| Commit message (Collapse) | Author | Age |
|---|
| |\ |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The Python bindings now support Python 3. They have been tested only
with Python 2.7 and Python 3.7, but should work with any version of
Python 3 later than Python 3.1.
Test both versions in Travis-CI and fix some problems with the
Python coding style checks.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds a dependency on the typing module, which won't matter in
the long run since it's part of core in Python 3.
Remove some useless checks that were just checking the behavior of
Python. Replace a few comparisions with None with "is" or a truth
check.
|
| | |
| |
| |
| |
| |
| |
| | |
Switch from distutils to setuptools so that proper dependencies
can be specified in setup.py. Require pytest and pytest-runner and
set up an alias so that test runs pytest. Move the test script
into the tests subdirectory so that it will be found by pytest.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The Python bindings have been modernized to remove obsolete syntax,
which may mean that versions of Python back to Python 2.3 are no
longer supported. The bindings are only tested with Python 2.7.
Reformat all of the Python code with black.
|
| | | |
|
| | |
| |
| |
| |
| | |
Put the manual pages for the main client and server programs before
the language binding README files.
|
| | |
| |
| |
| |
| | |
Add summary information about the Debian packages, and extra
packaging information about the Puppet module.
|
| |\| |
|
| | | |
|
| | |
| |
| |
| |
| | |
Also removes my old affiliation and address from the protocol
documentation.
|
| | |
| |
| |
| |
| |
| | |
Add SPDX-License-Identifier headers to all substantial source files.
Also canonicalize copyright date formats and fix a few copyright
notices that weren't in my standard layout.
|
| | | |
|
| | |
| |
| |
| |
| | |
Rather than inlining the URL for the MIT Kerberos for Windows
download, make it a real link in the Markdown documentation.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Move the THANKS section to a separate file to try to reduce the
length of the top-level README a bit. Start providing a Markdown
README.md as well for GitHub. Tweak a lot of documentation wording
and move things around to bring the package documentation in line
with my standard templates.
|
| |\| |
|
| | | |
|
| | | |
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| | |
remctl-shell now also supports being run as a forced command from
authorized_keys (or other methods). This may be preferrable to using
it as a shell since it doesn't require setting non-standard sshd
options.
|
| | |
| |
| |
| |
| | |
Clean up some long lines, trailing whitespace, and added blank
lines, and clean up some comments.
|
| | |\
| | |
| | |
| | | |
https://github.com/ccin2p3/remctl into ccin2p3-feature/summary_with_a_subcommand
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
* If a summary option is specified with a subcommand other than
`ALL`, create a subcommand specific summary.
* Adapt existing test suite.
* Adapt existing summary option documentation.
|
| |\| | |
|
| | | | |
|
| |\| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a new configuration option, sudo, which tells remctld and
remctl-shell to run the command as a different user using sudo. The
path to the sudo binary is determined when remctld is compiled.
Normally, it's more convenient to use the existing user option, but it
relies on remctld running as root. If running the daemon as a
non-root user, or when running remctl-shell as a non-root user, this
option may work better.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Also add a warning to the documentation for both remctld and
remctl-shell that this is based on a reverse DNS lookup and isn't
reliable.
|
| | | | |
|
| |\| | |
|
| |\| | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Two new remctld ACLs are supported: anyuser:auth and
anyuser:anonymous. The first is equivalent to ANYUSER, and indeed
ANYUSER is now treated as a backwards-compatibility alias for
anyuser:auth. This permits any authenticated user in either the local
realm or any realm with which there is cross-realm trust. The new
anyuser:anonymous ACL permits absolutely any user, even
unauthenticated users, allowing anyone with network access to the
server to run the command. (Note, however, that actually running
commands anonymously requires anonymous PKINIT and anonymous service
tickets be enabled for the local Kerberos realm. These are not common
configurations, particularly the second.)
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
The remctld server now sets the REMOTE_EXPIRES environment variable to
the time (in seconds since UNIX epoch) when the authenticated session
used to run a command will expire. This will generally be the
expiration time of the Kerberos ticket used to authenticate to the
server.
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
No particularly strong reason other than I like it better
aesthetically, although it does include the "local" part as a
reference to krb5_aname_to_localname.
Change-Id: I3b0bbb056271222e79b21cf2d96d04e9ef0bf1fe
Reviewed-on: https://gerrit.stanford.edu/1502
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| | |
| |
| |
| |
| |
| |
| | |
Change-Id: I0849685dff2f5bc97a5315f770a83b2fd3c94f48
Reviewed-on: https://gerrit.stanford.edu/1498
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* As suggested by @rra, the principal is now converted to local
user name with `krb5_aname_to_localname`.
* Fix LICENSE issue by removing CeCILL headers and falling back
to global remctl license.
* Improve test suite to check for proper error handling.
