NuKVM/virt-manager
3
0
Fork 0
mirror of https://github.com/virt-manager/virt-manager.git synced 2025-02-09 23:15:46 -06:00
Code Issues Packages Projects Releases Wiki Activity

Added support for libvirt authentication

Browse Source
This commit is contained in:
Daniel P. Berrange 2008-01-31 11:39:10 -05:00
parent 8d97cc05c8
commit 54647c5846
7 changed files with 106 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README
View File

@ -28,14 +28,15 @@ please report any success to the mailing lists
python >= 2.4
pygtk2 >= 1.99.12-6
gnome-python2-gconf >= 1.99.11-7
libvirt-python >= 0.2.1
libvirt-python >= 0.4.0
dbus-python >= 0.61
gnome-keyring >= 0.4.9
gnome-python-desktop >= 2.15.4
libxml2-python >= 2.6.23
vte >= 0.12.2
gtk-vnc >= 0.0.1
python-virtinst >= 0.103.0
python-virtinst >= 0.300.0
PolicyKit >= 0.6
The latter is available from

9
TODO
View File

@ -4,17 +4,10 @@
A list of random items which need implementing in no particular
order / importance:
1. Handle renaming of domains. Libvirt caches the name when you get
the initial handle to the domain, so this may be more difficult
than it seems - particularly since we really want to minimize as
may XenD RPC/HTTP calls as possible
2. Implement tracking of network & disk stats. Needs support in
2. Implement tracking of network & disk stats. Needs support in
libvirt.
3. Support for dealing with inactive / passive domains
6. Ability to send arbitrary keystrokes to VNC (ie keys which local
WM would otherwise capture, eg Ctrl+Alt+F1 to switch console)

7
src/virt-manager.py.in
View File

@ -172,12 +172,9 @@ def show_engine(engine, show, uri, uuid):
if engine.config.get_connections() is None or len(engine.config.get_connections()) == 0:
tryuri = None
if os.path.exists("/var/lib/xend") and os.path.exists("/proc/xen"):
tryuri = "xen"
tryuri = "xen:///"
elif os.path.exists("/usr/bin/qemu"):
if os.getuid() == 0:
tryuri = "qemu:///system"
else:
tryuri = "qemu:///session"
tryuri = "qemu:///system"
if tryuri is not None:
conn = engine.add_connection(tryuri)
engine.show_manager()

18
src/virtManager/connect.py
View File

@ -28,8 +28,9 @@ HV_XEN = 0
HV_QEMU = 1
CONN_LOCAL = 0
CONN_TLS = 1
CONN_SSH = 2
CONN_TCP = 1
CONN_TLS = 2
CONN_SSH = 3
class vmmConnect(gobject.GObject):
__gsignals__ = {
@ -95,23 +96,22 @@ class vmmConnect(gobject.GObject):
pass
elif hv == HV_XEN:
if conn == CONN_LOCAL:
uri = "xen"
if os.getuid() != 0:
readOnly = True
uri = "xen:///"
elif conn == CONN_TLS:
uri = "xen+tls://" + host + "/"
elif conn == CONN_SSH:
uri = "xen+ssh://root@" + host + "/"
elif conn == CONN_TCP:
uri = "xen+tcp://" + host + "/"
else:
if conn == CONN_LOCAL:
if os.getuid() == 0:
uri = "qemu:///system"
else:
uri = "qemu:///session"
uri = "qemu:///system"
elif conn == CONN_TLS:
uri = "qemu+tls://" + host + "/system"
elif conn == CONN_SSH:
uri = "qemu+ssh://root@" + host + "/system"
elif conn == CONN_TCP:
uri = "qemu+tcp://" + host + "/system"
logging.debug("Connection to open is %s" % uri)
self.close()

