HOME


Mini Shell 1.0
Redirecting to https://devs.lapieza.net/iniciar-sesion Redirecting to https://devs.lapieza.net/iniciar-sesion.
DIR: /proc/self/root/usr/lib/python3/dist-packages/cloudinit/__pycache__/
Upload File :
Current File : //proc/self/root/usr/lib/python3/dist-packages/cloudinit/__pycache__/ssh_util.cpython-311.pyc
�

܍~c�P��2�ddlZddlZddlmZddlmZeje��ZdZ	dZ
dZdee��zdzZ
Gd	�d
��ZGd�d��Zd
�Zd�Zd�Zd�Zd�Zd�Ze	fd�Zdd�ZGd�d��Zd�Zd�Zd�Zdedefd�Ze	fd�Zd�ZdS) �N)�log)�utilz/etc/ssh/sshd_config)�dsa�rsa�ecdsa�ed25519z(ecdsa-sha2-nistp256-cert-v01@openssh.comzecdsa-sha2-nistp256z(ecdsa-sha2-nistp384-cert-v01@openssh.comzecdsa-sha2-nistp384z(ecdsa-sha2-nistp521-cert-v01@openssh.comzecdsa-sha2-nistp521z+sk-ecdsa-sha2-nistp256-cert-v01@openssh.comz"sk-ecdsa-sha2-nistp256@openssh.comz#sk-ssh-ed25519-cert-v01@openssh.comzsk-ssh-ed25519@openssh.comzssh-dss-cert-v01@openssh.comzssh-dssz ssh-ed25519-cert-v01@openssh.comzssh-ed25519zssh-rsa-cert-v01@openssh.comzssh-rsazssh-xmss-cert-v01@openssh.comzssh-xmss@openssh.com�z�no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"$USER\" rather than the user \"$DISABLE_USER\".';echo;sleep 10;exit �"c�$�eZdZ	dd�Zd�Zd�ZdS)�AuthKeyLineNc�L�||_||_||_||_||_dS�N)�base64�comment�options�keytype�source)�selfrrrrrs      �4/usr/lib/python3/dist-packages/cloudinit/ssh_util.py�__init__zAuthKeyLine.__init__Fs+�������������������c��|jo|jSr)rr�rs r�validzAuthKeyLine.validOs���{�+�t�|�+rc�J�g}|jr|�|j��|jr|�|j��|jr|�|j��|jr|�|j��|s|jSd�|��S�N� )r�appendrrrr�join)r�tokss  r�__str__zAuthKeyLine.__str__Rs������<�	&��K�K���%�%�%��<�	&��K�K���%�%�%��;�	%��K�K���$�$�$��<�	&��K�K���%�%�%��	"��;���8�8�D�>�>�!r)NNNN)�__name__�
__module__�__qualname__rrr!�rrrrEsI������GK�����,�,�,�
"�
"�
"�
"�
"rrc� �eZdZdZd�Zdd�ZdS)�AuthKeyLineParsera�
    AUTHORIZED_KEYS FILE FORMAT
     AuthorizedKeysFile specifies the file containing public keys for public
     key authentication; if none is specified, the default is
     ~/.ssh/authorized_keys.  Each line of the file contains one key (empty
     (because of the size of the public key encoding) up to a limit of 8 kilo-
     bytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16
     kilobits.  You don't want to type them in; instead, copy the
     identity.pub, id_dsa.pub, or the id_rsa.pub file and edit it.

     sshd enforces a minimum RSA key modulus size for protocol 1 and protocol
     2 keys of 768 bits.

