Beispiel #1
0
    def _generateOpensslConfig(self):
        config = """
[ req ]
distinguished_name     = req_distinguished_name
x509_extensions        = v3_ca
prompt                 = no
input_password         = %(certPassword)s
output_password        = %(certPassword)s

dirstring_type = nobmp

[ req_distinguished_name ]
C = EU
O = StratusLab Project
OU = Testing Department
CN = %(commonName)s

[ v3_ca ]
basicConstraints = CA:false
nsCertType=client, email, objsign
keyUsage=critical, digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
subjectAltName=email:%(subjectEmail)s
""" % self.configHolder.options

        conf_filename = os.path.join(self.tmp_dir, 'openssl.cfg')
        open(conf_filename, 'w').write(config)

        Util.printDetail("Generated openssl configuration in: %s" % conf_filename,
                         self.configHolder.verboseLevel)
        Util.printDetail("Openssl configuration: %s" % open(conf_filename).read(),
                         self.configHolder.verboseLevel,
                         Util.VERBOSE_LEVEL_DETAILED)
Beispiel #2
0
 def testfilePutGetContentUnicode(self):
     _, filename = tempfile.mkstemp()
     try:
         Util.filePutContent(filename, unicode('Élément', encoding='utf8'))
         assert 'Élément' == Util.fileGetContent(filename)
     finally:
         os.unlink(filename)
Beispiel #3
0
 def _validateParameters(self):
     Util.printStep('Validating parameters')
     if not self.registrationLdapScheme:
         raise ValidationException('registration_ldap_scheme is not defined')
     if not self.registrationLdapHost:
         raise ValidationException('registration_ldap_host is not defined')
     if not self.registrationLdapPort:
         raise ValidationException('registration_ldap_port is not defined')
     if not self.registrationLdapManagerDn:
         raise ValidationException('registration_ldap_manager_dn is not defined')
     if not self.registrationLdapManagerPassword:
         raise ValidationException('registration_ldap_manager_password is not defined')
     if not self.registrationAdminEmail:
         raise ValidationException('registration_admin_email is not defined')
     if not self.registrationMailHost:
         raise ValidationException('registration_mail_host is not defined')
     if not self.registrationMailPort:
         raise ValidationException('registration_mail_port is not defined')
     if not self.registrationMailUser:
         raise ValidationException('registration_mail_user is not defined')
     if not self.registrationMailPassword:
         raise ValidationException('registration_mail_password is not defined')
     if not self.registrationMailSsl:
         raise ValidationException('registration_mail_ssl is not defined')
     if not self.registrationMailDebug:
         raise ValidationException('registration_mail_debug is not defined')
     if not self.registrationSslTruststore:
         self.registrationSslTruststore = ''
Beispiel #4
0
 def testfilePutGetContentStr(self):
     _, filename = tempfile.mkstemp()
     try:
         Util.filePutContent(filename, str('Element'))
         assert 'Element' == Util.fileGetContent(filename)
     finally:
         os.unlink(filename)
Beispiel #5
0
 def _shutdownNode(self):
     if self.shutdownVm:
         self._stopMachine()
     else:
         self._printStep('Machine ready for use')
         msg = '\n\tMachine IP: %s\tRemember to stop the machine when finished' % self.vmIp
         Util.printInfo(msg)
Beispiel #6
0
    def addNetworkAcl(self, users, net_id_int, rights):
        """
        users - hex
        net_id_int - integer, network ID
        rights - hex
        """
        # "magic" number
        _magic = self.ACL_USERS['UID']
        net_resource = hex(self.ACL_RESOURCES['NET'] + _magic + net_id_int)

        # Hack to retry on SSL errors
        maxRetries = 3
        retries = 0
        while True:
            try:
                ret, info, _ = self._rpc.one.acl.addrule(self._sessionString,
                                                         users,
                                                         net_resource,
                                                         rights)
                break
            except ssl.SSLError as e:
                retries += 1
                t = strftime("%Y-%m-%d %H:%M:%S", gmtime())
                Util.printDetail('SSL ERROR ENCOUNTERED (%s): %s' % (t, str(e)))
                if retries >= maxRetries:
                    raise e

        if not ret:
            raise OneException(info)

        return info
Beispiel #7
0
    def _killMachine(self):
        self._printStep('Killing machine')

        if self.vmId:
            self.cloud.vmKill(self.vmId)
        else:
            Util.printWarning('Undefined VM ID, when trying to kill machine.')
Beispiel #8
0
    def listVms(self, showVmsFromAllUsers=False):
        fromAllUsers = -2
        currentUserOnly = -3

        if showVmsFromAllUsers:
            visibilitySwitch = fromAllUsers
        else:
            visibilitySwitch = currentUserOnly

