#!/usr/bin/python
import pprint
import subprocess
+from invirt.config import structs as config
# import ldap
# l = ldap.open("W92-130-LDAP-2.mit.edu")
pass
def getAfsGroupMembers(group, cell):
+ encrypt = True
+ for c in config.authz:
+ if c.type == 'afs' and c.cell == cell and hasattr(c, 'auth'):
+ encrypt = c.auth
subprocess.check_call(['aklog', cell], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
- p = subprocess.Popen(["pts", "membership", "-encrypt", group, '-c', cell],
+ p = subprocess.Popen(["pts", "membership", "-encrypt" if encrypt else '-noauth', group, '-c', cell],
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
err = p.stderr.read()
if err: #Error code doesn't reveal missing groups, but stderr does