     The options (if present) consist of comma-separated option specifica-
     tions.  No spaces are permitted, except within double quotes.  The fol-
     lowing option specifications are supported (note that option keywords are
     case-insensitive):
    c�x�d}d}|t|��krz|s
||dvrn||}|dzt|��kr|dz}nJ||dz}|dkr|dkr|dz}n	|dkr|}|dz}|t|��kr|�d||dv�n|d|�}||d����}||fS)z�
        The options (if present) consist of comma-separated option specifica-
         tions.  No spaces are permitted, except within double quotes.
         Note that option keywords are case-insensitive.
        Fr)r�	��\r
N)�len�lstrip)r�ent�quoted�i�curc�nextcr�remains        r�_extract_optionsz"AuthKeyLineParser._extract_optionsvs�����
���#�c�(�(�l�l��l�S��V�;�-F�-F��q�6�D��1�u��C��� � ���E�����A��J�E��t�|�|�������E�������#����A��A��#�c�(�(�l�l��l�S��V�;�-F�-F��a��c�(���Q�R�R����!�!���� � rNc���|�d��}|�d��s|���dkrt|��Sd�}|���}	||��\}}}n^#t$rQ|�|��\}	}
|�|	}	||
��\}}}n!#t$rt|��cYcYSwxYwYnwxYwt|||||���S)Nz
�#�c�4�|�dd��}t|��dkrtdt|��z���|dtvrtd|dz���t|��dkr|�d��|S)N�zTo few fields: %srzInvalid keytype %sr7)�splitr,�	TypeError�VALID_KEY_TYPESr)r.r s  r�
parse_ssh_keyz.AuthKeyLineParser.parse.<locals>.parse_ssh_key�s����9�9�T�1�%�%�D��4�y�y�1�}�}�� 3�c�$�i�i� ?�@�@�@��A�w�o�-�-�� 4�t�A�w� >�?�?�?��4�y�y�A�~�~����B�����Kr)rrrr)�rstrip�
startswith�striprr;r4)r�src_liner�liner=r.rrr�keyoptsr3s           r�parsezAuthKeyLineParser.parse�s@�����v�&�&���?�?�3���	)�4�:�:�<�<�2�#5�#5��x�(�(�(�
	�
	�
	��j�j�l�l��
	-�)6��s�);�);�&�W�f�g�g���	-�	-�	-� $� 5� 5�c� :� :��W�f���!��
-�-:�]�6�-B�-B�*��&�'�'���
-�
-�
-�"�8�,�,�,�,�,�,�,�
-����#*�'�
	-����������
�
�
�	
s6�*A:�:&C�!B1�0C�1C�
C�C�C�Cr)r"r#r$�__doc__r4rDr%rrr'r'bsA��������&!�!�!�4(
�(
�(
�(
�(
�(
rr'c�~�g}t��}g}|D]�}	tj�|��rSt	j|�����}|D]*}|�|�|�����+�v#ttf$rt	jtd|��Y��wxYw|S)NzError reading lines from %s)
r'�os�path�isfiler�	load_file�
splitlinesrrD�IOError�OSError�logexc�LOG)�fnames�lines�parser�contents�fnamerBs      r�parse_authorized_keysrU�s����E�
�
 �
 �F��H��C�C��	C��w�~�~�e�$�$�
8���u�-�-�8�8�:�:��!�8�8�D��O�O�F�L�L��$6�$6�7�7�7�7�����!�	C�	C�	C��K��:�E�B�B�B�B�B�	C�����Os�A2B�,B:�9B:c��td�|D����}tdt|����D]T}||}|���s�|D]-}|j|jkr|}||vr|�|���.|||<�U|D]}|�|���d�|D��}|�d��d�|��S)Nc�:�g|]}|����|��Sr%)r��.0�ks  r�
<listcomp>z*update_authorized_keys.<locals>.<listcomp>�s%��0�0�0��a�g�g�i�i�0�1�0�0�0rrc�,�g|]}t|����Sr%��str)rY�bs  rr[z*update_authorized_keys.<locals>.<listcomp>�s��)�)�)��S��V�V�)�)�)rr7�
)�list�ranger,rr�removerr)�old_entries�keys�to_addr0r.rZ�keyrQs        r�update_authorized_keysrh�s��
�0�0�d�0�0�0�
1�
1�F�
�1�c�+�&�&�
'�
'�����!�n���y�y�{�{�	���	%�	%�A��x�3�:�%�%�����;�;��M�M�!�$�$�$����A���� � �����3�����
*�)�[�)�)�)�E�
�L�L������9�9�U���rc��tj|��}|r|jstd|z���tj�|jd��|fS)Nz"Unable to get SSH info for user %rz.ssh)�pwd�getpwnam�pw_dir�RuntimeErrorrGrHr)�username�pw_ents  r�users_ssh_inforp�sU��
�\�(�
#�
#�F��N���N��?�8�L�M�M�M��G�L�L����/�/��8�8rc�&�d|fd|fdf}|sd}|���}g}|D]j}|D]\}}|�||��}�|�d��s tj�||��}|�|���k|S)N�%h�%u)z%%�%�%h/.ssh/authorized_keys�/)r:�replacer?rGrHrr)	�value�homedirrn�macros�paths�renderedrH�macro�fields	         r�render_authorizedkeysfile_pathsr�s����W�o��h�/��
=�F��*�)���K�K�M�M�E��H�����"�	.�	.�L�E�5��<�<��u�-�-�D�D����s�#�#�	/��7�<�<���.�.�D����������Orc���d}|rd}tj|��}|r,||kr&|dkr t�d||||��dStj|��}||kr|dz}n7tj|��}tj|��}	||	vr|dz}n|dz}||zd	krt�d
|||��dS|r'|dzd	krt�d||��dSd
S)aVCheck if the file/folder in @current_path has the right permissions.

