def __init__(self, lockdir):
#self.gid = 250
self.lockfile = os.path.join(lockdir, '.gkeys_lock')
ensure_dirs(lockdir)
fileutils.touch(self.lockfile, mode=0o664)
#os.chown(self.lockfile, -1, self.gid)
self.lock = osutils.FsLock(self.lockfile)
def set_logger(namespace=None, logpath='', level=None,
dirmode=0o775, filemask=0o002):
global logger, NAMESPACE, Console_handler, logname
if not namespace:
namespace = NAMESPACE
else:
NAMESPACE = namespace
logger = logging.getLogger(namespace)
logger.setLevel(log_levels['DEBUG'])
# create formatter and add it to the handlers
log_format = '%(asctime)s %(name)-12s %(levelname)-8s %(message)s'
formatter = logging.Formatter(log_format)
# add the handlers to logger
if logpath:
ensure_dirs(logpath, mode=dirmode, fatal=True)
os.umask(filemask)
logname = os.path.join(logpath,
'%s-%s.log' % (namespace, time.strftime('%Y%m%d-%H')))
file_handler = logging.FileHandler(logname)
if level:
file_handler.setLevel(log_levels[level])
else:
file_handler.setLevel(log_levels['DEBUG'])
file_handler.setFormatter(formatter)
logger.addHandler(file_handler)
# create console handler with a higher log level
Console_handler = logging.StreamHandler()
Console_handler.setLevel(logging.ERROR)
#Console_handler.setFormatter(formatter)
logger.addHandler(Console_handler)
#print "File logger suppose to be initialized", logger, Console_handler
logger.debug("==== Loggers initialized ==== time: %s", time.strftime('%Y%m%d-%H:%M:%S') )
return logger
def genkey(self, args):
'''Generate a gpg key using a spec file'''
messages = []
if not args.destination:
gpghome = self.config.get_key('gkeys-gen', 'gpg-home')
else:
if os.path.exists(args.destination):
gpghome = os.path.join(args.destination, 'gpghome')
else:
messages.extend(['', "Aborting... %s path does not exist." % args.destination])
return (False, messages)
self.logger.debug("MAIN: _action_genkey; setting gpghome destination: %s" % gpghome)
self.logger.debug("MAIN: _action_genkey; args= %s" % str(args))
if not args.spec:
args.spec = self.config.get_key('spec', 'default-spec')
key_params = self.get_input(args)
ack = None
while ack not in ["y", "yes", "n", "no"]:
ack = py_input("Continue?[y/n]: ").lower()
if ack in ["n", "no"]:
messages.extend(['', "\nKey generation aborted."])
return (False, messages)
elif ack in ["y", "yes"]:
# Set the environment to custom gpg directory
os.environ['GNUPGHOME'] = gpghome
gpghome_full_path = os.path.abspath(gpghome)
self.logger.info("MAIN: _action_genkey; create custom gpg directory: %s" % gpghome_full_path)
self.output(["\n* Creating gpg folder at %s" % gpghome_full_path])
ensure_dirs(gpghome)
# Copy default gpg-conf.skel and append glep63 requirements
self.configure_config_file(args, gpghome)
# Key generation
ctx = gpgme.Context()
self.logger.info("MAIN: _action_genkey: Generating GPG key...")
self.output([LARRY])
self.output(["* Give the password for the key. (Pick a strong one)",
" Please surf the internet, type on your keyboard, etc. ",
" This helps the random number generator work effectively"])
try:
result = ctx.genkey(key_params)
except gpgme.GpgmeError as e:
self.logger.debug("MAIN: _action_genkey: GpgmeError: %s" % str(e))
self.logger.debug("MAIN: _action_genkey: Aborting... Gpgme errored out.")
