subiquity/console_conf/controllers/identity.py

# Copyright 2015 Canonical, Ltd.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import json
import logging
import os
import subprocess
import sys

from subiquitycore.controller import BaseController
from subiquitycore.models import IdentityModel
from subiquitycore.utils import disable_console_conf, run_command

from console_conf.ui.views import IdentityView, LoginView

log = logging.getLogger('console_conf.controllers.identity')

def get_device_owner():
    """ Check if device is owned """

    # TODO: use proper snap APIs.
    try:
        extrausers_fp = open('/var/lib/extrausers/passwd', 'r')
    except FileNotFoundError:
        return None
    with extrausers_fp:
        passwd_line = extrausers_fp.readline()
        if passwd_line and len(passwd_line) > 0:
            passwd = passwd_line.split(':')
            result = {
                'realname': passwd[4].split(',')[0],
                'username': passwd[0],
                'homedir': passwd[5],
                }
            return result
    return None

login_details_tmpl = """\
Congratulations! This device is now registered to {realname}.

The next step is to log into the device via ssh:

{sshcommands}
These keys can be used to log in:

{sshkeys}
Once you've logged in, you can optionally set a password by running
"sudo passwd $USER". After you've set a password, you can also use it
to log in here.

You can explore snappy core with snap --help.
"""

def write_login_details(fp, realname, username, ips, fingerprints):
    sshcommands = ""
    for ip in ips:
        sshcommands += "    ssh %s@%s\n"%(username, ip)
    sshkeys = ""
    for fingerprint in fingerprints:
        sshkeys += "    " + fingerprint + "\n"
    fp.write(login_details_tmpl.format(realname=realname, username=username, sshcommands=sshcommands, sshkeys=sshkeys))

def write_login_details_standalone():
    owner = get_device_owner()
    if owner is None:
        # Nothing much we can do :/
        print("No device owner details found")
        return 0
    from probert import network
    from subiquitycore.models.network import NETDEV_IGNORED_IFACE_NAMES, NETDEV_IGNORED_IFACE_TYPES
    import ipaddress
    import operator
    import socket
    observer = network.UdevObserver()
    observer.start()
    ips = []
    for l in sorted(observer.links.values(), key=operator.attrgetter('name')):
        if l.type in NETDEV_IGNORED_IFACE_TYPES:
            continue
        if l.name in NETDEV_IGNORED_IFACE_NAMES:
            continue
        ips.extend([str(ipaddress.IPv4Interface(a).ip) for a in l.ip.get(socket.AF_INET, [])])
        ips.extend([str(ipaddress.IPv6Interface(a).ip) for a in l.ip.get(socket.AF_INET6, [])])
    key_file = os.path.join(owner['homedir'], ".ssh/authorized_keys")
    fingerprints = run_command(['ssh-keygen', '-lf', key_file])['output'].replace('\r', '').splitlines()
    write_login_details(sys.stdout, owner['realname'], owner['username'], ips, fingerprints)
    return 0


class IdentityController(BaseController):

    def __init__(self, common):
        super().__init__(common)
        self.model = IdentityModel(self.opts)

    def default(self):
        title = "Profile setup"
        excerpt = "Enter an email address from your account in the store."
        footer = ""
        self.ui.set_header(title, excerpt)
        self.ui.set_footer(footer, 40)
        self.ui.set_body(IdentityView(self.model, self, self.opts, self.loop))
        device_owner = get_device_owner()
        if device_owner is not None:
            self.model.add_user(device_owner)
            key_file = os.path.join(device_owner['homedir'], ".ssh/authorized_keys")
            self.model.user.fingerprints = run_command(['ssh-keygen', '-lf', key_file])['output'].replace('\r', '').splitlines()
            self.login()

