more to do.
"certmaster-ca --list"
-The list command prints all certificates that have been requested from certmaster by a remote
-service (such as funcd) but are not yet signed.
-
-func commands can't be sent to a remote machine until the certificates have been signed.
+The list command prints all certificates that have been requested from certmaster by a remote application (such as funcd or certmaster-request) but are not yet signed.
"certmaster-ca --sign [hostname]"
The certmaster can be configured to make this command unneccessary; all incoming
requests can be signed automatically by certmaster.
-To configure this, edit /etc/func/certmaster.conf.
+To configure this, edit /etc/certmaster/certmaster.conf.
=head1 ADDITONAL RESOURCES
-See https://hosted.fedoraproject.org/projects/func/. It's a Wiki.
+See https://fedorahosted.org/certmaster. It's a Wiki.
-See also the manpages for "func", "func-inventory", "funcd", and "certmaster".
+See also the manpages for "certmaster" and "certmaster-request".
=head1 AUTHOR
-Various. See https://hosted.fedoraproject.org/projects/func
+Various. See https://fedorahosted.org/certmaster
--- /dev/null
+=head1 NAME
+
+certmaster-request -- requests SSL certs from a certmasster
+Fedora Unified Network Controller.
+
+=head1 SYNOPSIS
+
+certmaster-request [--server certmaster.example.com] [--port port]
+[ --wait infinite/seconds ]
+
+=head1 DESCRIPTION
+
+FIXME: To be added later once we split this out from func.
+
+=head1 API
+
+Note: Many applications will want to use the XMLRPC API (see source) or import
+the Python code to request certs. For those that don't want to do that,
+this command line tool is available. Explore the other options if they
+make more sense for your application.
+
+=head1 EXIT_STATUS
+
+non-zero upon failure.
+
+=head1 ADDITONAL RESOURCES
+
+See https://fedorahosted.org/certmaster for more information
+
+See also the manpages for "certmaster", and "certmaster-ca".
+
+=head1 AUTHOR
+
+Various. See https://fedorahosted.org/func
+
+
=head1 NAME
-certmaster -- hands out certificates to funcd and other components.
+certmaster -- hands out certificates to programs that want them, like
+certmaster-request or users of the certmaster API
=head1 SYNOPSIS
=head1 DESCRIPTION
-See https://hosted.fedoraproject.org/projects/func/
+See https://fedorahosted.org/certmaster
-Certmaster is run on the master-control machine on a network being
-controlled by func. It hands out certificates to machines running
-funcd.
+Certmaster is a daemon that runs on a "master" machine to hand out certificates to machines that want them. Certificates can then be used by applications like func.
-Certmaster is configured by /etc/func/certmaster.conf
+Certmaster is configured by /etc/certmaster/certmaster.conf
=head1 ADDITONAL RESOURCES
-See https://hosted.fedoraproject.org/projects/func/. It's a Wiki.
+See https://fedorahosted.org/certmaster/. It's a Wiki.
-See also the manpages for "func", "func-inventory", "funcd", "certmaster-ca".
+See also the manpages for "certmaster-request" and "certmaster-ca".
=head1 AUTHOR
+++ /dev/null
-=head1 NAME
-
-func-inventory -- Takes inventory of data from func minions, and stores them in git.
-
-=head1 SYNOPSIS
-
-func-inventory [--verbose] [--server-spec glob] [--methods list] [--modules list] [--tree path] [--no-git]
-
-=head1 DESCRIPTION
-
-func-inventory runs against func-minions to gather information, and stores this information on the filesystem, in a tree arranged by hostname, module name, and method name.
-
-After each update, differences are commited to version control (using git), where they can be examined with tools such as "git log" and "gitk".
-
-=head1 --verbose
-
-Provides extra output about what func-inventory is doing.
-
-=head1 --server-spec
-
-A glob, as can be given to "func", that describes what machines the inventory program should run against. The default is "*".