messages.extend(['', "Aborting... Gpgme reported an error.\n",
" GpgmeError: %s\n" % str(e),
" See the log file for details: %s" % log.logname])
return (False, messages)
key = ctx.get_key(result.fpr, True)
self.logger.debug("MAIN: _action_genkey: Generated key: %s - %s"
% (key.uids[0].uid, key.subkeys[0].fpr))
self.output(["Your new GLEP 63 based OpenPGP key has been created in %s" % gpghome_full_path])
self.output([GPG_INFO_STRING % (key.uids[0].name, key.uids[0].email,
key.subkeys[0].fpr)])
self.output(["In order to use your new key, place the new gpghome to your ~/.gnupg folder by running the following command:",
" mv %s ~/.gnupg" % gpghome_full_path,
"Important: If you have another old key in ~/.gnupg please make sure you backup it up first.\n",
"Please read the FAQ for post-generation steps that are available in:",
"https://wiki.gentoo.org/wiki/Project:Gentoo-keys/Generating_GLEP_63_based_OpenPGP_keys"])
return (True, messages)
def setup(self, args, configs):
'''Set up the args and configs passed in
@param args: list or argparse.Namespace object
@param configs: list
'''
message = None
if not args:
message = "Main: run; invalid args argument passed in"
if isinstance(args, list):
args = self.parse_args(args)
if args.config:
self.config.defaults['config'] = args.config
self.config.defaults['configdir'] = os.path.dirname(args.config)
if getattr(args, 'email', False):
configs = [self.config.defaults['config'], os.path.abspath(os.path.join(self.config.defaults['configdir'], "email.conf"))]
self.config.read_config(configs)
else:
self.config.read_config()
else:
self.config.read_config(configs)
# check for permissions and adjust configs accordngly
if not self.config.defaults['homedir']:
self.config.defaults['homedir'] = os.path.expanduser('~')
if not os.access(self.config['logdir'], os.W_OK):
self.config.options['logdir'] = os.path.join(self.config['userconfigdir'], 'logs')
ensure_dirs(self.config.options['logdir'])
# establish our logger and update it in the imported files
self.logger = set_logger(self.cli_config['prog'], self.config['logdir'], args.debug,
dirmode=int(self.config.get_key('permissions', 'directories'),0),
filemask=int(self.config.get_key('permissions', 'files'),0))
self.config.logger = self.logger
if message:
self.logger.error(message)
# now that we have a logger, record the alternate config setting
if args.config:
self.logger.debug("Main: run; Found alternate config request: %s"
% args.config)
self.logger.debug("Main: run; Using config: %s" % self.config['config'])
# check if a -C, --category was input
# if it was, check if the category is listed in the [seeds]
cat = None
if 'category' in args:
cat = args.category
if not self._check_category(cat):
return False
return True
def setup(self, args, configs):
'''Set up the args and configs passed in
@param args: list or argparse.Namespace object
@param configs: list
'''
message = None
if not args:
message = "Main: run; invalid args argument passed in"
if isinstance(args, list):
args = self.parse_args(args)
if args.config:
self.config.defaults['config'] = args.config
self.config.read_config()
else:
self.config.read_config(configs)
# check for permissions and adjust configs accordngly
if not self.config.defaults['homedir']:
self.config.defaults['homedir'] = os.path.expanduser('~')
if not os.access(self.config['logdir'], os.W_OK):
self.config.options['logdir'] = os.path.join(
self.config['userconfigdir'], 'logs')
ensure_dirs(self.config.options['logdir'])
# establish our logger and update it in the imported files
self.logger = set_logger(
self.cli_config['prog'],
self.config['logdir'],
args.debug,
dirmode=int(self.config.get_key('permissions', 'directories'), 0),
filemask=int(self.config.get_key('permissions', 'files'), 0))
self.config.logger = self.logger
if message:
self.logger.error(message)
# now that we have a logger, record the alternate config setting
if args.config:
self.logger.debug("Main: run; Found alternate config request: %s" %
args.config)
self.logger.debug("Main: run; Using config: %s" %
self.config['config'])
# check if a -C, --category was input
# if it was, check if the category is listed in the [seeds]
cat = None
if 'category' in args:
cat = args.category
if not self._check_category(cat):
return False
return True
def set_keyring(self, keyring, task, importkey=False, reset=True):
'''Sets the keyring to use as well as related task options
'''
self.logger.debug("keydir: %s, keyring: %s" % (self.keydir, keyring))
if reset:
self.config.options['tasks'][task] = self.config.defaults['tasks'][task][:]
