Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The zhmcclient package is a client library written in pure Python that interacts with the Web Services API of the Hardware Management Console (HMC) of IBM Z or LinuxONE machines. The goal of this package is to make the HMC Web Services API easily consumable for Python programmers.
The HMC Web Services API is the access point for any external tools to manage the IBM Z or LinuxONE platform. It supports management of the lifecycle and configuration of various platform resources, such as partitions, CPU, memory, virtual switches, I/O adapters, and more.
The zhmcclient package encapsulates both protocols supported by the HMC Web Services API:
The quick way:
$ pip install zhmcclient
For more details, see the Installation section in the documentation.
The following example code lists the partitions on CPCs in DPM mode that are accessible for the user:
#!/usr/bin/env python
import zhmcclient
import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()
# Set these variables for your environment:
host = "<IP address or hostname of the HMC>"
userid = "<userid on that HMC>"
password = "<password of that HMC userid>"
verify_cert = False
session = zhmcclient.Session(host, userid, password, verify_cert=verify_cert)
client = zhmcclient.Client(session)
console = client.consoles.console
partitions = console.list_permitted_partitions()
for part in partitions:
cpc = part.manager.parent
print("{} {}".format(cpc.name, part.name))
Possible output when running the script:
P000S67B PART1
P000S67B PART2
P0000M96 PART1
For the latest released version on PyPI:
Before version 0.18.0 of the zhmcclient package, it contained the zhmc CLI. Starting with zhmcclient version 0.18.0, the zhmc CLI has been moved from this project into the new zhmccli project.
If your project uses the zhmc CLI, and you are upgrading the zhmcclient package from before 0.18.0 to 0.18.0 or later, your project will need to add the zhmccli package to its dependencies.
For information on how to contribute to this project, see the Development section in the documentation.
The zhmcclient package is licensed under the Apache 2.0 License.
FAQs
A pure Python client library for the IBM Z HMC Web Services API
We found that zhmcclient demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.