[Twisted-Python] Isolating ISFTPServer in Conch's SFTP
I'm looking to create a filesystem backend for twisted that could be used by any filelike twisted application (sftp, webdav etc). I've got a proof of concept filesystem interface working - IFileSystem .. not the best of names ;), which I'm about to try and sftp into. ISFTPServer is a nice clean interface which it'd be easy to write an adapter for from my IFileSystem - but its implementation is bolted into FileTransferServer along with a bunch of protocol stuff .. I had been vaguely planning to break ISFTPServer's implementation out of FileTransferServer and move it into a realm avatar when I got this far so different users could have different filesystems but now that I get to looking at it - FileTransferServer is brought into existance when a sftp sybsystem is requested by the sftp client, which happens after authentication .. It's beginning to look like most of conch/ssh/session.py would need to move into an avatar - so the avatar for a given user could be asked for a shell, or a sftp subsystem and they would get the right shell/ sftp onto a filesystem for that user .. I was hoping that Paul, or someone else may have some thoughts in this area to guide me .. cheers, Andy.
Andy, It looks like you are doing some interesting things!! I am no were near you level of understanding things, so I can't help you...However, I am interested in what you are doing. I am working on a Remote Backup system. I really want kind of a database driven system to handle the SFTP connections and am looking into twisted to provide that. Can you tell me a little more about what you are trying to accomplish? Thanks, Dave Leedom At 10:00 PM 3/14/2004, Andy Gayton wrote:
I'm looking to create a filesystem backend for twisted that could be used by any filelike twisted application (sftp, webdav etc).
I've got a proof of concept filesystem interface working - IFileSystem .. not the best of names ;), which I'm about to try and sftp into.
ISFTPServer is a nice clean interface which it'd be easy to write an adapter for from my IFileSystem - but its implementation is bolted into FileTransferServer along with a bunch of protocol stuff ..
I had been vaguely planning to break ISFTPServer's implementation out of FileTransferServer and move it into a realm avatar when I got this far so different users could have different filesystems but now that I get to looking at it - FileTransferServer is brought into existance when a sftp sybsystem is requested by the sftp client, which happens after authentication ..
It's beginning to look like most of conch/ssh/session.py would need to move into an avatar - so the avatar for a given user could be asked for a shell, or a sftp subsystem and they would get the right shell/ sftp onto a filesystem for that user ..
I was hoping that Paul, or someone else may have some thoughts in this area to guide me ..
cheers, Andy.
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
The Hightower Group, Inc. Custom Software Solutions Designed To Fit Your Business Like A Glove. 165 West Airport Road/Lititz, PA 17543 V:717-560-4002, 877-560-4002 x: 114 F:717-560-2825 www.hightowergroup.com
David A. Leedom wrote:
Can you tell me a little more about what you are trying to accomplish?
G'dday David, In general I'm trying to create an interface for filesystems that can be adapted to every interface twisted filelike apps expect to work with. For instance conch should work with anything which conforms to the ISFTPServer (it just needs a bit of tweaking) - I've still got to look at Thorsten's twisted port of his webdav server, but I'm hoping it has a similiar interface an adapter can be written for. Once a twisted smb server is up I'll write an adapter for the interface it expects. You can then implement the filesystem interface anyway you like - perhaps out of a mysql database, perhaps to mount a zip file so you can sftp directly into the zip file. My particular use for it is a collaboration web site - cablelounge.com - I have a very simple samba like filesystem which defines a user's personal area plus the group areas they have access to - when they enter the filesystem they see something like /home /cliff_hangers /twisted_files When then go into /home they'll actually be in a different type of filesystem, just an ordinary implementation of a system filesystem - but its real path would be say /home/john - when they enter /cliff_hangers there real path could be /var/shares/groups/cliff_hangers - or whatever .. This is great for sftp access as the user can only see what you want them to see - they can't just enter cd /etc and start poking around - and you don't have to mess about with chrooting them to their home directory which then makes group shares very difficult + the user gets a consistent view of their files no matter which application they prefer to use .. I'm pretty new to twisted myself so searching thoughts and critcisms to keep me on track .. Andy.
Thanks,
Dave Leedom
At 10:00 PM 3/14/2004, Andy Gayton wrote:
I'm looking to create a filesystem backend for twisted that could be used by any filelike twisted application (sftp, webdav etc).
I've got a proof of concept filesystem interface working - IFileSystem .. not the best of names ;), which I'm about to try and sftp into.
ISFTPServer is a nice clean interface which it'd be easy to write an adapter for from my IFileSystem - but its implementation is bolted into FileTransferServer along with a bunch of protocol stuff ..
I had been vaguely planning to break ISFTPServer's implementation out of FileTransferServer and move it into a realm avatar when I got this far so different users could have different filesystems but now that I get to looking at it - FileTransferServer is brought into existance when a sftp sybsystem is requested by the sftp client, which happens after authentication ..
