Python实现Kerberos用户的增删改查

1、首先模拟python类似shell命令行操作的接口：

python安装subprocess（本地）、paramiko（SSH远程）

#-*- coding: UTF-8 -*-#!/usr/bin/pythonimport os, sysimport subprocessimport paramikoimport settingsclass RunCmd(object):    def __init__(self):        self.cmd = 'ls'    @staticmethod    def local_run(cmd):       print('start executing...')       print('cmd is -------> %s' % str(cmd))       s = subprocess.Popen(str(cmd), shell=True, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)       out, err = s.communicate()       print("outinfo is -------> %s" % out)       print("errinfo is -------> %s" % err)       print('finish executing...')       print('result:------> %s' % s.returncode)       return s.returncode    @staticmethod    def remote_run(host, username, password, port, cmd):        client = paramiko.SSHClient()        client.set_missing_host_key_policy(paramiko.AutoAddPolicy())        client.connect(hostname=host, port=int(port), username=username, password=password, timeout=5)        stdin, stdout, stderr = client.exec_command(cmd)        result = stdout.read()        client.close()        return result    @staticmethod    def krb_run(cmd):        print('krb_run start...')        print('cmd is -------> %s' % str(cmd))        result =  RunCmd.remote_run(settings.KRB_HOST, settings.USERNAME, settings.PASSWORD, settings.PORT, cmd)        print('result:------> %s' % result)        print('krb_run finish...')        return result

2、Kerberos常用的命令操作封装成接口，其他简单。但需要交互的是删除principal

    def delete_user(self, username):        cmd = r"""           expect -c "           set timeout 1;           spawn kadmin.local -q \"delete_principal {principal}\" ;           expect yes/no {{ send \"yes\r\" }}  ;           expect *\r           expect \r           expect eof           "        """.format(principal=username)        RunCmd.krb_run(cmd)