:31 UTC (rev 5362)
+++ pve-access-control/trunk/ChangeLog 2011-01-12 11:41:51 UTC (rev 5363)
@@ -1,3 +1,8 @@
+2011-01-12 root <root at maui.maurer-it.com>
+
+ * PVE/AccessControl.pm: use new PVE::Cluster class and read data
+ from cluster filesystem (instead of local filesystem).
+
2011-01-11 root <root at maui.maurer-it.com>
* control.in (Depends): depend on new pve-cluster package
Modified: pve-access-control/trunk/PVE/API2/ACL.pm
===================================================================
--- pve-access-control/trunk/PVE/API2/ACL.pm 2011-01-12 08:16:31 UTC (rev 5362)
+++ pve-access-control/trunk/PVE/API2/ACL.pm 2011-01-12 11:41:51 UTC (rev 5363)
@@ -2,7 +2,7 @@
use strict;
use warnings;
-use PVE::INotify qw (read_file write_file);
+use PVE::Cluster qw (cfs_read_file cfs_write_file);
use PVE::Tools qw(split_list);
use PVE::AccessControl;
@@ -30,7 +30,7 @@
my $res = [];
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
return $usercfg->{acl};
}});
@@ -58,7 +58,7 @@
PVE::AccessControl::lock_user_config(
sub {
- my $cfg = read_file("usercfg");
+ my $cfg = cfs_read_file("user.cfg");
my $propagate = $param->{propagate} ? 1 : 0;
@@ -98,7 +98,7 @@
}
}
- write_file("usercfg", $cfg);
+ cfs_write_file("user.cfg", $cfg);
}, "ACL update failed");
return undef;
Modified: pve-access-control/trunk/PVE/API2/Group.pm
===================================================================
--- pve-access-control/trunk/PVE/API2/Group.pm 2011-01-12 08:16:31 UTC (rev 5362)
+++ pve-access-control/trunk/PVE/API2/Group.pm 2011-01-12 11:41:51 UTC (rev 5363)
@@ -2,7 +2,7 @@
use strict;
use warnings;
-use PVE::INotify qw (read_file write_file);
+use PVE::Cluster qw (cfs_read_file cfs_write_file);
use PVE::AccessControl;
use PVE::SafeSyslog;
@@ -38,7 +38,7 @@
my $res = [];
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
foreach my $group (keys %{$usercfg->{groups}}) {
push @$res, { id => $group };
@@ -66,7 +66,7 @@
PVE::AccessControl::lock_user_config(
sub {
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
my $group = $param->{groupid};
@@ -75,7 +75,7 @@
$usercfg->{groups}->{$group} = {};
- write_file("usercfg", $usercfg);
+ cfs_write_file("user.cfg", $usercfg);
}, "create group failed");
return undef;
@@ -99,7 +99,7 @@
my $group = $param->{groupid};
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
my $data = $usercfg->{groups}->{$group};
@@ -128,7 +128,7 @@
PVE::AccessControl::lock_user_config(
sub {
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
my $group = $param->{groupid};
@@ -139,7 +139,7 @@
PVE::AccessControl::delete_group_acl($group, $usercfg);
- write_file("usercfg", $usercfg);
+ cfs_write_file("user.cfg", $usercfg);
}, "delete group failed");
return undef;
Modified: pve-access-control/trunk/PVE/API2/Role.pm
===================================================================
--- pve-access-control/trunk/PVE/API2/Role.pm 2011-01-12 08:16:31 UTC (rev 5362)
+++ pve-access-control/trunk/PVE/API2/Role.pm 2011-01-12 11:41:51 UTC (rev 5363)
@@ -2,7 +2,7 @@
use strict;
use warnings;
-use PVE::INotify qw (read_file write_file);
+use PVE::Cluster qw (cfs_read_file cfs_write_file);
use PVE::AccessControl;
use PVE::SafeSyslog;
@@ -38,7 +38,7 @@
my $res = [];
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
foreach my $role (keys %{$usercfg->{roles}}) {
push @$res, { id => $role };
@@ -67,7 +67,7 @@
PVE::AccessControl::lock_user_config(
sub {
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
my $role = $param->{roleid};
@@ -78,7 +78,7 @@
PVE::AccessControl::add_role_privs($role, $usercfg, $param->{privs});
- write_file("usercfg", $usercfg);
+ cfs_write_file("user.cfg", $usercfg);
}, "create role failed");
return undef;
@@ -111,7 +111,7 @@
my $role = $param->{roleid};
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
die "role '$role' does not exist\n"
if !$usercfg->{roles}->{$role};
@@ -120,7 +120,7 @@
PVE::AccessControl::add_role_privs($role, $usercfg, $param->{privs});
- write_file("usercfg", $usercfg);
+ cfs_write_file("user.cfg", $usercfg);
}, "update role failed");
return undef;
@@ -142,7 +142,7 @@
code => sub {
my ($param) = @_;
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
my $role = $param->{roleid};
@@ -175,7 +175,7 @@
my $role = $param->{roleid};
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
die "role '$role' does not exist\n"
if !$usercfg->{roles}->{$role};
