install -m 755 lib/lxcf-rc $(DESTDIR)$(libdir)/lxcf/lxcf-rc
install -m 755 rest-api/lxcfv1/lxcf-api $(DESTDIR)$(libdir)/lxcf/lxcf-api
install -m 755 rest-api/lxcfv1/api_common.py $(DESTDIR)$(libdir)/lxcf/api_common.py
+ install -m 755 rest-api/lxcfv1/lxcf-api-passwd $(DESTDIR)$(libdir)/lxcf/lxcf-api-passwd
install -m 755 lib/lxcf-config $(DESTDIR)$(libdir)/lxcf/lxcf-config
install -m 755 lib/lxcf-maintenance $(DESTDIR)$(libdir)/lxcf/lxcf-maintenance
install -m 755 lib/lxcf-resource $(DESTDIR)$(libdir)/lxcf/lxcf-resource
install -m 755 cmd/version $(DESTDIR)$(libdir)/lxcf/sbin/version
install -m 755 cmd/export-docker $(DESTDIR)$(libdir)/lxcf/sbin/export-docker
install -m 755 cmd/rename $(DESTDIR)$(libdir)/lxcf/sbin/rename
+ install -m 755 cmd/api-passwd $(DESTDIR)$(libdir)/lxcf/sbin/api-passwd
install_conf: .prepare
install -m 644 conf/helpfile.txt $(DESTDIR)$(libdir)/lxcf/helpfile.txt
--- /dev/null
+#!/bin/bash
+# copyright (C) 2014 FUJITSU LIMITED All Rights Reserved
+
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; version 2
+# of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301, USA.
+
+# check root
+if [ ${EUID:-${UID}} != 0 ]; then
+ echo "error: Because you are not root, you cannot execute this command. "
+ exit 1
+fi
+
+/usr/lib64/lxcf/lxcf-api-passwd $*
+
+exit $?
+
import os, datetime, cgi, StringIO, commands
from wsgiref import util, simple_server
from xml.sax import saxutils
+import hashlib
# sanity check
def sanity_check(parm):
s = s + c
return s
+# check a password
+def check_passwd(newpasswd):
+ try:
+ with open('/etc/lxcf/passwd/api-passwd', 'r') as f:
+ passwd = f.read().strip()
+ f.close()
+ except:
+ passwd = hashlib.sha512("").hexdigest()+" -"
+ try:
+ os.makedir('/etc/lxcf/passwd/', 700)
+ with open('/etc/lxcf/passwd/api-passwd', 'r') as f:
+ f.write(passwd)
+ f.close()
+ except:
+ pass
+
+ newpasswd_hash = hashlib.sha512(newpasswd).hexdigest()+" -"
+ print newpasswd_hash
+ print passwd
+
+ if (newpasswd_hash == passwd):
+ print True
+ return True
+ else:
+ print False
+ return False
# API common class
class api_common(object):
cmdline=path_info.split("/")
cmd = self.callcmd(cmdline)
- print ("authenticity : "+password+" , "+path_info)
-
- if (sanity_check(cmd)):
- # exec command
- check = commands.getstatusoutput("/usr/sbin/lxcf "+cmd)
+ if (check_passwd(password)):
+ if (sanity_check(cmd)):
+ # exec command
+ check = commands.getstatusoutput("/usr/sbin/lxcf "+cmd)
+ else:
+ check = (255, "error: sanity error ... "+cmd)
else:
- check = (255, "error: sanity error ... "+cmd)
+ check = (2, "Password is not corresponding. ")
- self.status = check[0]
+ self.status = check[0]
self.messages = check[1]
fp = StringIO.StringIO()
--- /dev/null
+#!/bin/bash
+# copyright (C) 2014 FUJITSU LIMITED All Rights Reserved
+
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; version 2
+# of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301, USA.
+
+# check distro
+DISTRO=`/usr/lib64/lxcf/lxcf-distro`
+
+# check root
+if [ ${EUID:-${UID}} != 0 ]; then
+ echo "error: Because you are not root, you cannot execute this command. "
+ exit 1
+fi
+
+# check args
+if [ $# -ne 0 ]; then
+ echo "usage lxcf api-passwd"
+ exit 1
+fi
+
+# check an api-passwd file and directory
+mkdir -p /etc/lxcf/passwd
+chmod 700 /etc/lxcf/passwd
+touch /etc/lxcf/passwd/api-passwd
+chmod 600 /etc/lxcf/passwd/api-passwd
+
+# read passwords
+echo -n "New password: "
+read -s ans
+echo
+echo -n "Retype new password: "
+read -s ans2
+echo
+
+
+if [ x$ans == x$ans2 ]; then
+ echo -n $ans | sha512sum > /etc/lxcf/passwd/api-passwd
+ chmod 600 /etc/lxcf/passwd/api-passwd
+else
+ echo
+ echo " ERROR: Passwords do not match."
+ echo
+ exit -1
+fi
+
+exit 0