9.1.4.1.1. cobbler.modules.authentication package

9.1.4.1.1.1. Submodules

9.1.4.1.1.2. cobbler.modules.authentication.configfile module

Authentication module that uses /etc/cobbler/auth.conf Choice of authentication module is in /etc/cobbler/modules.conf

Copyright 2007-2009, Red Hat, Inc and Others Michael DeHaan <michael.dehaan AT gmail>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

cobbler.modules.authentication.configfile.authenticate(api_handle, username: str, password: str) bool[source]

Validate a username/password combo.

Thanks to http://trac.edgewall.org/ticket/845 for supplying the algorithm info.

Parameters
  • api_handle – Unused in this implementation.

  • username – The username to log in with. Must be contained in /etc/cobbler/users.digest

  • password – The password to log in with. Must be contained hashed in /etc/cobbler/users.digest

Returns

A boolean which contains the information if the username/password combination is correct.

cobbler.modules.authentication.configfile.hashfun(text: str) str[source]

Converts a str object to a hash which was configured in modules.conf of the Cobbler settings.

Parameters

text – The text to hash.

Returns

The hash of the text. This should output the same hash when entered the same text.

cobbler.modules.authentication.configfile.register() str[source]

The mandatory Cobbler module registration hook.

9.1.4.1.1.3. cobbler.modules.authentication.denyall module

Authentication module that denies everything. Used to disable the WebUI by default.

Copyright 2007-2009, Red Hat, Inc and Others Michael DeHaan <michael.dehaan AT gmail>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

cobbler.modules.authentication.denyall.authenticate(api_handle, username, password) bool[source]

Validate a username/password combo, returning True/False

Thanks to http://trac.edgewall.org/ticket/845 for supplying the algorithm info.

cobbler.modules.authentication.denyall.register() str[source]

The mandatory Cobbler module registration hook.

9.1.4.1.1.4. cobbler.modules.authentication.ldap module

Authentication module that uses ldap Settings in /etc/cobbler/authn_ldap.conf Choice of authentication module is in /etc/cobbler/modules.conf

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

cobbler.modules.authentication.ldap.authenticate(api_handle, username, password) bool[source]

Validate an LDAP bind, returning whether the authentication was successful or not.

Parameters
  • api_handle – The api instance to resolve settings.

  • username – The username to authenticate.

  • password – The password to authenticate.

Returns

True if the ldap server authentication was a success, otherwise false.

Raises

CX – Raised in case the LDAP search bind credentials are missing in the settings.

cobbler.modules.authentication.ldap.register() str[source]

The mandatory Cobbler module registration hook.

Returns

Always “authn”

9.1.4.1.1.5. cobbler.modules.authentication.pam module

Authentication module that uses /etc/cobbler/auth.conf Choice of authentication module is in /etc/cobbler/modules.conf

Copyright 2007-2009, Red Hat, Inc and Others Michael DeHaan <michael.dehaan AT gmail>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

PAM python code based on the pam_python code created by Chris AtLee: http://atlee.ca/software/pam/

#———————————————– pam_python (c) 2007 Chris AtLee <chris@atlee.ca> Licensed under the MIT license: http://www.opensource.org/licenses/mit-license.php

PAM module for python

Provides an authenticate function that will allow the caller to authenticate a user against the Pluggable Authentication Modules (PAM) on the system.

Implemented using ctypes, so no compilation is necessary.

class cobbler.modules.authentication.pam.PamConv[source]

Bases: _ctypes.Structure

wrapper class for pam_conv structure

appdata_ptr

Structure/Union member

conv

Structure/Union member

class cobbler.modules.authentication.pam.PamHandle[source]

Bases: _ctypes.Structure

wrapper class for pam_handle_t

handle

Structure/Union member

class cobbler.modules.authentication.pam.PamMessage[source]

Bases: _ctypes.Structure

wrapper class for pam_message structure

msg

Structure/Union member

msg_style

Structure/Union member

class cobbler.modules.authentication.pam.PamResponse[source]

Bases: _ctypes.Structure

wrapper class for pam_response structure

resp

Structure/Union member

resp_retcode

Structure/Union member

cobbler.modules.authentication.pam.authenticate(api_handle, username: str, password: str) bool[source]

Validate PAM authentication, returning whether the authentication was successful or not.

Parameters
  • api_handle – Used for resolving the the pam service name and getting the Logger.

  • username – The username to log in with.

  • password – The password to log in with.

Returns

True if the given username and password authenticate for the given service. Otherwise False

cobbler.modules.authentication.pam.register() str[source]

The mandatory Cobbler module registration hook.

9.1.4.1.1.6. cobbler.modules.authentication.passthru module

Authentication module that defers to Apache and trusts what Apache trusts.

Copyright 2008-2009, Red Hat, Inc and Others Michael DeHaan <michael.dehaan AT gmail>

This software may be freely redistributed under the terms of the GNU general public license.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

cobbler.modules.authentication.passthru.authenticate(api_handle, username, password) bool[source]

Validate a username/password combo. Uses cobbler_auth_helper

Parameters
  • api_handle – This parameter is not used currently.

  • username – This parameter is not used currently.

  • password – This should be the internal Cobbler secret.

Returns

True if the password is the secret, otherwise false.

cobbler.modules.authentication.passthru.register() str[source]

The mandatory Cobbler module registration hook.

Returns

Always “authn”

9.1.4.1.1.7. cobbler.modules.authentication.spacewalk module

Authentication module that uses Spacewalk’s auth system. Any org_admin or kickstart_admin can get in.

Copyright 2007-2008, Red Hat, Inc and Others Michael DeHaan <michael.dehaan AT gmail>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

cobbler.modules.authentication.spacewalk.authenticate(api_handle, username: str, password: str) bool[source]

Validate a username/password combo. This will pass the username and password back to Spacewalk to see if this authentication request is valid.

See also: https://github.com/uyuni-project/uyuni/blob/master/java/code/src/com/redhat/rhn/frontend/xmlrpc/auth/AuthHandler.java#L133

Parameters
  • api_handle – The api instance to retrieve settings of.

  • username – The username to authenticate against spacewalk/uyuni/SUSE Manager

  • password – The password to authenticate against spacewalk/uyuni/SUSE Manager

Returns

True if it succeeded, False otherwise.

Raises

CX – Raised in case api_handle is missing.

cobbler.modules.authentication.spacewalk.register() str[source]

The mandatory Cobbler module registration hook.

9.1.4.1.1.8. cobbler.modules.authentication.testing module

Authentication module that denies everything. Unsafe demo. Allows anyone in with testing/testing.

Copyright 2007-2009, Red Hat, Inc and Others Michael DeHaan <michael.dehaan AT gmail>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

cobbler.modules.authentication.testing.authenticate(api_handle, username: str, password: str) bool[source]

Validate a username/password combo, returning True/False

Thanks to http://trac.edgewall.org/ticket/845 for supplying the algorithm info.

Parameters
  • api_handle – This parameter is not used currently.

  • username – The username which should be checked.

  • password – The password which should be checked.

Returns

True if username is “testing” and password is “testing”. Otherwise False.

cobbler.modules.authentication.testing.register() str[source]

The mandatory Cobbler module registration hook.

Returns

Always “authn”

9.1.4.1.1.9. Module contents

This module represents all Cobbler methods of authentication. All present modules may be used through the configuration file modules.conf normally found at /etc/cobbler/.