    def identity_done(self, email):
        if self.opts.dry_run:
            result = {
                'realname': email,
                'username': email,
                }
            self.model.add_user(result)
            ssh_keys = subprocess.getoutput('ssh-add -L').splitlines()
            login_details_path = '.subiquity/login-details.txt'
        else:
            self.ui.frame.body.progress.set_text("Contacting store...")
            self.loop.draw_screen()
            result = run_command(["snap", "create-user", "--sudoer", "--json", email])
            self.ui.frame.body.progress.set_text("")
            if result['status'] != 0:
                self.ui.frame.body.error.set_text("Creating user failed:\n" + result['err'])
                return
            else:
                data = json.loads(result['output'])
                result = {
                    'realname': email,
                    'username': data['username'],
                    }
                ssh_keys = data['ssh-keys']
                os.makedirs('/run/console-conf', exist_ok=True)
                login_details_path = '/run/console-conf/login-details.txt'
                self.model.add_user(result)
        log.debug('ssh_keys %s', ssh_keys)
        fingerprints = []
        for key in ssh_keys:
            keygen_result = subprocess.Popen(['ssh-keygen', '-lf', '-'], stdin=subprocess.PIPE, stdout=subprocess.PIPE)
            fingerprint, err = keygen_result.communicate(key.encode('utf-8'))
            fingerprints.append(fingerprint.decode('utf-8', 'replace').replace('\r', '').strip())
        self.model.user.fingerprints = fingerprints
        log.debug('fingerprints %s', fingerprints)
        ips = []
        net_model = self.controllers['Network'].model
        for dev in net_model.get_all_netdevs():
            ips.extend(dev.actual_ip_addresses)
        with open(login_details_path, 'w') as fp:
            write_login_details(fp, result['realname'], result['username'], ips, fingerprints)
        self.login()

    def cancel(self):
        # You can only go back if we haven't created a user yet.
        if self.model.user is None:
            self.signal.emit_signal('prev-screen')

    def login(self):
        title = "Configuration Complete"
        footer = "View configured user and device access methods"
        self.ui.set_header(title)
        self.ui.set_footer(footer)

        net_model = self.controllers['Network'].model
        ifaces = net_model.get_all_netdevs()
        login_view = LoginView(self.opts, self.model, self, ifaces)

        self.ui.set_body(login_view)

    def login_done(self):
        if not self.opts.dry_run:
            # stop the console-conf services (this will kill the current process).
            disable_console_conf()

        self.signal.emit_signal('quit')
Refactor identity stuff to avoid dep on curtin in console-conf case. A bit verbose perhaps, but works. Now console-conf only depends on curtin for the network stuff. 2016-07-27 04:05:47 +00:00			`# Copyright 2015 Canonical, Ltd.`
			`#`
			`# This program is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU Affero General Public License as`
			`# published by the Free Software Foundation, either version 3 of the`
			`# License, or (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU Affero General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU Affero General Public License`
			`# along with this program. If not, see <http://www.gnu.org/licenses/>.`

move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`import json`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`import logging`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`import os`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`import subprocess`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`import sys`
Refactor identity stuff to avoid dep on curtin in console-conf case. A bit verbose perhaps, but works. Now console-conf only depends on curtin for the network stuff. 2016-07-27 04:05:47 +00:00
stop consoleconf's IdentityController inheriting from BaseIdentityController 2017-01-13 02:59:28 +00:00			`from subiquitycore.controller import BaseController`
			`from subiquitycore.models import IdentityModel`
remove references to firstboot (an old name for console-conf?) 2017-01-25 22:18:03 +00:00			`from subiquitycore.utils import disable_console_conf, run_command`
Refactor identity stuff to avoid dep on curtin in console-conf case. A bit verbose perhaps, but works. Now console-conf only depends on curtin for the network stuff. 2016-07-27 04:05:47 +00:00
stuff 2016-07-27 23:13:19 +00:00			`from console_conf.ui.views import IdentityView, LoginView`
Refactor identity stuff to avoid dep on curtin in console-conf case. A bit verbose perhaps, but works. Now console-conf only depends on curtin for the network stuff. 2016-07-27 04:05:47 +00:00
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`log = logging.getLogger('console_conf.controllers.identity')`

shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`def get_device_owner():`
			`""" Check if device is owned """`

			`# TODO: use proper snap APIs.`
			`try:`
			`extrausers_fp = open('/var/lib/extrausers/passwd', 'r')`
			`except FileNotFoundError:`
			`return None`
			`with extrausers_fp:`
			`passwd_line = extrausers_fp.readline()`
			`if passwd_line and len(passwd_line) > 0:`
			`passwd = passwd_line.split(':')`
			`result = {`
			`'realname': passwd[4].split(',')[0],`
			`'username': passwd[0],`
			`'homedir': passwd[5],`
			`}`
			`return result`
			`return None`

rewrite login-details.txt a bit for https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/1643930 2016-11-22 21:16:12 +00:00			`login_details_tmpl = """\`
			`Congratulations! This device is now registered to {realname}.`

