Python实现Kerberos用户的增删改查操作_Python

Python实现Kerberos用户的增删改查操作

2021-08-13 00:42源神 Python

这篇文章主要介绍了Python实现Kerberos用户的增删改查操作，具有很好的参考价值，希望对大家有所帮助。一起跟随小编过来看看吧

1、首先模拟python类似shell命令行操作的接口：

python安装subprocess（本地）、paramiko（SSH远程）

				?

									#-*- coding: UTF-8 -*-

									#!/usr/bin/python

									import os, sys

									import subprocess

									import paramiko

									import settings

									class RunCmd(object):

									 def __init__(self):

									  self.cmd = 'ls'

									 @staticmethod

									 def local_run(cmd):

									  print('start executing...')

									  print('cmd is -------> %s' % str(cmd))

									  s = subprocess.Popen(str(cmd), shell=True, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)

									  out, err = s.communicate()

									  print("outinfo is -------> %s" % out)

									  print("errinfo is -------> %s" % err)

									  print('finish executing...')

									  print('result:------> %s' % s.returncode)

									  return s.returncode

									 @staticmethod

									 def remote_run(host, username, password, port, cmd):

									  client = paramiko.SSHClient()

									  client.set_missing_host_key_policy(paramiko.AutoAddPolicy())

									  client.connect(hostname=host, port=int(port), username=username, password=password, timeout=5)

									  stdin, stdout, stderr = client.exec_command(cmd)

									  result = stdout.read()

									  client.close()

									  return result

									 @staticmethod

									 def krb_run(cmd):

									  print('krb_run start...')

									  print('cmd is -------> %s' % str(cmd))

									  result = RunCmd.remote_run(settings.KRB_HOST, settings.USERNAME, settings.PASSWORD, settings.PORT, cmd)

									  print('result:------> %s' % result)

									  print('krb_run finish...')

									  return result

2、Kerberos常用的命令操作封装成接口，其他简单。但需要交互的是删除 principal

				?

									def delete_user(self, username):

									 cmd = r"""

									  expect -c "

									  set timeout 1;

									  spawn kadmin.local -q \"delete_principal {principal}\" ;

									  expect yes/no {{ send \"yes\r\" }} ;

									  expect *\r

									  expect \r

									  expect eof

									  "

									 """.format(principal=username)

									 RunCmd.krb_run(cmd)

补充知识：python操作有Kerberos认证的hive库

之前访问hive都比较简单，直接用pyhive连接即可。

但是最近遇到了一个问题，hive有了Kerberosren认证。

最终经过各种尝试和灵感迸发，终于解决了这个问题，遂记录之。

代码

				?

									from pyhive.hive import connect

									con = connect(host='XXXX',port=10000,auth='KERBEROS',kerberos_service_name="hive")

									cursor = con.cursor()

									cursor.execute('select * from tmp.pricing_calculate_result_spark where time_id="201907171355" limit 10,1')

									datas = cursor.fetchall()

									print(datas)

									cursor.close()

									con.close()