# --keyring file | Note that this adds a keyring to the current list.
# If the intent is to use the specified keyring alone,
# use --keyring along with --no-default-keyring.
if importkey:
task_value = ['--import-options', 'import-clean']
self.config.options['tasks'][task].extend(task_value)
parent_dir = abspath(pjoin(keyring, pardir))
ensure_dirs(parent_dir,
mode=int(self.config.get_key('permissions', 'directories'),0))
task_value = ['--no-default-keyring', '--keyring', keyring]
self.config.options['tasks'][task].extend(task_value)
self.logger.debug("set_keyring: New task options: %s" %str(self.config.options['tasks'][task]))
return
def set_keyring(self, keyring, task, importkey=False, reset=True):
'''Sets the keyring to use as well as related task options
'''
self.logger.debug("keydir: %s, keyring: %s" % (self.keydir, keyring))
if reset:
self.config.options['tasks'][task] = self.config.defaults['tasks'][task][:]
# --keyring file | Note that this adds a keyring to the current list.
# If the intent is to use the specified keyring alone,
# use --keyring along with --no-default-keyring.
if importkey:
task_value = ['--import-options', 'import-clean']
self.config.options['tasks'][task].extend(task_value)
parent_dir = abspath(pjoin(keyring, pardir))
ensure_dirs(parent_dir,
mode=int(self.config.get_key('permissions', 'directories'),0))
task_value = ['--no-default-keyring', '--keyring', keyring]
self.config.options['tasks'][task].extend(task_value)
self.logger.debug("set_keyring: New task options: %s" %str(self.config.options['tasks'][task]))
return
def add_key(self, gkey):
'''Add the specified key to the specified keydir
@param gkey: GKEY namedtuple with
(name, nick, keydir, fingerprint)
'''
self.config.defaults['gpg_defaults'].append('--no-permission-warning')
self.set_keyserver()
self.set_keydir(gkey.keydir, 'recv-keys', reset=True)
self.set_keyring('pubring.gpg', 'recv-keys', reset=False)
logger.debug("LIB: add_key; ensure dirs: " + self.keydir)
mode = int(self.config.get_key('permissions', 'directories'),0)
ensure_dirs(str(self.keydir), mode=mode)
self.set_keyseedfile(trap_errors=False)
results = []
for fingerprint in gkey.fingerprint:
logger.debug("LIB: add_key; adding fingerprint " + fingerprint)
logger.debug("** Calling runGPG with Running 'gpg %s --recv-keys %s' for: %s"
% (' '.join(self.config.get_key('tasks', 'recv-keys')),
fingerprint, gkey.name))
result = self.runGPG(task='recv-keys', inputfile=fingerprint)
logger.info('GPG return code: ' + str(result.returncode))
if result.fingerprint in gkey.fingerprint:
result.failed = False
message = "Fingerprints match... Import successful: "
message += "%s, fingerprint: %s" % (gkey.nick, fingerprint)
message += "\n result len: %s, %s" % (len(result.fingerprint), result.fingerprint)
message += "\n gkey len: %s, %s" % (len(gkey.fingerprint[0]), gkey.fingerprint[0])
logger.info(message)
else:
result.failed = True
message = "Fingerprints do not match... Import failed for "
message += "%s, fingerprint: %s" % (gkey.nick, fingerprint)
message += "\n result: %s" % (result.fingerprint)
message += "\n gkey..: %s" % (str(gkey.fingerprint))
logger.error(message)
# Save the gkey seed to the installed db
self.seedfile.update(gkey)
if not self.seedfile.save():
logger.error("GkeysGPG.add_key(); failed to save seed: " + gkey.nick)