@@ -184,7 +184,7 @@
# fixme: delete role from acl?
- write_file("usercfg", $usercfg);
+ cfs_write_file("user.cfg", $usercfg);
}, "delete role failed");
return undef;
Modified: pve-access-control/trunk/PVE/API2/User.pm
===================================================================
--- pve-access-control/trunk/PVE/API2/User.pm 2011-01-12 08:16:31 UTC (rev 5362)
+++ pve-access-control/trunk/PVE/API2/User.pm 2011-01-12 11:41:51 UTC (rev 5363)
@@ -2,7 +2,7 @@
use strict;
use warnings;
-use PVE::INotify qw (read_file write_file);
+use PVE::Cluster qw (cfs_read_file cfs_write_file);
use PVE::Tools qw(split_list);
use PVE::AccessControl;
@@ -39,7 +39,7 @@
my $res = [];
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
foreach my $user (keys %{$usercfg->{users}}) {
next if $user eq 'root';
@@ -96,7 +96,7 @@
my ($username, undef, $domain) =
PVE::AccessControl::verify_username($param->{userid});
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
die "user '$username' already exists\n"
if $usercfg->{users}->{$username};
@@ -121,7 +121,7 @@
}
}
- write_file("usercfg", $usercfg);
+ cfs_write_file("user.cfg", $usercfg);
}, "create user failed");
return undef;
@@ -145,7 +145,7 @@
my ($username, undef, $domain) =
PVE::AccessControl::verify_username($param->{userid});
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
my $data = $usercfg->{users}->{$username};
@@ -190,7 +190,7 @@
my ($username, undef, $domain) =
PVE::AccessControl::verify_username($param->{userid});
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
die "user '$username' does not exist\n"
if !$usercfg->{users}->{$username};
@@ -224,7 +224,7 @@
PVE::AccessControl::comment_user($username, $usercfg) if $param->{comment};
- write_file("usercfg", $usercfg);
+ cfs_write_file("user.cfg", $usercfg);
}, "update user failed");
return undef;
@@ -252,7 +252,7 @@
my ($username, undef, $domain) =
PVE::AccessControl::verify_username($param->{userid});
- my $usercfg = read_file("usercfg");
+ my $usercfg = cfs_read_file("user.cfg");
die "user '$username' does not exist\n"
if !$usercfg->{users}->{$username};
@@ -263,7 +263,7 @@
PVE::AccessControl::delete_user_group($username, $usercfg);
PVE::AccessControl::delete_user_acl($username, $usercfg);
- write_file("usercfg", $usercfg);
+ cfs_write_file("user.cfg", $usercfg);
}, "delete user failed");
return undef;
Modified: pve-access-control/trunk/PVE/AccessControl.pm
===================================================================
--- pve-access-control/trunk/PVE/AccessControl.pm 2011-01-12 08:16:31 UTC (rev 5362)
+++ pve-access-control/trunk/PVE/AccessControl.pm 2011-01-12 11:41:51 UTC (rev 5363)
@@ -9,7 +9,7 @@
use Authen::PAM qw(:constants);
use Net::LDAP;
use PVE::Tools qw(run_command lock_file file_get_contents split_list safe_print);
-use PVE::INotify qw(register_file read_file write_file);
+use PVE::Cluster qw(cfs_register_file cfs_read_file cfs_write_file);
use PVE::JSONSchema;
use Data::Dumper; # fixme: remove
@@ -24,43 +24,27 @@
my $authdir = "$confdir/priv";