Implementation remarks:
* As `krb5_aname_to_localname` requires principal to be from a known
realm to work, test suite now had to be run with a kerberos configuration
file that defines at least the realm `EXAMPLE.ORG`. I'd liked to use
function `kerberos_generate_conf()` defined in `tests/tap/kerberos.c`
but I wasn't able to find the script `tests/data/generate-krb5-conf`.
My solution was to use the sample configuration file provided with the java
bindings `java/k5.conf`.
If no realm `EXAMPLE.ORG` could be found in kerberos configuration file,
tests will fail like this:
```bash
$ ./tests/runtests -o ./tests/server/acl-unxgrp
1..14
ok 1 - ... with empty group
not ok 2 - ... with user within group
ok 3 - ... with user not in group
ok 4 - ... with principal with instances but main user in group
ok 5 - ... with long_principal very very long
ok 6 - ... match error message with principal too long
ok 7 - ... with user from not supported REALM
ok 8 - ... with getgrnam_r failing
ok 9 - ... with getgrnam_r error handling
ok 10 - ... with denied user in group
ok 11 - ... with user not in denied group but not allowed
not ok 12 - ... with user within group plus a deny pragma
ok 13 - ... with user in denied group plus a allow group pragma
ok 14 - ... with user neither in allowed or denied group
```
but with the sample configuration file shipped with the java bindings:
```bash
$ KRB5_CONFIG=../java/k5.conf ./tests/runtests -o ./tests/server/acl-unxgrp
1..14
ok 1 - ... with empty group
ok 2 - ... with user within group
ok 3 - ... with user not in group
ok 4 - ... with principal with instances but main user in group
ok 5 - ... with long_principal very very long
ok 6 - ... match error message with principal too long
ok 7 - ... with user from not supported REALM
ok 8 - ... with getgrnam_r failing
ok 9 - ... with getgrnam_r error handling
ok 10 - ... with denied user in group
ok 11 - ... with user not in denied group but not allowed
ok 12 - ... with user within group plus a deny pragma
ok 13 - ... with user in denied group plus a allow group pragma
ok 14 - ... with user neither in allowed or denied group
```
Change-Id: Iadb1b5f9f4e18297f08ac25cdc6c3a5510ecc584
Reviewed-on: https://gerrit.stanford.edu/1495
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add documentation for *unxgrp* ACL scheme
* Add *unxgrp* in supported ACL scheme in usage message
* Add test suite for acl-unxgrp
Change-Id: I7ed3008953e7751c02d81323e3c08cc9dddb9e49
Reviewed-on: https://gerrit.stanford.edu/1492
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| | |
| |
| |
| |
| |
| |
| | |
Change-Id: I7b6ea2acfb3e3e6e9cd463cfe2c81208205c52bf
Reviewed-on: https://gerrit.stanford.edu/1480
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make sure that the protocol documents are consistent in how they
refer to various protocol versions. Warn that the permitted behavior
of splitting argument size across MESSAGE_COMMAND continuations is
not guaranteed to continue to be supported. Fix documentation that
said MESSAGE_NOOP couldn't be sent by the client. Fix various other
minor issues and wording problems.
Change-Id: I0f77f5adb780632aa990b376593fad9472662731
Reviewed-on: https://gerrit.stanford.edu/1431
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add version and compatibility information to all manual pages.
Command-line and configuration options, ACL methods, environment
variables, client library APIs, and other major features are now
annotated with the version of remctl in which they were added.
Change-Id: I739e0d1fbb60f4c02cf309bb5d81561fa494bdad
Reviewed-on: https://gerrit.stanford.edu/1429
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| |\| |
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add support for systemd. If built on a system with systemd installed,
remctl will install (but not enable) systemd units to start remctld
via socket activation. remctld will also notify systemd when its
initialization is complete if started by systemd with service
notification enabled.
Change-Id: I91caa7a3a909c7e85454e43b4cf3b6d7bd4a6067
Reviewed-on: https://gerrit.stanford.edu/1356
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add support for upstart's expect stop daemon synchronization method.
When starting remctld in stand-alone mode with upstart, pass the new
-Z option to remctld, and it will raise SIGSTOP when ready to accept
connections, signaling to upstart that the daemon has fully started.
Change-Id: Ief816224a80b0d7ff68033b454cf05bfa319cdeb
Reviewed-on: https://gerrit.stanford.edu/1355
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| | |
| |
| |
| |
| |
| |
| | |
Change-Id: Iba0376ea03a749d81abc2eeb49b0b5cf7d3e8847
Reviewed-on: https://gerrit.stanford.edu/1353
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the additional required metadata to suppress warnings, which
means this claims to be an Internet-Draft that's not been
submitted. At some point, it should actually be submitted. Be
clearer in the additional license section about the intended
license grant. Adjust the xml2rfc calling convention for 2.x.
Change-Id: I4f8b01ae180821be8adb964f0e45b27d3cddd634
Reviewed-on: https://gerrit.stanford.edu/1343
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
| |\| |
|