return []
results.append(result)
return results
def add_key(self, gkey):
'''Add the specified key to the specified keydir
@param gkey: GKEY namedtuple with
(name, nick, keydir, fingerprint)
'''
self.config.defaults['gpg_defaults'].append('--no-permission-warning')
self.set_keyserver()
self.set_keydir(gkey.keydir, 'recv-keys', reset=True)
self.set_keyring('pubring.gpg', 'recv-keys', reset=False)
self.logger.debug("LIB: add_key; ensure dirs: " + self.keydir)
mode = int(self.config.get_key('permissions', 'directories'),0)
ensure_dirs(str(self.keydir), mode=mode)
self.set_keyseedfile(trap_errors=True)
results = []
for fingerprint in gkey.keys:
self.logger.debug("LIB: add_key; adding fingerprint " + fingerprint)
self.logger.debug("** Calling runGPG with Running 'gpg %s --recv-keys %s' for: %s"
% (' '.join(self.config.get_key('tasks', 'recv-keys')),
fingerprint, gkey.name))
result = self.runGPG(task='recv-keys', inputfile=fingerprint)
self.logger.info('GPG return code: ' + str(result.returncode))
if result.fingerprint in gkey.keys:
result.failed = False
message = "Fingerprints match... Import successful: "
message += "%s, fingerprint: %s" % (gkey.nick, fingerprint)
message += "\n result len: %s, %s" % (len(result.fingerprint), result.fingerprint)
message += "\n gkey len: %s, %s" % (len(gkey.fingerprint[0]), gkey.fingerprint[0])
self.logger.info(message)
else:
result.failed = True
message = "Fingerprints do not match... Import failed for "
message += "%s, fingerprint: %s" % (gkey.nick, fingerprint)
message += "\n result: %s" % (result.fingerprint)
message += "\n gkey..: %s" % (str(gkey.fingerprint))
self.logger.error(message)
# Save the gkey seed to the installed db
success = self.update_gkey(gkey, save=True)
if not success:
return []
results.append(result)
return results
def save(self, filename=None):
'''Save the seeds to the file'''
if filename:
self.filename = filename
if not self.filename:
logger.debug("Seed: save; Not a valid filename: '%s'" % str(self.filename))
return False
logger.debug("Seed: save; Begin saving seed file %s" % self.filename)
ensure_dirs(os.path.split(self.filename)[0],
mode=int(self.config.get_key('permissions', "directories"),0),
fatal=True)
os.umask(int(self.config.get_key("permissions", "files"),0))
try:
with open(self.filename, 'w') as seedfile:
seedfile.write(self._seeds2json(self.seeds))
seedfile.write("\n")
except IOError as err:
self._error(err)
return False
return True
def set_logger(namespace=None,
logpath='',
level=None,
dirmode=0o775,
filemask=0o002):
global logger, NAMESPACE, Console_handler, logname
if not namespace:
namespace = NAMESPACE
else:
NAMESPACE = namespace
logger = logging.getLogger(namespace)
logger.setLevel(log_levels['DEBUG'])
# create formatter and add it to the handlers
log_format = '%(asctime)s %(name)-12s %(levelname)-8s %(message)s'
formatter = logging.Formatter(log_format)
# add the handlers to logger
if logpath:
ensure_dirs(logpath, mode=dirmode, fatal=True)
os.umask(filemask)
logname = os.path.join(
logpath, '%s-%s.log' % (namespace, time.strftime('%Y%m%d-%H:%M')))
file_handler = logging.FileHandler(logname)
if level:
file_handler.setLevel(log_levels[level])
else:
file_handler.setLevel(log_levels['DEBUG'])
file_handler.setFormatter(formatter)
