def __init__(self, cmd, environment_vars=None):
tmpdir = munkicommon.tmpdir()
labelprefix = 'com.googlecode.munki.'
# create a unique id for this job
jobid = str(uuid.uuid1())
self.label = labelprefix + jobid
self.stdout_path = os.path.join(tmpdir, self.label + '.stdout')
self.stderr_path = os.path.join(tmpdir, self.label + '.stderr')
self.plist_path = os.path.join(tmpdir, self.label + '.plist')
self.stdout = None
self.stderr = None
self.plist = {}
self.plist['Label'] = self.label
self.plist['ProgramArguments'] = cmd
self.plist['StandardOutPath'] = self.stdout_path
self.plist['StandardErrorPath'] = self.stderr_path
if environment_vars:
self.plist['EnvironmentVariables'] = environment_vars
# write out launchd plist
FoundationPlist.writePlist(self.plist, self.plist_path)
# set owner, group and mode to those required
# by launchd
os.chown(self.plist_path, 0, 0)
os.chmod(self.plist_path, int('644', 8))
launchctl_cmd = ['/bin/launchctl', 'load', self.plist_path]
proc = subprocess.Popen(launchctl_cmd,
shell=False,
bufsize=-1,
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
err = proc.communicate()[1]
if proc.returncode:
raise LaunchdJobException(err)
def config_profile_info(ignore_cache=False):
'''Returns a dictionary representing the output of `profiles -C -o`'''
global CONFIG_PROFILE_INFO
if not profiles_supported():
CONFIG_PROFILE_INFO = {}
return CONFIG_PROFILE_INFO
if not ignore_cache and CONFIG_PROFILE_INFO is not None:
return CONFIG_PROFILE_INFO
output_plist = os.path.join(tempfile.mkdtemp(dir=munkicommon.tmpdir()),
'profiles')
cmd = ['/usr/bin/profiles', '-C', '-o', output_plist]
proc = subprocess.Popen(cmd,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
proc.communicate()
if proc.returncode != 0:
munkicommon.display_error(
'Could not obtain configuration profile info: %s' % proc.stderr)
CONFIG_PROFILE_INFO = {}
else:
try:
CONFIG_PROFILE_INFO = FoundationPlist.readPlist(output_plist +
'.plist')
except BaseException, err:
munkicommon.display_error(
'Could not read configuration profile info: %s' % err)
CONFIG_PROFILE_INFO = {}
finally:
def __init__(self, cmd, environment_vars=None):
tmpdir = munkicommon.tmpdir()
labelprefix = 'com.googlecode.munki.'
# create a unique id for this job
jobid = str(uuid.uuid1())
self.label = labelprefix + jobid
self.stdout_path = os.path.join(tmpdir, self.label + '.stdout')
self.stderr_path = os.path.join(tmpdir, self.label + '.stderr')
self.plist_path = os.path.join(tmpdir, self.label + '.plist')
self.stdout = None
self.stderr = None
self.plist = {}
self.plist['Label'] = self.label
self.plist['ProgramArguments'] = cmd
self.plist['StandardOutPath'] = self.stdout_path
self.plist['StandardErrorPath'] = self.stderr_path
if environment_vars:
self.plist['EnvironmentVariables'] = environment_vars
# write out launchd plist
FoundationPlist.writePlist(self.plist, self.plist_path)
# set owner, group and mode to those required
# by launchd
os.chown(self.plist_path, 0, 0)
os.chmod(self.plist_path, int('644', 8))
launchctl_cmd = ['/bin/launchctl', 'load', self.plist_path]
proc = subprocess.Popen(launchctl_cmd, shell=False, bufsize=-1,
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
err = proc.communicate()[1]
if proc.returncode:
raise LaunchdJobException(err)
def config_profile_info(ignore_cache=False):
'''Returns a dictionary representing the output of `profiles -C -o`'''
global CONFIG_PROFILE_INFO
if not profiles_supported():
CONFIG_PROFILE_INFO = {}
return CONFIG_PROFILE_INFO
if not ignore_cache and CONFIG_PROFILE_INFO is not None:
return CONFIG_PROFILE_INFO
output_plist = os.path.join(
tempfile.mkdtemp(dir=munkicommon.tmpdir()), 'profiles')
cmd = ['/usr/bin/profiles', '-C', '-o', output_plist]
proc = subprocess.Popen(
cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
proc.communicate()
if proc.returncode != 0:
munkicommon.display_error(
'Could not obtain configuration profile info: %s' % proc.stderr)
CONFIG_PROFILE_INFO = {}
else:
try:
CONFIG_PROFILE_INFO = FoundationPlist.readPlist(
output_plist + '.plist')
except BaseException, err:
munkicommon.display_error(
'Could not read configuration profile info: %s' % err)
CONFIG_PROFILE_INFO = {}
finally:
def __init__(self, repo, repo_path, mode):
self.repo = repo
self.repo_path = repo_path
self.repo_mode = mode
self.file = tempfile.NamedTemporaryFile(dir=munkicommon.tmpdir(), mode=mode,
delete=False, suffix=os.path.splitext(repo_path)[1])
self.local_path = self.file.name
if mode[0] == 'r':
returncode = self.repo.get(self.repo_path, self.local_path)
if returncode != 0:
raise IOError
os.environ['HOME'] = original_home
return
# Ensure the keychain is in the search path and unlocked
added_keychain = add_to_keychain_list(abs_keychain_path)
unlock_and_set_nonlocking(abs_keychain_path)
# Add client cert (and optionally key)
client_cert_file = None
combined_pem = None
if client_key_path:
# combine client cert and private key before we import
cert_data = read_file(client_cert_path)
key_data = read_file(client_key_path)
# write the combined data
combined_pem = os.path.join(munkicommon.tmpdir(), 'combined.pem')
if write_file(cert_data + key_data, combined_pem):
client_cert_file = combined_pem
else:
munkicommon.display_error(
'Could not combine client cert and key for import!')
else:
client_cert_file = client_cert_path
if client_cert_file:
# client_cert_file is combined_pem or client_cert_file
munkicommon.display_debug2('Importing client cert and key...')
try:
output = security(
'import', client_cert_file, '-A', '-k', abs_keychain_path)
if output:
munkicommon.display_debug2(output)
if original_home:
# switch it back
os.environ['HOME'] = original_home
return
# Ensure the keychain is in the search path and unlocked
added_keychain = add_to_keychain_list(abs_keychain_path)
unlock_and_set_nonlocking(abs_keychain_path)
# Add client cert (and optionally key)
if client_key_path:
# combine client cert and private key before we import
cert_data = read_file(client_cert_path)
key_data = read_file(client_key_path)
# write the combined data
combined_pem = os.path.join(munkicommon.tmpdir(), 'combined.pem')
if write_file(cert_data + key_data, combined_pem):
munkicommon.display_debug1('Importing client cert and key...')
try:
output = security('import', combined_pem, '-A', '-k',
abs_keychain_path)
if output:
munkicommon.display_debug2(output)
except SecurityError, err:
munkicommon.display_error('Could not import %s: %s',
combined_pem, err)
os.unlink(combined_pem)
else:
munkicommon.display_error(
'Could not combine client cert and key for import!')
else:
