summaryrefslogtreecommitdiff
path: root/tasks/radius_multiple_realms
diff options
context:
space:
mode:
authorTimotej Lazar <timotej.lazar@fri.uni-lj.si>2019-02-24 21:05:27 +0100
committerTimotej Lazar <timotej.lazar@fri.uni-lj.si>2019-02-24 21:05:27 +0100
commit8081a5520a441b43a8a7a73f3a90c7aacfaa8e10 (patch)
treec7f49bd33ed19d53afc0ee9df8b2c82c200c5910 /tasks/radius_multiple_realms
parent9963b74f777edf985540eac71b1ca095f88b8bca (diff)
Move everything one level up
Diffstat (limited to 'tasks/radius_multiple_realms')
-rw-r--r--tasks/radius_multiple_realms/task.py110
1 files changed, 110 insertions, 0 deletions
diff --git a/tasks/radius_multiple_realms/task.py b/tasks/radius_multiple_realms/task.py
new file mode 100644
index 0000000..0067f46
--- /dev/null
+++ b/tasks/radius_multiple_realms/task.py
@@ -0,0 +1,110 @@
+# kpov_util should be imported by add_assignment.py
+
+instructions = {
+ 'si':"""
+<pre>Postavi tri navidezne računalnike - SimpleArbiter z diska simpleArbiterDhcp,
+RadiusA ter RadiusB. Na simpleArbiterDhcp preberi imeni domen DOMENA_A ter DOMENA_B,
+uporabniški imeni USER_A in USER_B, gesli PASSWORD_A in PASSWORD_B ter skrivnosti
+SECRET_A in SECRET_B. Poskrbi, da se bo lahko radius klient s SimpleArbiter povezal
+na RadiusA s skrivnostjo SECRET_A ter na RadiusB s skrivnostjo SECRET_B. Poskrbi še,
+da bo v nastavitvah OpenRadius na RadiusA obstajal uporabnik USER_A z geslom PASSWORD_A ter
+na RadiusB uporabnik USER_B z geslom PASSWORD_B.
+
+Poskrbi, da bo strežnik RadiusA odgovarjal na zahtevke za avtentikacijo uporabnikov na domeni DOMENA_A,
+zahtevke za uporabnike na domeni DOMENA_B pa bo preposlal naprej na RadiusB. RadiusB naj odgovarja na
+zahtevke za uporabnike na domeni DOMENA_B, zahtevke za uporabnike na DOMENA_A pa naj preprosto zavrže.</pre>
+"""
+}
+
+computers = {
+ 'maliNetworkManager': {
+ 'disks': [
+ { 'name': 'maliNetworkManager',
+ },
+ ],
+ 'network_interfaces': [{'network': 'net1'}],
+ 'flavor': 'm1.tiny',
+ 'config_drive': False
+
+ },
+ 'maliBrezNetworkManager': {
+ 'disks': [
+ { 'name': 'maliBrezNetworkManager',
+ },
+ ],
+ 'network_interfaces': [{'network': 'net1'}],
+ 'flavor': 'm1.tiny',
+ 'config_drive': False
+
+ },
+ 'SimpleArbiter': {
+ 'disks': [
+ { 'name': 'simpleArbiterDhcp',
+ },
+ ],
+ 'network_interfaces': [{'network': 'net1'}, {'network': 'test-net'}],
+ 'flavor': 'm1.tiny',
+ 'config_drive': False
+ }
+}
+
+networks = { 'net1': {'public': False}, 'test-net': {'public': True} }
+
+params_meta = {
+ 'IP_NM': {'descriptions': {'si': 'Naslov maliNetworkManager'}, 'w': False, 'public':True, 'type': 'IP', 'generated': True},
+ 'DNS_NM': {'descriptions': {'si': 'DNS za maliNetworkManager'}, 'w': False, 'public':True, 'type': 'IP', 'generated': True},
+ 'IP_static': {'descriptions': {'si': 'Naslov maliBrezNetworkManager'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True},
+ 'DNS_static': {'descriptions': {'si': 'DNS za maliBrezNetworkManager'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True},
+}
+
+def task(IP_NM, DNS_NM, IP_static, DNS_static):
+ from pexpect import pxssh
+ import pexpect
+ results = dict()
+ peer_user = 'student'
+ peer_passwd = 'vaje'
+ sA = pxssh.pxssh()
+ sB = pxssh.pxssh()
+ sA.login(IP_NM, peer_user, peer_passwd)
+ sB.login(IP_static, peer_user, peer_passwd)
+ # sA
+ # make sure NM is not handling eth0
+ results['NM_nmcli'] = sA.run('nmcli d')
+ results['NM_nslookup'] = sA.run('nslookup www.arnes.si')
+ # sB
+ # check whether NM is handling eth0
+ results['static_nmcli'] = sB.run('nmcli d')
+ results['static_nslookup'] = sB.run('nslookup www.arnes.si')
+ sA.logout()
+ sB.logout()
+ return results
+
+def gen_params(user_id, params_meta):
+ params = dict()
+ r = random.Random(user_id)
+ # IP_NM, DNS_NM, IP_static, DNS_static)
+ dns_servers = ['193.2.1.66', '193.2.1.72', '8.8.8.8', '8.8.4.4', '208.67.222.222', '208.67.220.220']
+ net = kpov_util.IPv4_subnet_gen(r, '172.23.128.0/18', 24)
+ params['DNS_NM'] = r.choice(dns_servers)
+ params['IP_NM'], params['IP_static'] = kpov_util.IPv4_addr_gen(r, net, 2)
+ params['DNS_static'] = r.choice(dns_servers)
+ return params
+
+def task_check(results, params):
+ import re
+ score = -9
+ hints = []
+ if results['NM_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_NM'])) > -1:
+ score += 3
+ if results['static_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_static'])) > -1:
+ score += 3
+ if re.search(r'eth0 +802-.*connected', results['NM_nmcli']):
+ score += 2
+ if not re.search(r'eth0 +802-.*connected', results['static_nmcli']):
+ score += 2
+ score = 0
+ return score, hints
+
+def prepare_disks(templates, task_params, global_params):
+ write_default_config(templates['simpleArbiterDhcp'], global_params)
+