|
9 | 9 | # removing any ccaches that have expired from the filesystem, and serves as an |
10 | 10 | # example of how this cleaning can be performed. |
11 | 11 |
|
| 12 | +# gssproxy note: in order to sweep credentials, the sweeper needs to connect |
| 13 | +# to gssproxy as if it were mod_auth_gssapi. In the configuration provided |
| 14 | +# with mod_auth_gssapi (80-httpd.conf), this just consists of matching the |
| 15 | +# gssproxy uid - so run it as the appropriate user (i.e., apache). Custom |
| 16 | +# configurations require careful consideration of how to match the sweeper |
| 17 | +# connection to the correct service in gssproxy; this script is just an |
| 18 | +# example. This script will not attempt to contact gssproxy unless -g is |
| 19 | +# passed. |
| 20 | + |
| 21 | +import argparse |
12 | 22 | import os |
13 | 23 | import stat |
14 | | -import sys |
15 | 24 | import time |
16 | 25 |
|
17 | 26 | # try importing this first to provide a more useful error message |
@@ -48,16 +57,21 @@ def should_delete(fname, t): |
48 | 57 |
|
49 | 58 |
|
50 | 59 | if __name__ == "__main__": |
51 | | - dirs = sys.argv[1:] |
52 | | - if len(dirs) < 1: |
53 | | - print("Usage: %s dir1 [dir2...]" % sys.argv[0]) |
54 | | - exit(1) |
| 60 | + parser = argparse.ArgumentParser(description="Sweep expired ccaches") |
| 61 | + parser.add_argument("-g", dest="gssproxy", action="store_true", |
| 62 | + help="is gssproxy in use (default: no)") |
| 63 | + parser.add_argument("dirs", nargs='+') |
| 64 | + args = parser.parse_args() |
| 65 | + |
| 66 | + if args.gssproxy: |
| 67 | + os.environ["GSS_USE_PROXY"] = "yes" |
| 68 | + os.environ["GSSPROXY_BEHAVIOR"] = "REMOTE_FIRST" |
55 | 69 |
|
56 | 70 | print("System looks okay; running sweeper...") |
57 | 71 |
|
58 | 72 | t = time.time() |
59 | 73 |
|
60 | | - for basedir in dirs: |
| 74 | + for basedir in args.dirs: |
61 | 75 | os.chdir(basedir) |
62 | 76 | print("Sweeping %s" % basedir) |
63 | 77 |
|
|
0 commit comments