-
-=head1 --modules list
-
-A comma-seperated list of modules that should be included in the inventory, for instance "hardware,packages".
-The default is "all".
-
-=head1 --methods list
-
-A comma-seperated list of methods that should be included in the inventory, for each module being queried. The default
-is "info", which saves the data for any module that has an "info" method.
-
-=head1 --tree-path
-
-Selects the location where func-inventory will output data. The default is /var/lib/func/inventory. This directory will
-contain a tree structure based on the hostnames, modules, and methods included in the inventory.
-
-=head1 --no-git
-
-Disables git integration, meaning changes will not be tracked using version control. This option is present
-for those that do not have the "git-core" package installed, though installing it is highly recommended to get
-the full degree of power out of func-inventory.
-
-=head1 VIEWING CHANGES
-
-Since func-inventory integrates with git, all changes to the remote systems (including additions of new systems) can
-be tracked using standard git-tools such as "git log" and "gitk", when run on the directory specified for --tree.
-
-Additional built in hooks to notify changes can be written using git's own trigger mechanism, though something
-more specific to func will likely be developed in the future -- also eliminating the need to grok git internals.
-
-=head1 ALTERNATIVE OUTPUT FORMATS
-
-func-inventory can be passed a --json or --xmlrpc parameter to override the default output format. These
-output formats are much less readable in the git-produced diffs, but are more easily loaded by other programs
-that may want to "mine" the output of a func-inventory tree. Using --json requires that the python-simplejson
-RPM be installed.
-
-=head1 ADDITONAL RESOURCES
-
-See https://hosted.fedoraproject.org/projects/func/ for more information.
-
-See also the manpages for "func", "funcd", "certmaster", and "certmaster-ca".
-
-=head1 AUTHOR
-
-Michael DeHaan <mdehaan@redhat.com>
-
-
-
+++ /dev/null
-=head1 NAME
-
-Func -- Fedora Unified Network Controller.
-
-=head1 SYNOPSIS
-
-func "*" list_minions
-
-func target.example.org call module method [args ...]
-
-func "target*.example.org" call module method [args ...]
-
-func "webserver1;mailserver2" call module method [args ...]
-
-=head1 DESCRIPTION
-
-"func" allows remote control of machines running funcd (called "minions")
-that are set to obey this machine (called the "overlord"). This includes
-performing various remote operations and gathering data.
-
-"func" can address multiple machines at the same time by specifying
-their names with globs, which follow shell glob syntax.
-
-See the project homepage (below) for a list of modules available
-and a more in-depth description of what each of them do.
-
-=head1 THE "CALL" MODULE
-
-The "call" module is used for running func modules remotely.
-
-Format: func "*.example.org" call <module> <function> [ args ... ]
-
-=head1 LISTING REMOTE MODULES AVAILABLE
-
-It's possible to ask func minions what modules they have installed:
-
-func "*.example.org" call system list_modules
-
-=head1 LISTING REMOTE FUNCTIONS AVAILABLE IN A MODULE
-
-It is also possible to ask remote func modules what functions they support:
-
-func target.example.org call modulename list_methods
-
-=head1 CALLING A REMOTE COMMAND
-
-Once you have the name of a module you want to run, use call to invoke it:
-
-func target.example.org call modulename methodname
-
-=head1 OUTPUT FORMATS
-
-The "call" command by default outputs data using a "pretty printer". Other
-display options include --raw, --json, and --xmlrpc, which may be more
-desirable if you are running func inside another script or prefer to read
-those display formats.
-
-Example: func "*" call --json service inventory
-
-
-=head1 HELPER MODULES
-
-In addition to "call", there are other modules that make control of remote
-machines, as well as data display, more user friendly. They augment "call"
-by providing some additional functionality.
-
-You will notice that the syntax for using one of these helper modules
-varies slightly from just using "call" directly.
-
-For example "show" can be used to show remote data. The normal command "func '*'
-command would dump a very large amount of data, while the show command can mine
-only a few details. This might make things more readable, for instance, when
-not going through the Python API (where you would not care).
