diff options
author | Timotej Lazar <timotej.lazar@fri.uni-lj.si> | 2019-02-24 21:05:27 +0100 |
---|---|---|
committer | Timotej Lazar <timotej.lazar@fri.uni-lj.si> | 2019-02-24 21:05:27 +0100 |
commit | 8081a5520a441b43a8a7a73f3a90c7aacfaa8e10 (patch) | |
tree | c7f49bd33ed19d53afc0ee9df8b2c82c200c5910 /tasks/radius_multiple_realms | |
parent | 9963b74f777edf985540eac71b1ca095f88b8bca (diff) |
Move everything one level up
Diffstat (limited to 'tasks/radius_multiple_realms')
-rw-r--r-- | tasks/radius_multiple_realms/task.py | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/tasks/radius_multiple_realms/task.py b/tasks/radius_multiple_realms/task.py new file mode 100644 index 0000000..0067f46 --- /dev/null +++ b/tasks/radius_multiple_realms/task.py @@ -0,0 +1,110 @@ +# kpov_util should be imported by add_assignment.py + +instructions = { + 'si':""" +<pre>Postavi tri navidezne računalnike - SimpleArbiter z diska simpleArbiterDhcp, +RadiusA ter RadiusB. Na simpleArbiterDhcp preberi imeni domen DOMENA_A ter DOMENA_B, +uporabniški imeni USER_A in USER_B, gesli PASSWORD_A in PASSWORD_B ter skrivnosti +SECRET_A in SECRET_B. Poskrbi, da se bo lahko radius klient s SimpleArbiter povezal +na RadiusA s skrivnostjo SECRET_A ter na RadiusB s skrivnostjo SECRET_B. Poskrbi še, +da bo v nastavitvah OpenRadius na RadiusA obstajal uporabnik USER_A z geslom PASSWORD_A ter +na RadiusB uporabnik USER_B z geslom PASSWORD_B. + +Poskrbi, da bo strežnik RadiusA odgovarjal na zahtevke za avtentikacijo uporabnikov na domeni DOMENA_A, +zahtevke za uporabnike na domeni DOMENA_B pa bo preposlal naprej na RadiusB. RadiusB naj odgovarja na +zahtevke za uporabnike na domeni DOMENA_B, zahtevke za uporabnike na DOMENA_A pa naj preprosto zavrže.</pre> +""" +} + +computers = { + 'maliNetworkManager': { + 'disks': [ + { 'name': 'maliNetworkManager', + }, + ], + 'network_interfaces': [{'network': 'net1'}], + 'flavor': 'm1.tiny', + 'config_drive': False + + }, + 'maliBrezNetworkManager': { + 'disks': [ + { 'name': 'maliBrezNetworkManager', + }, + ], + 'network_interfaces': [{'network': 'net1'}], + 'flavor': 'm1.tiny', + 'config_drive': False + + }, + 'SimpleArbiter': { + 'disks': [ + { 'name': 'simpleArbiterDhcp', + }, + ], + 'network_interfaces': [{'network': 'net1'}, {'network': 'test-net'}], + 'flavor': 'm1.tiny', + 'config_drive': False + } +} + +networks = { 'net1': {'public': False}, 'test-net': {'public': True} } + +params_meta = { + 'IP_NM': {'descriptions': {'si': 'Naslov maliNetworkManager'}, 'w': False, 'public':True, 'type': 'IP', 'generated': True}, + 'DNS_NM': {'descriptions': {'si': 'DNS za maliNetworkManager'}, 'w': False, 'public':True, 'type': 'IP', 'generated': True}, + 'IP_static': {'descriptions': {'si': 'Naslov maliBrezNetworkManager'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, + 'DNS_static': {'descriptions': {'si': 'DNS za maliBrezNetworkManager'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, +} + +def task(IP_NM, DNS_NM, IP_static, DNS_static): + from pexpect import pxssh + import pexpect + results = dict() + peer_user = 'student' + peer_passwd = 'vaje' + sA = pxssh.pxssh() + sB = pxssh.pxssh() + sA.login(IP_NM, peer_user, peer_passwd) + sB.login(IP_static, peer_user, peer_passwd) + # sA + # make sure NM is not handling eth0 + results['NM_nmcli'] = sA.run('nmcli d') + results['NM_nslookup'] = sA.run('nslookup www.arnes.si') + # sB + # check whether NM is handling eth0 + results['static_nmcli'] = sB.run('nmcli d') + results['static_nslookup'] = sB.run('nslookup www.arnes.si') + sA.logout() + sB.logout() + return results + +def gen_params(user_id, params_meta): + params = dict() + r = random.Random(user_id) + # IP_NM, DNS_NM, IP_static, DNS_static) + dns_servers = ['193.2.1.66', '193.2.1.72', '8.8.8.8', '8.8.4.4', '208.67.222.222', '208.67.220.220'] + net = kpov_util.IPv4_subnet_gen(r, '172.23.128.0/18', 24) + params['DNS_NM'] = r.choice(dns_servers) + params['IP_NM'], params['IP_static'] = kpov_util.IPv4_addr_gen(r, net, 2) + params['DNS_static'] = r.choice(dns_servers) + return params + +def task_check(results, params): + import re + score = -9 + hints = [] + if results['NM_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_NM'])) > -1: + score += 3 + if results['static_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_static'])) > -1: + score += 3 + if re.search(r'eth0 +802-.*connected', results['NM_nmcli']): + score += 2 + if not re.search(r'eth0 +802-.*connected', results['static_nmcli']): + score += 2 + score = 0 + return score, hints + +def prepare_disks(templates, task_params, global_params): + write_default_config(templates['simpleArbiterDhcp'], global_params) + |