my $authprivkeyfn = "$authdir/authkey.key";
my $authpubkeyfn = "$confdir/authkey.pub";
-my $userconfigfile = "user.cfg";
-my $userconfigpath = "$confdir/$userconfigfile";
-my $userconfiglock = "$lockdir/.lock-$userconfigfile";
-my $shadowconfigfile = "shadow.cfg";
-my $shadowconfigpath = "$authdir/$shadowconfigfile";
-my $shadowconfiglock = "$lockdir/.lock-$shadowconfigfile";
-my $domainconfigfile = "domains.cfg";
-my $domainconfigpath = "$authdir/$domainconfigfile";
+my $userconfiglock = "$lockdir/.lock-user.cfg";
+my $shadowconfigfile = "priv/shadow.cfg";
+my $shadowconfiglock = "$lockdir/.lock-shadow.cfg";
+my $domainconfigfile = "priv/domains.cfg";
my $ticket_lifetime = 3600*2; # 2 hours
Crypt::OpenSSL::RSA->import_random_seed();
-register_file('usercfg', $userconfigpath,
- \&parse_user_config, \&write_user_config);
+cfs_register_file('user.cfg',
+ \&parse_user_config,
+ \&write_user_config);
-register_file('shadowpasswd', $shadowconfigpath,
- \&parse_shadow_passwd, \&write_shadow_config, undef,
- perm => 0600);
+cfs_register_file($shadowconfigfile,
+ \&parse_shadow_passwd,
+ \&write_shadow_config);
-register_file('domaincfg', $domainconfigpath, \&parse_domains);
+cfs_register_file($domainconfigfile,
+ \&parse_domains);
-sub cond_create_auth_key {
- return if -f "$authprivkeyfn";
-
- (-l "$confdir/local" ) || die "pve configuration filesystem not mounted\n";
-
- mkdir $authdir || die "unable to create dir '$authdir' - $!\n";
-
- my $cmd = "openssl genrsa -out '$authprivkeyfn' 2048";
- run_command($cmd);
-
- $cmd = "openssl rsa -in '$authprivkeyfn' -pubout -out '$authpubkeyfn'";
- run_command($cmd)
-}
-
sub lock_user_config {
my ($code, $errmsg) = @_;
@@ -155,7 +139,7 @@
die "no password\n" if !$password;
- my $shadow_cfg = read_file($shadowconfigpath);
+ my $shadow_cfg = cfs_read_file($shadowconfigfile);
if ($shadow_cfg->{users}->{$username}) {
my $encpw = crypt($password, $shadow_cfg->{users}->{$username}->{shadow});
@@ -251,7 +235,7 @@
my ($username, $password) = @_;
- my $domain_cfg = read_file($domainconfigpath);
+ my $domain_cfg = cfs_read_file($domainconfigfile);
my (undef, $user, $domain) = verify_username($username);
@@ -343,7 +327,7 @@
($username, $user, $domain) = verify_username($username);
- my $usercfg = read_file($userconfigpath);
+ my $usercfg = cfs_read_file('user.cfg');
die "no such user ('$username')\n" if !user_enabled($usercfg, $username);
@@ -369,10 +353,10 @@
my ($username) = @_;
lock_shadow_config(sub {
- my $shadow_cfg = read_file($shadowconfigpath);
+ my $shadow_cfg = cfs_read_file($shadowconfigfile);
delete ($shadow_cfg->{users}->{$username})
if $shadow_cfg->{users}->{$username};
- write_file($shadowconfigpath, $shadow_cfg);
+ cfs_write_file($shadowconfigfile, $shadow_cfg);
});
}
@@ -380,9 +364,9 @@
my ($username,$password) = @_;
lock_shadow_config(sub {
- my $shadow_cfg = read_file($shadowconfigpath);
+ my $shadow_cfg = cfs_read_file($shadowconfigfile);
$shadow_cfg->{users}->{$username}->{shadow} = encrypt_pw($password);