-
-func "*.example.org" show hardware --help
-
-func "*.example.org" show hardware systemMemory
-
-func "*.example.org" show hardware os
-
-Another useful helper command module is copyfile, which allows func to work like scp from
-the shell, though it can address multiple systems at the same time.
-
-The following example pushes one file out to multiple systems:
-
-func "*.example.org" copyfile --file=/tmp/foo --remotepath=/tmp/foo
-
-While these helper modules will grow over time, usage of "call" syntax
-directly is fine also. See the Wiki for more examples as they evolve.
-
-=head1 --verbose
-
-Use this flag to output extra information from func while it is running.
-All func commands can take this flag.
-
-=head1 EXIT_STATUS
-
-Func commands have return values that vary based on the module being
-called. See the project page (linked below) for more information.
-
-=head1 ADDITONAL RESOURCES
-
-See https://hosted.fedoraproject.org/projects/func/ for more information, including information on scripting func from Python.
-
-See also the manpages for "func-inventory", "funcd", "certmaster", and "certmaster-ca".
-
-=head1 AUTHOR
-
-Various. See https://hosted.fedoraproject.org/projects/func
-
-
+++ /dev/null
-=head1 NAME
-
-funcd -- deaemon for the Fedora Universal Network Controller
-
-=head1 SYNOPSIS
-
-funcd (it's a daemon and takes no arguments)
-
-=head1 DESCRIPTION
-
-funcd registers itself to a certificate server (certmaster) listed in /etc/func/minion.conf and takes orders from the command line func when that program is run from that certificate server. See /etc/func/minion.conf for other configuration options.
-
-Modules and capabilities provided by funcd are specified at https://hosted.fedoraproject.org/projects/func/
-
-=head1 ADDITONAL RESOURCES
-
-See https://hosted.fedoraproject.org/projects/func/. It's a Wiki.
-
-See also the manpages for "func", "certmaster", and "certmaster-ca".
-
-=head1 AUTHOR
-
-Various. See https://hosted.fedoraproject.org/projects/func
-
-
+++ /dev/null
-#config file for minion Access control lists
-#this specifies which methods a connecting client is allowed to run
-# format is: cn-certificate-hash = method1, method2, method3
-# default allows the certmaster key to run all methods
-
+++ /dev/null
-#!/bin/sh
-#
-# funcd Fedora Unified Network Control
-###################################
-
-# LSB header
-
-### BEGIN INIT INFO
-# Provides: funcd
-# Required-Start: network
-# Required-Stop:
-# Default-Start: 3 4 5
-# Default-Stop: 0 1 2 6
-# Short-Description: Fedora Unified Network Control
-# Description: Crazy simple, secure remote management.
-### END INIT INFO
-
-# chkconfig header
-
-# chkconfig: - 99 99
-# description: Crazy simple, secure remote management.
-#
-# processname: /usr/bin/funcd
-
-# Sanity checks.
-[ -x /usr/bin/funcd ] || exit 0
-
-SERVICE=funcd
-PROCESS=funcd
-DAEMON=/usr/bin/funcd
-CONFIG_ARGS="--daemon"
-
-
-FuncStatus()
-{
- ps wt? | grep "$DAEMON" 2>&1 > /dev/null
- if [ "x$?" = "x0" ]; then
- RVAL=0
- echo "$DAEMON is running"
- else
- RVAL=3
- echo "$DAEMON is not running"
- fi
-}
-
-if [ -f /lib/lsb/init-functions ]; then
- . /lib/lsb/init-functions
- alias START_DAEMON=start_daemon
- alias STATUS=FuncStatus
- alias LOG_SUCCESS=log_success_msg
- alias LOG_FAILURE=log_failure_msg
- alias LOG_WARNING=log_warning_msg
-elif [ -f /etc/init.d/functions ]; then
- . /etc/init.d/functions
- alias START_DAEMON=daemon
- alias STATUS=status
- alias LOG_SUCCESS=success
- alias LOG_FAILURE=failure
- alias LOG_WARNING=passed
-else
- echo "Error: your platform is not supported by $0" > /dev/stderr
- exit 1
-fi
-
-
-RETVAL=0
-
-start() {
- echo -n $"Starting func daemon: "
- START_DAEMON $PROCESS $CONFIG_ARGS
- RETVAL=$?