			`The next step is to log into the device via ssh:`

			`{sshcommands}`
			`These keys can be used to log in:`

			`{sshkeys}`
			`Once you've logged in, you can optionally set a password by running`
			`"sudo passwd $USER". After you've set a password, you can also use it`
			`to log in here.`

improve grammar in login-details.txt 2016-12-15 07:50:51 +00:00			`You can explore snappy core with snap --help.`
rewrite login-details.txt a bit for https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/1643930 2016-11-22 21:16:12 +00:00			`"""`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00
			`def write_login_details(fp, realname, username, ips, fingerprints):`
rewrite login-details.txt a bit for https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/1643930 2016-11-22 21:16:12 +00:00			`sshcommands = ""`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`for ip in ips:`
rewrite login-details.txt a bit for https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/1643930 2016-11-22 21:16:12 +00:00			`sshcommands += " ssh %s@%s\n"%(username, ip)`
			`sshkeys = ""`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`for fingerprint in fingerprints:`
rewrite login-details.txt a bit for https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/1643930 2016-11-22 21:16:12 +00:00			`sshkeys += " " + fingerprint + "\n"`
			`fp.write(login_details_tmpl.format(realname=realname, username=username, sshcommands=sshcommands, sshkeys=sshkeys))`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00
			`def write_login_details_standalone():`
			`owner = get_device_owner()`
			`if owner is None:`
			`# Nothing much we can do :/`
			`print("No device owner details found")`
			`return 0`
			`from probert import network`
			`from subiquitycore.models.network import NETDEV_IGNORED_IFACE_NAMES, NETDEV_IGNORED_IFACE_TYPES`
			`import ipaddress`
			`import operator`
			`import socket`
			`observer = network.UdevObserver()`
			`observer.start()`
			`ips = []`
			`for l in sorted(observer.links.values(), key=operator.attrgetter('name')):`
			`if l.type in NETDEV_IGNORED_IFACE_TYPES:`
			`continue`
			`if l.name in NETDEV_IGNORED_IFACE_NAMES:`
			`continue`
			`ips.extend([str(ipaddress.IPv4Interface(a).ip) for a in l.ip.get(socket.AF_INET, [])])`
			`ips.extend([str(ipaddress.IPv6Interface(a).ip) for a in l.ip.get(socket.AF_INET6, [])])`
			`key_file = os.path.join(owner['homedir'], ".ssh/authorized_keys")`
			`fingerprints = run_command(['ssh-keygen', '-lf', key_file])['output'].replace('\r', '').splitlines()`
			`write_login_details(sys.stdout, owner['realname'], owner['username'], ips, fingerprints)`
			`return 0`


stop consoleconf's IdentityController inheriting from BaseIdentityController 2017-01-13 02:59:28 +00:00			`class IdentityController(BaseController):`