        # Hack to retry on SSL errors.
        maxRetries = 3
        retries = 0
        while True:
            try:
                ret, info, _ = self._rpc.one.vmpool.info(self._sessionString, visibilitySwitch, -1, -1, -1)
                break
            except ssl.SSLError as e:
                retries += 1
                t = strftime("%Y-%m-%d %H:%M:%S", gmtime())
                Util.printDetail('SSL ERROR ENCOUNTERED (%s): %s' % (t, str(e)))
                if retries >= maxRetries:
                    raise e

        if not ret:
            raise OneException(info)

        vmlist = Util.etree_from_text(info)
        for xml in vmlist.findall('VM'):
            self._addStateSummary(xml)

        return etree.tostring(vmlist)
Beispiel #9
0
    def _configureNetworkInterface(self, device, ip, netmask):
        deviceConf = '/etc/sysconfig/network-scripts/ifcfg-%s' % device
        data = """DEVICE=%s
IPADDR=%s
NETMASK=%s
""" % (device, ip, netmask)
        Util.filePutContent(deviceConf, data)
Beispiel #10
0
    def _remoteFileAppendContents(self, filename, data):
        data = Util.escapeDoubleQuotes(data, times=4)

        rc, output = self._nodeShell('"echo \\"%s\\" >> %s"' % (data, filename),
                                     withOutput=True, shell=True)
        if rc != 0:
            Util.printError("Failed to append to %s\n%s" % (filename, output))
Beispiel #11
0
 def _configureSudo(self):
     Util.appendOrReplaceInFile(self.sudoersFilePath,
             'Defaults:%s !requiretty' % self.cloudUsername,
             'Defaults:%s !requiretty' % self.cloudUsername)
     Util.appendOrReplaceInFile(self.sudoersFilePath,
             '%s ALL= NOPASSWD: %s' % (self.cloudUsername, self.firewall.binary),
             '%s ALL= NOPASSWD: %s' % (self.cloudUsername, self.firewall.binary))
    def doWork(self):

        # checking marketplace endpoint URL
        url_is_ok = Util.checkUrlExists(ENDPOINT_MKP, 30)
        if url_is_ok is True:

            req = urllib2.Request(ENDPOINT_MKP)
            response = urllib2.urlopen(req)
            content = response.read()

            xml = Util.etree_from_text(content)

            desc_nodes = xml.iter("{" + RDF + "}Description")
            all_desc = []
            desc = {}

            for desc_node in desc_nodes:
                desc["description"] = desc_node.find('{' + DCTERMS + '}description').text
                desc["identifier"] = desc_node.find('{' + DCTERMS + '}identifier').text
                desc["creator"] = desc_node.find('{' + DCTERMS + '}creator').text
                desc["created"] = desc_node.find('{' + DCTERMS + '}created').text
                desc["os"] = desc_node.find('{' + SLTERMS + '}os').text
                desc["os-version"] = desc_node.find('{' + SLTERMS + '}os-version').text
                desc["os-arch"] = desc_node.find('{' + SLTERMS + '}os-arch').text

                # cast in str for NoneType object (otherwise, we should use try/Except)
                print "Description: " + str(desc["description"])
                print "ID: " + str(desc["identifier"])
                print "OS: " + str(desc["os"]), str(desc["os-version"]), "| Arch: " + str(desc["os-arch"])
                print "Creator: " + str(desc["creator"])
                print "Created at: " + str(desc["created"].replace("Z", "").split('T'))
                print "####\n"
                all_desc.append(desc)
Beispiel #13
0
 def _lcmStateToString(self):
     lcm = self._lcmStateAsInt()
     if (lcm is not None) and (lcm >= 0) and (lcm < len(self.lcmStateDefintion)):
         return self.lcmStateDefintion[lcm]
     else:
         Util.printError('Invalid state: %s' % lcm, exit=False)
         return self.invalidState
Beispiel #14
0
    def _configureVirtualNetInterface(self, device, ip, netmask):
        device = device + ":privlan"

        Util.printDetail("Configuring network interface %s." % device)
        self._configureNetworkInterface(device, ip, netmask)

        Util.printDetail("Starting network interface %s." % device)
        self.executeCmd(["ifup", device])
Beispiel #15
0
    def _installPackages(self):
        Util.printStep('Removing CIMI server package')
        cmd = 'yum erase -y %s' % self._package
        self._executeExitOnError(cmd)

        Util.printStep('Installing CIMI server package')
        cmd = 'yum install --nogpgcheck -y %s' % self._package
        self._executeExitOnError(cmd)
 def doWork(self):
     configHolder = ConfigHolder(self.options.__dict__)
     signator = Signator(self.manifestFile, configHolder)
     isError = signator.sign()
     if isError:
         Util.printError('Error signing metadata file')
     else:
         Util.printDetail('Metadata file successfully signed: %s' % signator.outputManifestFile)
Beispiel #17
0
 def _writeToFilesRemote(self, listOfFileNameContentTuples):
     tmpFilename = tempfile.mktemp()
     for remoteFilename, content in listOfFileNameContentTuples:
         Util.filePutContent(tmpFilename, content)
         self._nodeCopy(tmpFilename, remoteFilename)
     try:
         os.unlink(tmpFilename)
     except: pass
Beispiel #18
0
 def sign(self):
     res, output = self._sign()
     if res:
         Util.printError(output, exit=False)
         self._cleanupTempFile()
     else:
         self._renameFiles()
     return res
Beispiel #19
0
    def _installDhcp(self):
        Util.printDetail('Installing DHCP server.')