- echo
- [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SERVICE
- return $RETVAL
-}
-
-stop() {
- echo -n $"Stopping func daemon: "
- killproc $PROCESS
- RETVAL=$?
- echo
- if [ $RETVAL -eq 0 ]; then
- rm -f /var/lock/subsys/$SERVICE
- rm -f /var/run/$SERVICE.pid
- fi
-}
-
-restart() {
- stop
- start
-}
-
-# See how we were called.
-case "$1" in
- start|stop|restart)
- $1
- ;;
- status)
- STATUS $PROCESS
- RETVAL=$?
- ;;
- condrestart)
- [ -f /var/lock/subsys/$SERVICE ] && restart || :
- ;;
- reload)
- echo "can't reload configuration, you have to restart it"
- RETVAL=$?
- ;;
- *)
- echo $"Usage: $0 {start|stop|status|restart|condrestart|reload}"
- exit 1
- ;;
-esac
-exit $RETVAL
-
+++ /dev/null
-#!/usr/bin/python
-
-import sys
-import distutils.sysconfig
-
-# sys.path.append("%s/func" % distutils.sysconfig.get_python_lib())
-
-import func.overlord.func_command as func_command
-
-myname, argv = sys.argv[0], sys.argv[1:]
-cli = func_command.FuncCommandLine()
-cli.parse(argv)
-
-
+++ /dev/null
-#!/usr/bin/env python
-#
-# Copyright 2008, Red Hat, Inc
-# Steve 'Ashcrow' Milner <smilner@redhat.com>
-# John Eckersberg <jeckersb@redhat.com>
-#
-# This software may be freely redistributed under the terms of the GNU
-# general public license.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-TEMPLATE = """\
-#
-# Copyright %s
-# %s <%s>
-#
-# This software may be freely redistributed under the terms of the GNU
-# general public license.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-import func_module
-
-class %s(func_module.FuncModule):
-
- # Update these if need be.
- version = "0.0.1"
- api_version = "0.0.1"
- description = "%s"
-
-%s
-"""
-
-METHOD_TEMPLATE = '''\
- def %s(self):
- """
- TODO: Document me ...
- """
- pass
-
-'''
-
-
-def populate_template(author_name, author_email, module_name, desc, methods):
- """
- Makes the method strings and populates the template.
- """
- from datetime import datetime
-
- actual_methods = ""
- for method in methods:
- actual_methods += METHOD_TEMPLATE % method
- return TEMPLATE % (datetime.now().strftime("%Y"), author_name,
- author_email, module_name, desc, actual_methods[:-2])
-
-
-if __name__ == '__main__':
- module_name = raw_input("Module Name: ").capitalize()
- desc = raw_input("Description: ")
- author_name = raw_input("Author: ")
- author_email = raw_input("Email: ")
- methods = []
- print "\nLeave blank to finish."
- while True:
- method = raw_input("Method: ")
- if method == '':
- break
- methods.append(method)
- # Write it out to a file
- file_name = "%s.py" % module_name.lower()
- file_obj = open(file_name, "w")
- file_obj.write(populate_template(author_name, author_email,
- module_name, desc, methods))
- file_obj.close()
- print "Your module is ready to be hacked on. Wrote out to %s." % file_name
+++ /dev/null
-#!/usr/bin/python
-
-import sys
-import distutils.sysconfig
-import func.overlord.inventory as func_inventory
-
-inventory = func_inventory.FuncInventory()
-inventory.run(sys.argv)