-
Eesaan Atluri authored4ff2ffe1
ssh_access.py 1.82 KiB
#!/usr/bin/env python
import os
import json
import pika
import rc_util
from os import popen
from pathlib import Path
from rc_rmq import RCRMQ
import rabbit_config as rcfg
task = "ssh_access"
args = rc_util.get_args()
logger = rc_util.get_logger(args)
# Instantiate rabbitmq object
rc_rmq = RCRMQ({"exchange": rcfg.Exchange, "exchange_type": "topic"})
def ssh_access(ch, method, properties, body):
msg = json.loads(body)
username = msg["username"]
action = msg["action"]
msg["task"] = task
corr_id = properties.correlation_id
reply_to = properties.reply_to
try:
block_ssh_cmd = f'/cm/local/apps/cmd/bin/cmsh -n -c "group; use nossh; append members {username}; commit;"'
unblock_ssh_cmd = f'/cm/local/apps/cmd/bin/cmsh -n -c "group; use nossh; removefrom members {username}; commit;"'
if action == 'lock':
block_ssh = popen(block_ssh_cmd).read().rstrip()
elif action == 'unlock':
unblock_ssh = popen(unblock_ssh_cmd).read().rstrip()
msg["success"] = True
logger.info(f"User {username} is added to nossh group")
except Exception:
msg["success"] = False
msg["errmsg"] = "Exception raised, while blocking user's ssh access, check the logs for stack trace"
logger.error("", exc_info=True)
# send response to callback queue with it's correlation ID
rc_rmq.publish_msg(
{
"routing_key": f'acctmgr.done.{queuename}',
"msg": msg
}
)
logger.debug(f"User {username} confirmation sent for {action}ing {task}")
ch.basic_ack(delivery_tag=method.delivery_tag)
logger.info(f"Start listening to queue: {task}")
rc_rmq.bind_queue(queue=task, routing_key='ssh.*', durable=True)
rc_rmq.start_consume(
{"queue": task, "cb": ssh_access}
)
logger.info("Disconnected")
rc_rmq.disconnect()