        dhcpPackage = self.getPackageName('dhcp')
        self.installPackages([dhcpPackage])

        if not self.isPackageInstalled(dhcpPackage):
            Util.printError('Failed to install %s.' % dhcpPackage)
Beispiel #20
0
    def _saveFirewallRules(self, filename):
        # back-up
        self.executeCmd(('cp -fp %s %s.LAST'%((filename,)*2)).split(' '))

        _,output = self.executeCmdWithOutput(['iptables-save'])
        Util.printDetail('Saving firewall rules to %s.' % filename)
        filePutContent(filename, output)
        os.chmod(filename, 0600)
Beispiel #21
0
    def _configureVirtualNetInterface(self, device, ip, netmask):
        device = device + ':privlan'

        Util.printDetail('Configuring network interface %s.' % device)
        self._configureNetworkInterface(device, ip, netmask)

        Util.printDetail('Starting network interface %s.' % device)
        self.executeCmd(['ifup', device])
Beispiel #22
0
        def getUidGidFromNode(user):
            rc, output = self._nodeShell(getUidGidCmd % user,
                                         withOutput=True)
            if rc != 0:
                Util.printError("Error getting '%s' user UID/GID from Node.\n%s" %
                                    (user,output))

            return _extractUidGidFromGetentPasswdOutput(output)
Beispiel #23
0
    def _installDhcp(self):
        Util.printDetail("Installing DHCP server.")

        dhcpPackage = self.getPackageName("dhcp")
        self.installPackages([dhcpPackage])

        if not self.isPackageInstalled(dhcpPackage):
            Util.printError("Failed to install %s." % dhcpPackage)
Beispiel #24
0
    def _startDhcp(self):
        Util.printDetail('(Re)Starting DHCP server.')

        serviceName = self.packages['dhcp'].initdScriptName
        rc = self.restartService(serviceName)

        if rc != 0:
            Util.printError('Failed to (re)start DHCP service.')
Beispiel #25
0
 def _execute(self, command):
     if self.verboseLevel <= Util.VERBOSE_LEVEL_NORMAL:
         devNull = open(os.path.devnull, 'w')
         ret = Util.execute(command, stdout=devNull, stderr=devNull)
         devNull.close()
     else:
         ret = Util.execute(command)
     return ret
Beispiel #26
0
 def getHttpProxyForUrl(url):
     proxy = None
     url_host = Util.parseUri(url)[1]
     envProxy = HttpClient._getEnvVarProxy()
     if envProxy and not (url_host in HttpClient._getEnvVarNoProxy()):
         proxy_server, proxy_port = Util.parseUri(envProxy)[1:3]
         proxy = httplib2.ProxyInfo(3, proxy_server, int(proxy_port), proxy_rdns=True)
     return proxy
Beispiel #27
0
    def _configureNetworkInterface(self, device, ip, netmask):
        data = """auto %s
iface %s inet static
  address %s
  netmask %s
  pre-up iptables-restore < %s""" % (device, device, ip, netmask,
                                     self.FILE_FIREWALL_RULES)

        Util.appendOrReplaceMultilineBlockInFile(self.FILE_INTERFACES, data)
Beispiel #28
0
 def _installFetchCrl(self):
     """fetch-crl 3:
     http://www.nikhef.nl/grid/fetchcrl3
     http://dist.eugridpma.info/distribution/util/fetch-crl3/
     """
     Util.printDetail('NB! Installation of fetch-crl is not implemented for Ubuntu.')
     Util.printDetail("""For manual installation see:
     http://www.nikhef.nl/grid/fetchcrl3
     http://dist.eugridpma.info/distribution/util/fetch-crl3/""")
Beispiel #29
0
 def _getManifest(self, resourceUri):
     url = MarketplaceUtil.metadataUrl(self.marketplaceEndpoint, resourceUri)
     self._printDetail('Downloading from: %s' % url)
     try:
         return self.__getManifest(url)
     except:
         reason = ''.join(traceback.format_exception_only(*(sys.exc_info()[:2])))
         Util.printError('Failed to get manifest for resource uri: %s. %s' % (url,
                                                                              reason))
Beispiel #30
0
    def _downloadImage(self, url):
        compressionExtension = self._extractCompressionExtension(url)

        localFilename = tempfile.mktemp()
        localImageName = localFilename + compressionExtension

        Util.wget(url, localImageName)

        return localImageName