X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/a539f6428364200adbdbec1c57dfa3eb2c4f2383..2f10c0de042a95eb53a88b6ae976d6dd9360988f:/code/main.py?ds=sidebyside diff --git a/code/main.py b/code/main.py index 551ed04..226a038 100755 --- a/code/main.py +++ b/code/main.py @@ -388,7 +388,6 @@ def modifyDict(username, state, fields): session.save_or_update(machine) if update_acl: - print >> sys.stderr, machine, machine.administrator cache_acls.refreshMachine(machine) session.commit() except: @@ -427,15 +426,39 @@ def helpHandler(username, state, path, fields): simple = fields.getfirst('simple') subjects = fields.getlist('subject') - help_mapping = {'ParaVM Console': """ + help_mapping = { + 'Autoinstalls': """ +The autoinstaller builds a minimal Debian or Ubuntu system to run as a +ParaVM. You can access the resulting system by logging into the serial console server +with your Kerberos tickets; there is no root password so sshd will +refuse login.

+ +

Under the covers, the autoinstaller uses our own patched version of +xen-create-image, which is a tool based on debootstrap. If you log +into the serial console while the install is running, you can watch +it. +""", + 'ParaVM Console': """ ParaVM machines do not support local console access over VNC. To access the serial console of these machines, you can SSH with Kerberos to %s, using the name of the machine as your username.""" % config.console.hostname, 'HVM/ParaVM': """ HVM machines use the virtualization features of the processor, while -ParaVM machines use Xen's emulation of virtualization features. You -want an HVM virtualized machine.""", +ParaVM machines rely on a modified kernel to communicate directly with +the hypervisor. HVMs support boot CDs of any operating system, and +the VNC console applet. The three-minute autoinstaller produces +ParaVMs. ParaVMs typically are more efficient, and always support the +console server.

+ +

More details are on the +wiki, including steps to prepare an HVM guest to boot as a ParaVM +(which you can skip by using the autoinstaller to begin with.)

+ +

We recommend using a ParaVM when possible and an HVM when necessary. +""", 'CPU Weight': """ Don't ask us! We're as mystified as you are.""", 'Owner': """ @@ -633,7 +656,8 @@ Subject: %s %s """ % (to, config.web.hostname, subject, body) - p = subprocess.Popen(['/usr/sbin/sendmail', to], stdin=subprocess.PIPE) + p = subprocess.Popen(['/usr/sbin/sendmail', '-f', to, to], + stdin=subprocess.PIPE) p.stdin.write(mail) p.stdin.close() p.wait() @@ -652,7 +676,18 @@ def show_error(op, username, fields, err, emsg, traceback): def getUser(environ): """Return the current user based on the SSL environment variables""" - return environ.get('REMOTE_USER', None) + user = environ.get('REMOTE_USER') + if user is None: + return + + if environ.get('AUTH_TYPE') == 'Negotiate': + # Convert the krb5 principal into a krb4 username + if not user.endswith('@%s' % config.authn[0].realm): + return + else: + return user.split('@')[0].replace('/', '.') + else: + return user def handler(username, state, path, fields): operation, path = pathSplit(path)