99
src/virtManager/connection.py
View File

@ -294,22 +294,97 @@ class vmmConnection(gobject.GObject):
self.connectThread.setDaemon(True)
self.connectThread.start()
def _do_creds_polkit(self, action):
logging.debug("Doing policykit for %s" % action)
bus = dbus.SessionBus()
obj = bus.get_object("org.gnome.PolicyKit", "/org/gnome/PolicyKit/Manager")
pkit = dbus.Interface(obj, "org.gnome.PolicyKit.Manager")
pkit.ShowDialog(action, 0)
return 0
def _do_creds_dialog(self, creds):
try:
gtk.gdk.threads_enter()
return self._do_creds_dialog_main(creds)
finally:
gtk.gdk.threads_leave()
def _do_creds_dialog_main(self, creds):
dialog = gtk.Dialog("Authentication required", None, 0, (gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL, gtk.STOCK_OK, gtk.RESPONSE_OK))
label = []
entry = []
box = gtk.Table(2, len(creds))
row = 0
for cred in creds:
if cred[0] == libvirt.VIR_CRED_AUTHNAME or cred[0] == libvirt.VIR_CRED_PASSPHRASE:
label.append(gtk.Label(cred[1]))
else:
return -1
ent = gtk.Entry()
if cred[0] == libvirt.VIR_CRED_PASSPHRASE:
ent.set_visibility(False)
entry.append(ent)
box.attach(label[row], 0, 1, row, row+1, 0, 0, 3, 3)
box.attach(entry[row], 1, 2, row, row+1, 0, 0, 3, 3)
row = row + 1
vbox = dialog.get_child()
vbox.add(box)
dialog.show_all()
res = dialog.run()
dialog.hide()
if res == gtk.RESPONSE_OK:
row = 0
for cred in creds:
cred[4] = entry[row].get_text()
row = row + 1
dialog.destroy()
return 0
else:
dialog.destroy()
return -1
def _do_creds(self, creds, cbdata):
try:
if len(creds) == 1 and creds[0][0] == libvirt.VIR_CRED_EXTERNAL and creds[0][2] == "PolicyKit":
return self._do_creds_polkit(creds[0][1])
for cred in creds:
if creds[0] == libvirt.VIR_CRED_EXTERNAL:
return -1
return self._do_creds_dialog(creds)
except:
(type, value, stacktrace) = sys.exc_info ()
# Detailed error message, in English so it can be Googled.
self.connectError = \
("Failed to get credentials '%s':\n" %
str(self.uri)) + \
str(type) + " " + str(value) + "\n" + \
traceback.format_exc (stacktrace)
logging.error(self.connectError)
return -1
def _open_thread(self):
logging.debug("Background thread is running")
try:
if self.readOnly is None:
try:
self.vmm = libvirt.open(self.uri)
self.readOnly = False
except:
self.vmm = libvirt.openReadOnly(self.uri)
self.readOnly = True
else:
if self.readOnly:
self.vmm = libvirt.openReadOnly(self.uri)
else:
self.vmm = libvirt.open(self.uri)
flags = 0
if self.readOnly:
flags = libvirt.VIR_CONNECT_RO
self.vmm = libvirt.openAuth(self.uri,
[[libvirt.VIR_CRED_AUTHNAME,
libvirt.VIR_CRED_PASSPHRASE,
libvirt.VIR_CRED_EXTERNAL],
self._do_creds,
None], flags)
self.state = self.STATE_ACTIVE
except:
self.state = self.STATE_DISCONNECTED

1
src/vmm-open-connection.glade
View File

@ -180,6 +180,7 @@
<widget class="GtkComboBox" id="connection">
<property name="visible">True</property>
<property name="items" translatable="yes">Local
Remote Password or Kerberos
Remote SSL/TLS with x509 certificate
Remote tunnel over SSH</property>
<property name="add_tearoffs">False</property>

4
virt-manager.spec.in
View File

@ -21,7 +21,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: pygtk2 >= 1.99.12-6
Requires: gnome-python2-gconf >= 1.99.11-7
# Absolutely require this version or newer
Requires: libvirt-python >= 0.3.0-1
Requires: libvirt-python >= 0.4.0-1
# Definitely does not work with earlier due to python API changes
Requires: dbus-python >= 0.61
# Might work with earlier, but this is what we've tested
@ -46,6 +46,8 @@ Requires: vte >= 0.12.2
Requires: scrollkeeper
# For console widget
Requires: gtk-vnc-python
# For local authentication against PolicyKit
Requires: PolicyKit-gnome
ExclusiveArch: %{ix86} x86_64 ia64