- write_file($shadowconfigpath, $shadow_cfg);
+ cfs_write_file($shadowconfigfile, $shadow_cfg);
});
}
@@ -616,135 +600,131 @@
}
sub parse_user_config {
- my ($filename, $fh) = @_;
+ my ($filename, $raw) = @_;
my $cfg = {};
userconfig_force_defaults($cfg);
- die "MODE: '$/'" if !$/;
+ $raw = "" if !defined($raw);
+ while ($raw =~ s/^(.*)\n//) {
+ my $line = $1;
- if ($fh) {
- while (defined (my $line = <$fh>)) {
- chomp $line;
+ next if $line =~ m/^\s*$/; # skip empty lines
- next if $line =~ m/^\s*$/; # skip empty lines
+ my @data;
- my @data;
+ foreach my $d (split (/:/, $line)) {
+ $d =~ s/^\s+//;
+ $d =~ s/\s+$//;
+ push @data, $d
+ }
- foreach my $d (split (/:/, $line)) {
- $d =~ s/^\s+//;
- $d =~ s/\s+$//;
- push @data, $d
- }
+ my $et = shift @data;
- my $et = shift @data;
+ if ($et eq 'user') {
+ my ($user, $enabled) = @data;
- if ($et eq 'user') {
- my ($user, $enabled) = @data;
-
- if (!verify_username($user, 1)) {
- warn "user config - ignore user '$user' - invalid characters in user name\n";
- next;
- }
+ if (!verify_username($user, 1)) {
+ warn "user config - ignore user '$user' - invalid characters in user name\n";
+ next;
+ }
- $enabled = $enabled ? 1 : 0;
+ $enabled = $enabled ? 1 : 0;
- #if (!verify_groupname ($group, 1)) {
- # warn "user config - ignore user '$user' - invalid characters in group name\n";
- # next;
- #}
+ #if (!verify_groupname ($group, 1)) {
+ # warn "user config - ignore user '$user' - invalid characters in group name\n";
+ # next;
+ #}
+ $cfg->{users}->{$user} = {
+ enabled => $enabled,
+ # group => $group,
+ };
- $cfg->{users}->{$user} = {
- enabled => $enabled,
- # group => $group,
- };
+ #$cfg->{users}->{$user}->{groups}->{$group} = 1;
+ #$cfg->{groups}->{$group}->{$user} = 1;
- #$cfg->{users}->{$user}->{groups}->{$group} = 1;
- #$cfg->{groups}->{$group}->{$user} = 1;
+ } elsif ($et eq 'group') {
+ my ($group, $userlist) = @data;
- } elsif ($et eq 'group') {
- my ($group, $userlist) = @data;
+ if (!verify_groupname($group, 1)) {
+ warn "user config - ignore group '$group' - invalid characters in group name\n";
+ next;
+ }
- if (!verify_groupname($group, 1)) {
- warn "user config - ignore group '$group' - invalid characters in group name\n";
+ # make sure to add the group (even if there are no members)
+ $cfg->{groups}->{$group} = {} if !$cfg->{groups}->{$group};
+
+ foreach my $user (split_list($userlist)) {
+
+ if (!verify_username($user, 1)) {
+ warn "user config - ignore invalid group member '$user'\n";
next;
}
- # make sure to add the group (even if there are no members)
- $cfg->{groups}->{$group} = {} if !$cfg->{groups}->{$group};
-
- foreach my $user (split_list($userlist)) {
-
- if (!verify_username($user, 1)) {
- warn "user config - ignore invalid group member '$user'\n";
- next;
- }
-
- if ($cfg->{users}->{$user}) { # user exists
- $cfg->{users}->{$user}->{groups}->{$group} = 1;
- $cfg->{groups}->{$group}->{$user} = 1;
- } else {
- warn "user config - ignore invalid group member '$user'\n";