logger.addHandler(file_handler)
# create console handler with a higher log level
Console_handler = logging.StreamHandler()
Console_handler.setLevel(logging.ERROR)
#Console_handler.setFormatter(formatter)
logger.addHandler(Console_handler)
#print "File logger suppose to be initialized", logger, Console_handler
logger.debug("Loggers initialized")
return logger
def fetch_seeds(self, seeds, args, verified_dl=None):
'''Fetch new seed files
@param seeds: list of seed nicks to download
@param verified_dl: Function pointer to the Actions.verify()
instance needed to do the download and verification
'''
http_check = re.compile(r'^(http|https)://')
urls = []
messages = []
try:
for seed in [seeds]:
seedurl = self.config.get_key('seedurls', seed)
seedpath = self.config.get_key('seeds', seed)
if http_check.match(seedurl):
urls.extend([(seed, seedurl, seedpath)])
else:
self.logger.info("Wrong seed file URLs... Skipping: %s" % seed)
except KeyError:
pass
succeeded = []
seedsdir = self.config.get_key('seedsdir')
mode = int(self.config.get_key('permissions', 'directories'),0)
ensure_dirs(seedsdir, mode=mode)
for (seed, url, filepath) in urls:
verify_info = self.config.get_key('verify-seeds', seed).split()
args.category = verify_info[0]
args.nick = verify_info[1]
args.filename = url
args.signature = None
args.timestamp = True
args.destination = filepath
verified, messages_ = verified_dl(args)
succeeded.append(verified)
messages.append(messages_)
return (succeeded, messages)
def genkey(self, args):
'''Key generation action'''
if not args.homedir:
gpghome = os.path.join(os.getcwd(), 'gpghome')
else:
if os.path.exists(args.homedir):
gpghome = os.path.join(args.homedir, 'gpghome')
else:
self.output("Aborting... %s path does not exist." % args.homedir)
return False
self.logger.debug("MAIN: _action_genkey; setting gpghome destination: %s" % gpghome)
self.logger.debug("MAIN: _action_genkey; args= %s" % str(args))
key_params = self.get_input()
ack = None
while ack not in ["y", "yes", "n", "no"]:
ack = py_input("Continue?[y/n]: ").lower()
if ack in ["n", "no"]:
self.output("\nKey generation aborted.")
return False
elif ack in ["y", "yes"]:
# Set the environment to custom gpg directory
os.environ['GNUPGHOME'] = gpghome
gpghome_full_path = os.path.abspath(gpghome)
self.logger.info("MAIN: _action_genkey; create custom gpg directory: %s" % gpghome_full_path)
self.output("\n* Creating gpg folder at %s" % gpghome_full_path)
ensure_dirs(gpghome)
# Copy default gpg-conf.skel and append glep63 requirements
self.output("* Creating gpg.conf file at %s" % gpghome_full_path)
newgpgconfpath = os.path.join(gpghome, 'gpg.conf')
shutil.copy('/usr/share/gnupg/gpg-conf.skel', newgpgconfpath)
with open(newgpgconfpath, 'a') as conf:
for line in urlopen(GPG_CONF):
conf.write(_unicode(line))
# Key generation
ctx = gpgme.Context()
self.logger.info("MAIN: _action_genkey: Generating GPG key...")
self.output("""
____________________
< Generating GPG key >
--------------------
\ ^__^
\ (oo)\_______
(__)\ )\/
||----w |
|| ||""")
self.output("\n* Give the password for the key. (Pick a strong one)\n")
try:
result = ctx.genkey(key_params)
except gpgme.GpgmeError:
self.logger.debug("MAIN: _action_genkey: Aborting... No given password.")
self.output("Aborting... No given password.")
