session.save_or_update(machine)
if update_acl:
- print >> sys.stderr, machine, machine.administrator
cache_acls.refreshMachine(machine)
session.commit()
except:
simple = fields.getfirst('simple')
subjects = fields.getlist('subject')
- help_mapping = {'ParaVM Console': """
+ help_mapping = {
+ 'Autoinstalls': """
+The autoinstaller builds a minimal Debian or Ubuntu system to run as a
+ParaVM. You can access the resulting system by logging into the <a
+href="help?simple=true&subject=ParaVM+Console">serial console server</a>
+with your Kerberos tickets; there is no root password so sshd will
+refuse login.</p>
+
+<p>Under the covers, the autoinstaller uses our own patched version of
+xen-create-image, which is a tool based on debootstrap. If you log
+into the serial console while the install is running, you can watch
+it.
+""",
+ 'ParaVM Console': """
ParaVM machines do not support local console access over VNC. To
access the serial console of these machines, you can SSH with Kerberos
to %s, using the name of the machine as your
def getUser(environ):
"""Return the current user based on the SSL environment variables"""
- return environ.get('REMOTE_USER', None)
+ user = environ.get('REMOTE_USER')
+ if user is None:
+ return
+
+ if environ.get('AUTH_TYPE') == 'Negotiate':
+ # Convert the krb5 principal into a krb4 username
+ if not user.endswith('@%s' % config.authn[0].realm):
+ return
+ else:
+ return user.split('@')[0].replace('/', '.')
+ else:
+ return user
def handler(username, state, path, fields):
operation, path = pathSplit(path)
projects / invirt/packages/invirt-web.git / blobdiff