    We need to check that:
    1. If StrictMode is enabled, the owner is either root or the user
    2. the user can access the file/folder, otherwise ssh won't use it
    3. If StrictMode is enabled, no write permission is given to group
       and world users (022)
    i�i��rootzXPath %s in %s must be own by user %s or by root, but instead is own by %s. Ignoring key.F��8�rzBPath %s in %s must be accessible by user %s, check its permissions�zRPath %s in %s must not give writepermission to group or world users. Ignoring key.T)r�	get_ownerrO�debug�get_permissions�	get_group�get_user_groups)
rn�current_path�	full_path�is_file�strictmodes�minimal_permissions�owner�parent_permission�group_owner�user_groupss
          r�check_permissionsr�se�� ���$�#��
�N�<�(�(�E��	�u��(�(�U�f�_�_��	�	�
@�����
	
�	
�	
��u��,�\�:�:�������u�$����n�\�2�2���*�8�4�4���+�%�%��5�(���
 �5�(���.�.�!�3�3��	�	�
%����	
�	
�	
��u���(�5�0�A�5�5��	�	�
@���		
�	
�	
��u��4rc���t|��d}td��d}	|�d��dd�}d}tj�|j��}|D�]p}|d|zz
}tj�|��rt�d|��dStj�	|��rt�d|��dS|�
|��s||jkr��tj�|��s�tj
|��5d	}	|j}
|j}|�
|j��rd
}	|j}
|j}tj||	d���tj||
|��ddd��n#1swxYwYt%|||d|��}|sdS��rtj�|��stj�|��rt�d
|��dStj�|��s8tj|ddd���tj||j|j��t%|||d|��}|sdSnF#t*t,f$r2}
tjtt1|
����Yd}
~
dSd}
~
wwxYwdS)Nr*r�rv���r7z-Invalid directory. Symlink exists in path: %sFz*Invalid directory. File exists in path: %s��r�T)�mode�exist_okz%s is not a file!�)r��ensure_dir_exists)rpr:rGrH�dirnamerl�islinkrOr�rIr?�existsr�SeLinuxGuard�pw_uid�pw_gid�makedirs�	chownbyidr��isdir�
write_filerLrMrNr^)rn�filenamer��
user_pwent�
root_pwent�directories�
parent_folder�home_folder�	directoryr��uid�gid�permissions�es              r�check_create_pathr�HsS����)�)�!�,�J���'�'��*�J�G��n�n�S�)�)�!�B�$�/���
��g�o�o�j�&7�8�8��$�*	�*	�I��S�9�_�,�M��w�~�~�m�,�,�
��	�	�C�!�����u�u��w�~�~�m�,�,�
��	�	�@�-�����u�u��&�&�}�5�5�
� �J�$5�5�5���7�>�>�-�0�0�

<��&�}�5�5�	<�	<� �D�$�+�C�$�+�C�$�/�/�
�0A�B�B�0�$��(�/��(�/���K�
�D�4�H�H�H�H��N�=�#�s�;�;�;�	<�	<�	<�	<�	<�	<�	<�	<�	<�	<�	<����	<�	<�	<�	<�,��-��5�+���K��
��u�u�
��7�>�>�(�#�#�	�r�w�}�}�X�'>�'>�	��I�I�)�8�4�4�4��5��w�~�~�h�'�'�	K�
�O�H�b�u��M�M�M�M��N�8�Z�%6�
�8I�J�J�J�'��h��$��
�
���	��5�	���W�������C��Q��� � � ��u�u�u�u�u����������4sX�BJ-�9;J-�6AJ-�
A(F>�2J-�>G	�J-�G	�J-�!AJ-�>A,J-�-K0�>'K+�+K0c
�d�t|��\}}tj�|d��}|}g}t	j|d���5	t
|��}|�dd��}|�dd��}	t||j	|��}nC#ttf$r/||d<t	jtd	t|d��YnwxYwddd��n#1swxYwYt|���|��D]a\}
}t#d
|
vd|
v|�d�|j	����g��rt)|||	dk��}|r|}n�b||krt�d
|��|t-|g��fS)N�authorized_keysT��	recursive�authorizedkeysfilerur��yesrzhFailed extracting 'AuthorizedKeysFile' in SSH config from %r, using 'AuthorizedKeysFile' file %r insteadrsrrz{}/zAAuthorizedKeysFile has an user-specific authorized_keys, using %s)rprGrHrrr��parse_ssh_config_map�getrrlrLrMrNrO�DEF_SSHD_CFG�zipr:�anyr?�formatr�r�rU)
rn�
sshd_cfg_file�ssh_dirro�default_authorizedkeys_file�user_authorizedkeys_file�auth_key_fns�ssh_cfg�	key_pathsr��key_path�auth_key_fn�permissions_oks
             r�extract_authorized_keysr��sC��&�x�0�0��W�f�"$�'�,�,�w�8I�"J�"J��:���L�	
�	�7�d�	3�	3�	3���	�*�=�9�9�G����$�&?���I�"�+�+�m�U�;�;�K�:��6�=�(���L�L����!�
	�
	�
	�9�L��O��K�����Q��

�
�
�
�
�
	����������������������0"%�Y�_�_�%6�%6��!E�!E�
�
���+���� ��� ��&�&�u�|�|�F�M�'B�'B�C�C�
�
�
�	�/��+�{�e�';���N��
�+6�(�����#>�>�>��	�	�
�$�	
�	
�	
�	!��7�8�9�9��s7�
C0�AB!� C0�!=C!�C0� C!�!C0�0C4�7C4c��t��}g}|D]9}|�|�t|��|������:t	|��\}}t
j�|��}tj	|d���5t||��}	tj||	d���ddd��dS#1swxYwYdS)N)rTr���
preserve_mode)r'rrDr^r�rGrHr�rr�rhr�)
rernrrR�key_entriesrZr��auth_key_entriesr��contents
          r�setup_user_keysr��s-��
�
 �
 �F��K�
�B�B�����6�<�<��A����<�@�@�A�A�A�A�'>�h�&G�&G�#�[�"��g�o�o�k�*�*�G�	
�	�7�d�	3�	3�	3�B�B�(�)9�;�G�G�����W�D�A�A�A�A�B�B�B�B�B�B�B�B�B�B�B�B����B�B�B�B�B�Bs�(C	�	C
�C
c�2�eZdZdd�Zed���Zd�ZdS)�SshdConfigLineNc�0�||_||_||_dSr)rB�_keyrx)rrBrZ�vs    rrzSshdConfigLine.__init__�s����	���	���
�
�
rc�F�|j�dS|j���Sr)r��lowerrs rrgzSshdConfigLine.key�s!���9���4��y��� � � rc��|j�t|j��St|j��}|jr|dt|j��zz
}|Sr)r�r^rBrx)rr�s  rr!zSshdConfigLine.__str__�sK���9���t�y�>�>�!��D�I���A��z�
+��S�3�t�z�?�?�*�*���Hr)NN)r"r#r$r�propertyrgr!r%rrr�r��sR����������
�!�!��X�!�����rr�c��tj�|��sgStt	j|�������Sr)rGrHrI�parse_ssh_config_linesrrJrK)rTs r�parse_ssh_configr��sA��
�7�>�>�%� � ���	�!�$�.��"7�"7�"B�"B�"D�"D�E�E�Erc���g}|D]�}|���}|r|�d��r#|�t|�����P	|�dd��\}}nW#t
$rJ	|�dd��\}}n,#t
$rt�d|��YY��wxYwYnwxYw|�t|||������|S)Nr6r*�=z;sshd_config: option "%s" has no key/value pair, skipping it)r@r?rr�r:�
ValueErrorrOr�)rQ�retrBrg�vals     rr�r��s%��

�C��3�3���z�z�|�|���	�t���s�+�+�	��J�J�~�d�+�+�,�,�,��	��z�z�$��*�*�H�C�����		�		�		�
��:�:�c�1�-�-���S�S���
�
�
��	�	�#�����
���

�����S�		����	�
�
�>�$��S�1�1�2�2�2�2��Js6�A0�0
C�;B�C�%B>�:C�=B>�>C�Cc�h�t|��}|siSi}|D]}|js�
|j||j<�|Sr)r�rgrx)rTrQr�rBs    rr�r�sQ���U�#�#�E����	�
�C��#�#���x�	���
��D�H�
�
��JrrT�returnc���tj�|��sdSt|d��5}|D])}|�d|�d���rddd��dS�*	ddd��n#1swxYwYdS)NF�rzInclude z	.d/*.confT)rGrHrI�openr?)rT�frBs   r�_includes_dconfr�#s���
�7�>�>�%� � ���u�	
�e�S�	�	��Q��	�	�D����:�%�:�:�:�;�;�
����������
�	��������������������5s�A,�A,�,A0�3A0c��t|��r�tj�|�d���st	j|�d�d���tj�|�d�d��}tj�|��st	j|d��t|��}t||���}|r7t	j|d�d�|D����dzd	�
��t|��dkS)z�Read fname, and update if changes are necessary.

    @param updates: dictionary of desired values {Option: value}
    @return: boolean indicating if an update was done.z.dr�)r�z50-cloud-init.confr�)rQ�updatesr`c�,�g|]}t|����Sr%r])rYrBs  rr[z%update_ssh_config.<locals>.<listcomp>>s��3�3�3�T�s�4�y�y�3�3�3rTr�r)
r�rGrHr�r�
ensure_dirrrI�ensure_filer��update_ssh_config_linesr�r,)r�rTrQ�changeds    r�update_ssh_configr�-s��
�u���+��w�}�}��\�\�\�*�*�	6��O�u�L�L�L�u�5�5�5�5������\�\�\�+?�@�@���w�~�~�e�$�$�	+���U�E�*�*�*��U�#�#�E�%�E�7�C�C�C�G��
�����I�I�3�3�U�3�3�3�4�4�t�;��	
�	
�	
�	
�
�w�<�<�1��rc�4�t��}g}td�|���D����}t|d���D]�\}}|js�
|j|vr�||j}||}|�|��|j|krt�d|||���i|�	|��t�d|||j|��||_��t|��t|��kr�|���D]m\}}||vr�
|�	|��|�	td||����t�dt|��||���n|S)z�Update the SSH config lines per updates.

    @param lines: array of SshdConfigLine.  This array is updated in place.
    @param updates: dictionary of desired values {Option: value}
    @return: A list of keys in updates that were changed.c�:�g|]}|���|f��Sr%)r�rXs  rr[z+update_ssh_config_lines.<locals>.<listcomp>Ns$��;�;�;�q�Q�W�W�Y�Y��N�;�;�;rr*)�startz$line %d: option %s already set to %sz#line %d: option %s updated %s -> %sr7z line %d: option %s added with %s)
�set�dictre�	enumeraterg�addrxrOr�rr,�itemsr�)	rQr��foundr��casemapr0rBrgrxs	         rr�r�Ds���
�E�E�E��G��;�;�G�L�L�N�N�;�;�;�<�<�G��u�A�.�.�.�#�#�	��D��x�	���8�w����$�(�#�C��C�L�E��I�I�c�N�N�N��z�U�"�"��	�	�:�A�s�E��������s�#�#�#��	�	�9����J�����#��
��
�5�z�z�S��\�\�!�!�!�-�-�/�/�	�	�J�C���e�|�|���N�N�3�����L�L���C��7�7�8�8�8��I�I�2�C��J�J��U�
�
�
�
��Nrr) rGrj�	cloudinitr�loggingr�	getLoggerr"rOr�r<�_DISABLE_USER_SSH_EXITr^�DISABLE_USER_OPTSrr'rUrhrprr�r�r�r�r�r�r�r��boolr�r�r�r%rr�<module>rs(��
�	�	�	�
�
�
�
�$�$�$�$�$�$��������g���!�!��&�� ��2����c�(�)�)�*�-0�0��"�"�"�"�"�"�"�"�:V
�V
�V
�V
�V
�V
�V
�V
�r
�
�
� ���89�9�9����*B�B�B�JL�L�L�^5A�6�6�6�6�rB�B�B�B���������.F�F�F����6	�	�	��3��4�����&2�����.+�+�+�+�+r