- }
+ if ($cfg->{users}->{$user}) { # user exists
+ $cfg->{users}->{$user}->{groups}->{$group} = 1;
+ $cfg->{groups}->{$group}->{$user} = 1;
+ } else {
+ warn "user config - ignore invalid group member '$user'\n";
}
+ }
- } elsif ($et eq 'role') {
- my ($role, $privlist) = @data;
+ } elsif ($et eq 'role') {
+ my ($role, $privlist) = @data;
- if (!verify_rolename($role, 1)) {
- warn "user config - ignore role '$role' - invalid characters in role name\n";
- next;
- }
+ if (!verify_rolename($role, 1)) {
+ warn "user config - ignore role '$role' - invalid characters in role name\n";
+ next;
+ }
- # make sure to add the role (even if there are no privileges)
- $cfg->{roles}->{$role} = {} if !$cfg->{roles}->{$role};
+ # make sure to add the role (even if there are no privileges)
+ $cfg->{roles}->{$role} = {} if !$cfg->{roles}->{$role};
- foreach my $priv (split_list($privlist)) {
- if (defined ($valid_privs->{$priv})) {
- $cfg->{roles}->{$role}->{$priv} = 1;
- } else {
- warn "user config - ignore invalid priviledge '$priv'\n";
- }
- }
+ foreach my $priv (split_list($privlist)) {
+ if (defined ($valid_privs->{$priv})) {
+ $cfg->{roles}->{$role}->{$priv} = 1;
+ } else {
+ warn "user config - ignore invalid priviledge '$priv'\n";
+ }
+ }
+
+ } elsif ($et eq 'acl') {
+ my ($propagate, $pathtxt, $uglist, $rolelist) = @data;
- } elsif ($et eq 'acl') {
- my ($propagate, $pathtxt, $uglist, $rolelist) = @data;
-
- if (my $path = normalize_path($pathtxt)) {
- foreach my $role (split_list($rolelist)) {
+ if (my $path = normalize_path($pathtxt)) {
+ foreach my $role (split_list($rolelist)) {
- if (!verify_rolename($role, 1)) {
- warn "user config - ignore invalid role name '$role' in acl\n";
- next;
- }
+ if (!verify_rolename($role, 1)) {
+ warn "user config - ignore invalid role name '$role' in acl\n";
+ next;
+ }
- foreach my $ug (split_list($uglist)) {
- if ($ug =~ m/^@(\w+)$/) {
- my $group = $1;
- if ($cfg->{groups}->{$group}) { # group exists
- $cfg->{acl}->{$path}->{groups}->{$group}->{$role} = $propagate;
- } else {
- warn "user config - ignore invalid acl group '$group'\n";
- }
- } elsif (verify_username($ug, 1)) {
- if ($cfg->{users}->{$ug}) { # user exists
- $cfg->{acl}->{$path}->{users}->{$ug}->{$role} = $propagate;
- } else {
- warn "user config - ignore invalid acl member '$ug'\n";
- }
+ foreach my $ug (split_list($uglist)) {
+ if ($ug =~ m/^@(\w+)$/) {
+ my $group = $1;
+ if ($cfg->{groups}->{$group}) { # group exists
+ $cfg->{acl}->{$path}->{groups}->{$group}->{$role} = $propagate;
} else {
- warn "user config - invalid user/group '$ug' in acl\n";
+ warn "user config - ignore invalid acl group '$group'\n";
}
+ } elsif (verify_username($ug, 1)) {
+ if ($cfg->{users}->{$ug}) { # user exists
+ $cfg->{acl}->{$path}->{users}->{$ug}->{$role} = $propagate;
+ } else {
+ warn "user config - ignore invalid acl member '$ug'\n";
+ }
+ } else {
+ warn "user config - invalid user/group '$ug' in acl\n";
}
}
- } else {
- warn "user config - ignore invalid path in acl '$pathtxt'\n";
