[Spacewalk-list] Read-only API-user

[Hornstra, CH (Cathelijne)]

That's what we have done. Yes, a read-only user is much needed, because we use the name and password in various reporting scripts that run from cron.

I have created a python snippet to import from my satellite scripts with the administrator userpassword base64-encoded. It doesn't do much for security, because any old fool can decode it as easy as I've encoded it, but at least the password isn't lying around in plain text on the file system.

#!/usr/bin/python

# scriptname: satellite.py
# description: This snippet holds the username and password for the satellite server. Include it from your other scripts and you can call the vars 'client' and 'key' as needed
# author: Cathelijne Hornstra

import base64
import xmlrpclib
import __builtin__

url = "https://gbls472001.rabonet.com/rpc/api"
user = "administrator"
password = "base64encodedPassword"

__builtin__.client = xmlrpclib.Server(url, verbose=0)
__builtin__.key = client.auth.login(user, base64.b64decode(password))


From: spacewalk-list-bounces at redhat.com [mailto:spacewalk-list-bounces at redhat.com] On Behalf Of Martin Eggen
Sent: dinsdag 11 september 2012 17:09
To: spacewalk-list at redhat.com
Subject: [Spacewalk-list] Read-only API-user

Hi,

I'm looking for how to implement a read-only API user for producing reports, as far as I can tell there have been some requests for this in the past, but https://fedorahosted.org/spacewalk/wiki/Features/SupportUser does not seem to have much activity? Should I just create a regular user with system-wide access?

regards,

Martin




________________________________
This email originates from Steria AS, Biskop Gunnerus' gate 14a, N-0051 OSLO, http://www.steria.no. This email and any attachments may contain confidential/intellectual property/copyright information and is only for the use of the addressee(s). You are prohibited from copying, forwarding, disclosing, saving or otherwise using it in any way if you are not the addressee(s) or responsible for delivery. If you receive this email by mistake, please advise the sender and cancel it immediately. Steria may monitor the content of emails within its network to ensure compliance with its policies and procedures. Any email is susceptible to alteration and its integrity cannot be assured. Steria shall not be liable if the message is altered, modified, falsified, or even edited.

_____________________________________________________________

This email (including any attachments to it) is confidential, legally privileged, subject to copyright and is sent for the personal attention of the intended recipient only. If you have received this email in error, please advise us immediately and delete it. You are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. Although we have taken reasonable precautions to ensure no viruses are present in this email, we cannot accept responsibility for any loss or damage arising from the viruses in this email or attachments. We exclude any liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided in this email or its attachments, unless that information is subsequently confirmed in writing.
_____________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20120917/a2da5bf6/attachment.htm>