diff options
Diffstat (limited to 'ssh_keys.py')
| -rwxr-xr-x | ssh_keys.py | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/ssh_keys.py b/ssh_keys.py new file mode 100755 index 0000000..07f0995 --- /dev/null +++ b/ssh_keys.py @@ -0,0 +1,65 @@ +#!/usr/bin/python2 +import json +import os +import subprocess +import sys +import tarfile +import urllib2 +import pwd + +import linaro_ldap + + +def web_sync(url): + if not os.path.exists('./tmp'): + os.mkdir('./tmp') + tf = urllib2.urlopen(url) + with tarfile.open(fileobj=tf, mode="r|gz") as tf: + tf.extractall(path='./tmp') + + for p in os.listdir('./tmp'): + os.rename('./tmp/' + p, p) + + +def ldap_sync(): + fname = 'ssh_keys.json' + with open(fname + '.tmp', 'w') as f: + json.dump(linaro_ldap.get_users_and_keys(), f) + os.rename(f.name, fname) + subprocess.check_output(['/usr/sbin/nss_updatedb', 'ldap']) + with tarfile.open('ldap-files.tgz.tmp', 'w:gz') as tf: + tf.add('group.db') + tf.add('passwd.db') + tf.add('ssh_keys.json') + os.rename('ldap-files.tgz.tmp', 'ldap-files.tgz') + + +def keys(user): + u = pwd.getpwnam(user) + if u.pw_uid < 10000: # local user + with open(os.path.join(u.pw_dir, '.ssh/authorized_keys')) as f: + try: + print f.read().strip('\n') + except: + return + + with open('ssh_keys.json') as f: + data = json.load(f) + keys = data.get(user) + if keys: + for key in keys: + print(key[1]) + + +if __name__ == '__main__': + if len(sys.argv) not in (2, 3): + sys.exit('Usage: %s --sync [URL]|<user>' % sys.argv[0]) + + os.chdir('/var/lib/misc') + if sys.argv[1] == '--sync': + if len(sys.argv) == 3: + web_sync(sys.argv[2]) + else: + ldap_sync() + else: + keys(sys.argv[1]) |