}
} else {
- warn "user config - ignore config line: $line\n";
+ warn "user config - ignore invalid path in acl '$pathtxt'\n";
}
+ } else {
+ warn "user config - ignore config line: $line\n";
}
}
@@ -754,42 +734,40 @@
}
sub parse_shadow_passwd {
- my ($filename, $fh) = @_;
+ my ($filename, $raw) = @_;
my $shadow = {};
- die "MODE: '$/'" if !$/;
+ $raw = "" if !defined($raw);
- if ($fh) {
- while (defined (my $line = <$fh>)) {
- chomp $line;
+ while ($raw =~ s/^(.*)\n//) {
+ my $line = $1;
- next if $line =~ m/^\s*$/; # skip empty lines
+ next if $line =~ m/^\s*$/; # skip empty lines
- if ($line !~ m/^\S+:\S+:$/) {
- warn "pve shadow password: ignore invalid line $.\n";
- next;
- }
+ if ($line !~ m/^\S+:\S+:$/) {
+ warn "pve shadow password: ignore invalid line $.\n";
+ next;
+ }
- my ($username,$crypt_pass) = split (/:/, $line);
- $shadow->{users}->{$username}->{shadow} = $crypt_pass;
- }
+ my ($username,$crypt_pass) = split (/:/, $line);
+ $shadow->{users}->{$username}->{shadow} = $crypt_pass;
}
return $shadow;
}
sub parse_domains {
- my ($filename, $fh) = @_;
+ my ($filename, $raw) = @_;
my $connlist = [];
my $ad;
- die "MODE: '$/'" if !$/;
+ $raw = "" if !defined($raw);
- while ($fh && defined (my $line = <$fh>)) {
- chomp $line;
-
+ while ($raw =~ s/^(.*)\n//) {
+ my $line = $1;
+
next if $line =~ m/^\#/; # skip comment lines
next if $line =~ m/^\s*$/; # skip empty lines
@@ -813,7 +791,9 @@
}
}
- while (defined ($line = <$fh>)) {
+ while ($raw =~ s/^(.*)\n//) {
+ $line = $1;
+
next if $line =~ m/^\#/; #skip comment lines
last if $line =~ m/^\s*$/;
@@ -868,7 +848,7 @@
}
sub write_shadow_config {
- my ($filename, $fh, $cfg) = @_;
+ my ($filename, $cfg) = @_;
my $data = '';
foreach my $user (keys %{$cfg->{users}}) {
@@ -876,13 +856,11 @@
$data .= "$user:$crypt_pass:\n";
}
- safe_print($filename, $fh, $data);
-
- return $cfg;
+ return $data
}
sub write_user_config {
- my ($filename, $fh, $cfg) = @_;
+ my ($filename, $cfg) = @_;
my $data = '';
@@ -966,10 +944,8 @@
$data .= "acl:1:$path:$uglist:$rolelist:\n";
}
}
-
- safe_print($filename, $fh, $data);
- return $cfg;
+ return $data;
}
sub roles {
Modified: pve-access-control/trunk/pveum
===================================================================
--- pve-access-control/trunk/pveum 2011-01-12 08:16:31 UTC (rev 5362)
+++ pve-access-control/trunk/pveum 2011-01-12 11:41:51 UTC (rev 5363)
@@ -3,6 +3,7 @@
use strict;
use Getopt::Long;
use PVE::Tools qw(run_command);
+use PVE::Cluster;
use PVE::AccessControl;
use File::Path qw(make_path remove_tree);
use Term::ReadLine;
@@ -26,6 +27,7 @@
die "please run as root\n" if $> != 0;
PVE::INotify::inotify_init();
+PVE::Cluster::cfs_update();
my $rpcenv = PVE::RPCEnvironment->init('cli');
@@ -34,7 +36,7 @@
$rpcenv->set_user('root');
# autmatically generate the private key if it does not already exists
-PVE::AccessControl::cond_create_auth_key();
+PVE::Cluster::gen_auth_key();
my $read_password = sub {
More information about the pve-devel
mailing list