Merge pull request #169 from KaushikMalapati/kinit-helper

Kinit helper

README.md

@@ -321,6 +321,19 @@ usage: ipmConfigEpics [-b boxname] [-H hutch] [-d] [-h] [-l]<br/>
     </td>
 </tr>
 
+<tr>
+    <td>kinit_helper</td>
+    <td>
+usage: kinit_helper<br/>
+    Defines two functions - kauth and afsauth.<br/>
+    kauth will create a new kerberos token, renew an existing one, or do nothing if a
+    valid token exists.<br/>
+    afsauth will check that the	user and host are able to access afs; if so, and an afs
+    token doesn't already exist, kauth will be called and a new afs token will be made.<br/>
+    By default, calls afsauth.
+    </td>
+</tr>
+
 <tr>
     <td>makepeds</td>
     <td>

scripts/kinit_helper

@@ -0,0 +1,45 @@
+#!/bin/bash
+
+function kauth {
+    # If token doesn't exist, create it (will query for password)
+    if ! klist -s
+    then
+	while ! kinit -l 365d -r 365d
+	do
+            :
+	done
+    else
+	kinit -R &> /dev/null
+    fi
+    return 0
+}
+
+function afsauth {
+    # need to be in g-pcds afs grup                                                                                                                  
+    if ! pts membership g-pcds 2>&1 | grep -q "$(whoami)"
+    then
+        echo "You do not have permission to use afs. See https://confluence.slac.stanford.edu/display/PCDS/Onboarding+Staff+Members"
+        return 1
+    fi
+
+    # afs should be used from psbuild servers
+    if [[ $(hostname) != psbuild-rhel* ]]
+    then
+        echo "You must be on psbuild to create afs tokens"
+	return 1
+    fi
+
+    # If token doesn't exist, create it
+    if ! tokens | grep -q $UID
+    then
+        # afs needs kerberos token
+	kauth
+	aklog
+    fi
+    return 0
+}
+
+# if name == '__main__':
+if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
+    afsauth
+fi