It's beginning to look like most of conch/ssh/session.py would need to move into an avatar - so the avatar for a given user could be asked for a shell, or a sftp subsystem and they would get the right shell/ sftp onto a filesystem for that user ..
I was hoping that Paul, or someone else may have some thoughts in this area to guide me ..
cheers, Andy.
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
The Hightower Group, Inc. Custom Software Solutions Designed To Fit Your Business Like A Glove. 165 West Airport Road/Lititz, PA 17543 V:717-560-4002, 877-560-4002 x: 114 F:717-560-2825 www.hightowergroup.com
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
On Sun, 2004-03-14 at 22:00, Andy Gayton wrote:
I'm looking to create a filesystem backend for twisted that could be used by any filelike twisted application (sftp, webdav etc).
I've got a proof of concept filesystem interface working - IFileSystem .. not the best of names ;), which I'm about to try and sftp into.
ISFTPServer is a nice clean interface which it'd be easy to write an adapter for from my IFileSystem - but its implementation is bolted into FileTransferServer along with a bunch of protocol stuff ..
I had been vaguely planning to break ISFTPServer's implementation out of FileTransferServer and move it into a realm avatar when I got this far so different users could have different filesystems but now that I get to looking at it - FileTransferServer is brought into existance when a sftp sybsystem is requested by the sftp client, which happens after authentication ..
It's beginning to look like most of conch/ssh/session.py would need to move into an avatar - so the avatar for a given user could be asked for a shell, or a sftp subsystem and they would get the right shell/ sftp onto a filesystem for that user ..
Yes, this does need to happen. The code that creates shells, executes files, and connects to file systems needs to be connected to ISSHUser, not Session. Unfortunatly, I can't think of a way to do it that doesn't seem ugly. Just adding methods like 'openShell(channel)' to ISSHUser seems silly when there are many more possibilities of connections for a Conch server. There should be a clever way to do this with Interfaces and Adaptors, but I can't think of it.
I was hoping that Paul, or someone else may have some thoughts in this area to guide me ..
The only thought I had was an LJ post (http://z3p.livejournal.com/324865.html), but I'm having trouble turning that idea into code. Maybe I can convince some Twisted folks at PyCon to help me out ;) -p -- Paul Swartz (o_ z3p at twistedmatrix dot com //\ http://www.twistedmatrix.com/users/z3p.twistd/ V_/_ AIM: Z3Penguin
Paul Swartz wrote:
The only thought I had was an LJ post (http://z3p.livejournal.com/324865.html), but I'm having trouble turning that idea into code. Maybe I can convince some Twisted folks at PyCon to help me out ;)
Right - I stumbled across your post a couple of days ago and was encouraged you were already thinking along these lines. Have fun at PyCon! - If you come up with anything please let me know - I'll keep plugging away in the meantime (might take a look at imap4's IAccount for ideas .. not sure how similiar a thing it is though) wishing that they'd host PyCon in Australia :) Andy.
On Sun, 2004-03-14 at 22:00, Andy Gayton wrote:
It's beginning to look like most of conch/ssh/session.py would need to move into an avatar - so the avatar for a given user could be asked for a shell, or a sftp subsystem and they would get the right shell/ sftp onto a filesystem for that user .
A day and a half of hacking at PyCon, and bam! r10358 includes a whole bunch of changes, including separating the SFTP protocol implementation from the filesystem interface. It now looks for an adapter from the avatar (the default server uses UnixConchUser) to ISFTPServer. The old filesystem implementation now lives in SFTPServerForUnixConchUser, an adapter from UnixConchUser to ISFTPServer. You'd just make your own type of avatar, and a seperate backend, and register an adapter from the avatar to the ISFTPServer interface. -p -- Paul Swartz (o_ z3p at twistedmatrix dot com //\ http://www.twistedmatrix.com/users/z3p.twistd/ V_/_ AIM: Z3Penguin
Paul Swartz wrote:
On Sun, 2004-03-14 at 22:00, Andy Gayton wrote:
It's beginning to look like most of conch/ssh/session.py would need to move into an avatar - so the avatar for a given user could be asked for a shell, or a sftp subsystem and they would get the right shell/ sftp onto a filesystem for that user .
A day and a half of hacking at PyCon, and bam! r10358 includes a whole bunch of changes, including separating the SFTP protocol implementation from the filesystem interface. It now looks for an adapter from the avatar (the default server uses UnixConchUser) to ISFTPServer. The old filesystem implementation now lives in SFTPServerForUnixConchUser, an adapter from UnixConchUser to ISFTPServer. You'd just make your own type of avatar, and a seperate backend, and register an adapter from the avatar to the ISFTPServer interface.
That's brilliant! Thanks Paul - I'll checkout the latest version and give it a whirl .. Andy.
participants (3)
-
Andy Gayton -
David A. Leedom -
Paul Swartz