return False
key = ctx.get_key(result.fpr, True)
self.logger.debug("MAIN: _action_genkey: Generated key: %s - %s"
% (key.uids[0].uid, key.subkeys[0].fpr))
self.output("Your new GLEP 63 based OpenPGP key has been created in %s" % gpghome_full_path)
self.output("""
GPG key info:
Full Name: %s,
Email: %s,
Fingerprint: %s
""" % (key.uids[0].name, key.uids[0].email,
key.subkeys[0].fpr))
self.output("In order to use your new key, place the new gpghome to your ~/.gnupg folder by running the following command:\n"
" mv %s ~/.gnupg\n"
"Important: If you have another old key in ~/.gnupg please make sure you backup it up first.\n\n"
"Please read the FAQ for post-generation steps that are available in: \n"
"https://wiki.gentoo.org/wiki/Project:Gentoo-keys/Generating_GLEP_63_based_OpenPGP_keys\n" % gpghome_full_path)
return True
def genkey(self, args):
'''Generate a gpg key using a spec file'''
messages = []
if not args.destination:
gpghome = self.config.get_key('gkeys-gen', 'gpg-home')
else:
if os.path.exists(args.destination):
gpghome = os.path.join(args.destination, 'gpghome')
else:
messages.extend(['', "Aborting... %s path does not exist." % args.destination])
return (False, messages)
self.logger.debug("MAIN: _action_genkey; setting gpghome destination: %s" % gpghome)
self.logger.debug("MAIN: _action_genkey; args= %s" % str(args))
if not args.spec:
args.spec = self.config.get_key('spec', 'default-spec')
key_params = self.get_input(args)
ack = None
while ack not in ["y", "yes", "n", "no"]:
ack = py_input("Continue?[y/n]: ").lower()
if ack in ["n", "no"]:
messages.extend(['', "\nKey generation aborted."])
return (False, messages)
elif ack in ["y", "yes"]:
# Set the environment to custom gpg directory
os.environ['GNUPGHOME'] = gpghome
gpghome_full_path = os.path.abspath(gpghome)
self.logger.info("MAIN: _action_genkey; create custom gpg directory: %s" % gpghome_full_path)
self.output(["\n* Creating gpg folder at %s" % gpghome_full_path])
ensure_dirs(gpghome)
# Copy default gpg-conf.skel and append glep63 requirements
self.output(["* Creating gpg.conf file at %s" % gpghome_full_path])
newgpgconfpath = os.path.join(gpghome, 'gpg.conf')
shutil.copy('/usr/share/gnupg/gpg-conf.skel', newgpgconfpath)
with open(newgpgconfpath, 'a') as conf:
for line in urlopen(self.config.get_key('gpg-urls', args.spec)):
conf.write(_unicode(line.decode('utf-8')))
# Key generation
ctx = gpgme.Context()
self.logger.info("MAIN: _action_genkey: Generating GPG key...")
self.output([LARRY])
self.output(["* Give the password for the key. (Pick a strong one)",
" Please surf the internet, type on your keyboard, etc. ",
" This helps the random number generator work effectively"])
try:
result = ctx.genkey(key_params)
except gpgme.GpgmeError as e:
self.logger.debug("MAIN: _action_genkey: GpgmeError: %s" % str(e))
self.logger.debug("MAIN: _action_genkey: Aborting... Gpgme errored out.")
messages.extend(['', "Aborting... Gpgme reported an error.\n",
" GpgmeError: %s\n" % str(e),
" See the log file for details: %s" % log.logname])
return (False, messages)
key = ctx.get_key(result.fpr, True)
self.logger.debug("MAIN: _action_genkey: Generated key: %s - %s"
% (key.uids[0].uid, key.subkeys[0].fpr))
self.output(["Your new GLEP 63 based OpenPGP key has been created in %s" % gpghome_full_path])
self.output([GPG_INFO_STRING % (key.uids[0].name, key.uids[0].email,
key.subkeys[0].fpr)])
self.output(["In order to use your new key, place the new gpghome to your ~/.gnupg folder by running the following command:",
" mv %s ~/.gnupg" % gpghome_full_path,
"Important: If you have another old key in ~/.gnupg please make sure you backup it up first.\n",
"Please read the FAQ for post-generation steps that are available in:",
"https://wiki.gentoo.org/wiki/Project:Gentoo-keys/Generating_GLEP_63_based_OpenPGP_keys"])
return (True, messages)
def ensure_docdir(self):
ensure_dirs(self.path)