			`def __init__(self, common):`
			`super().__init__(common)`
			`self.model = IdentityModel(self.opts)`
entirely custom identity view for console-conf 2016-07-27 10:15:22 +00:00
do not have controllers (or view code!!) know the order of the screens 2016-09-27 02:33:54 +00:00			`def default(self):`
entirely custom identity view for console-conf 2016-07-27 10:15:22 +00:00			`title = "Profile setup"`
			`excerpt = "Enter an email address from your account in the store."`
			`footer = ""`
			`self.ui.set_header(title, excerpt)`
			`self.ui.set_footer(footer, 40)`
stop consoleconf's IdentityController inheriting from BaseIdentityController 2017-01-13 02:59:28 +00:00			`self.ui.set_body(IdentityView(self.model, self, self.opts, self.loop))`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`device_owner = get_device_owner()`
Fixup: don't side-effect checking for the device owner. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 20:34:36 +00:00			`if device_owner is not None:`
address review comments 2016-10-12 00:17:14 +00:00			`self.model.add_user(device_owner)`
show fingerprints on login view 2016-11-10 00:38:09 +00:00			`key_file = os.path.join(device_owner['homedir'], ".ssh/authorized_keys")`
			`self.model.user.fingerprints = run_command(['ssh-keygen', '-lf', key_file])['output'].replace('\r', '').splitlines()`
one last emit_signal that came in via merge 2016-11-01 23:56:44 +00:00			`self.login()`
identity: implement an initial, dumb "is this device owned" check. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 19:17:15 +00:00
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`def identity_done(self, email):`
identity: implement an initial, dumb "is this device owned" check. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 19:17:15 +00:00			`if self.opts.dry_run:`
			`result = {`
			`'realname': email,`
			`'username': email,`
			`}`
			`self.model.add_user(result)`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`ssh_keys = subprocess.getoutput('ssh-add -L').splitlines()`
			`login_details_path = '.subiquity/login-details.txt'`
identity: implement an initial, dumb "is this device owned" check. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 19:17:15 +00:00			`else:`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`self.ui.frame.body.progress.set_text("Contacting store...")`
			`self.loop.draw_screen()`
			`result = run_command(["snap", "create-user", "--sudoer", "--json", email])`
fix attribute error in user creation 2016-09-30 02:12:15 +00:00			`self.ui.frame.body.progress.set_text("")`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`if result['status'] != 0:`
			`self.ui.frame.body.error.set_text("Creating user failed:\n" + result['err'])`
			`return`
			`else:`
			`data = json.loads(result['output'])`
			`result = {`
			`'realname': email,`
			`'username': data['username'],`
			`}`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`ssh_keys = data['ssh-keys']`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`os.makedirs('/run/console-conf', exist_ok=True)`
			`login_details_path = '/run/console-conf/login-details.txt'`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`self.model.add_user(result)`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`log.debug('ssh_keys %s', ssh_keys)`
			`fingerprints = []`
			`for key in ssh_keys:`
			`keygen_result = subprocess.Popen(['ssh-keygen', '-lf', '-'], stdin=subprocess.PIPE, stdout=subprocess.PIPE)`
			`fingerprint, err = keygen_result.communicate(key.encode('utf-8'))`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`fingerprints.append(fingerprint.decode('utf-8', 'replace').replace('\r', '').strip())`
show fingerprints on login view 2016-11-10 00:38:09 +00:00			`self.model.user.fingerprints = fingerprints`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`log.debug('fingerprints %s', fingerprints)`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`ips = []`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`net_model = self.controllers['Network'].model`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`for dev in net_model.get_all_netdevs():`
			`ips.extend(dev.actual_ip_addresses)`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`with open(login_details_path, 'w') as fp:`
shuffle things around so that it works for a user created via an assertion 2016-11-09 22:59:39 +00:00			`write_login_details(fp, result['realname'], result['username'], ips, fingerprints)`
remove most trivial use of signals from console-conf's flow 2016-10-10 23:48:28 +00:00			`self.login()`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00
restore escape key behaviour 2016-11-01 23:44:04 +00:00			`def cancel(self):`
			`# You can only go back if we haven't created a user yet.`
			`if self.model.user is None:`
			`self.signal.emit_signal('prev-screen')`

Start at a login view. 2016-07-27 22:30:27 +00:00			`def login(self):`
			`title = "Configuration Complete"`
			`footer = "View configured user and device access methods"`
			`self.ui.set_header(title)`
			`self.ui.set_footer(footer)`

			`net_model = self.controllers['Network'].model`
reorganize the network model and make the UI a bit more consistent The main change here is to separate the state a network device is in and the state we want it to be in. So it now parses the netplan config on a system as well as probing the state of via probert. The UI is changed to make this distintion too, and be IMO a bit more consistent. Somewhere in this I've removed the display of whether the probed address was found via DHCP or not, possibly that should be put back if it doesn't make things too cluttered. In dry-run mode, we now still write the config and feed it to netplan, but in a way that doesn't affect the system we are running it on. 2016-11-07 00:35:42 +00:00			`ifaces = net_model.get_all_netdevs()`
			`login_view = LoginView(self.opts, self.model, self, ifaces)`
Start at a login view. 2016-07-27 22:30:27 +00:00
			`self.ui.set_body(login_view)`
do not have controllers (or view code!!) know the order of the screens 2016-09-27 02:33:54 +00:00
			`def login_done(self):`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`if not self.opts.dry_run:`
			`# stop the console-conf services (this will kill the current process).`
remove references to firstboot (an old name for console-conf?) 2017-01-25 22:18:03 +00:00			`disable_console_conf()`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00
			`self.signal.emit_signal('quit')`