def handle_notification(r, user): if not user.can_do("notify", r.builder): log.alert("user %s is not allowed to notify:%s" % (user.login, r.builder)) q = B_Queue(path.req_queue_file) q.lock(0) q.read() not_fin = filter(lambda (r): not r.is_done(), q.requests) r.apply_to(q) for r in not_fin: if r.is_done(): util.clean_tmp(path.srpms_dir + '/' + r.id) now = time.time() def leave_it(r): # for ,,done'' set timeout to 4d if r.is_done() and r.time + 4 * 24 * 60 * 60 < now: return False # and for not ,,done'' set it to 20d if r.time + 20 * 24 * 60 * 60 < now: util.clean_tmp(path.srpms_dir + '/' + r.id) return False return True q.requests = filter(leave_it, q.requests) q.write() q.dump(path.queue_stats_file) q.dump_html(path.queue_html_stats_file) q.write_signed(path.req_queue_signed_file) q.unlock()
def builders_order(): bs = {} bl = [] for b in config.binary_builders: bs[b] = 0 bl.append(b) lck = lock.lock("got-lock") f = open(path.got_lock_file, "r+") line_no = 0 for l in f.xreadlines(): line_no += 1 b = string.strip(l) if bs.has_key(b): bs[b] = line_no else: log.alert("found strange lock in got-lock: %s" % b) def mycmp(b1, b2): return cmp(bs[b1], bs[b2]) bl.sort(mycmp) f.seek(0) f.truncate(0) for l in bl: f.write(l + "\n") f.close() lck.close() return bl
def send(self): if not os.path.exists("/usr/lib/sendmail"): # TODO: dump to file? log.alert("/usr/lib/sendmail doesn't exist: Can't send email") return False send_sendmail = "/usr/lib/sendmail -i -t -f %s" % config.admin_email f = os.popen(send_sendmail, "w") try: self.write_to(f) except IOError, e: log.alert("sending email message failed: %s" % e) f.close() return False
def handle_request(req, filename = None): if req == '': log.alert('Empty body received. Filename: %s' % filename) return False keys = gpg.get_keys(req) (em, body) = gpg.verify_sig(req) if not em: log.alert("Invalid signature, missing/untrusted key. Keys in gpg batch: '%s'" % keys) return False user = acl.user_by_email(em) if user == None: # FIXME: security email here log.alert("'%s' not in acl. Keys in gpg batch: '%s'" % (em, keys)) return False acl.set_current_user(user) status.push("request from %s" % user.login) r = request.parse_request(body) if r.kind == 'group': handle_group(r, user) elif r.kind == 'notification': handle_notification(r, user) else: msg = "%s: don't know how to handle requests of this kind '%s'" \ % (user.get_login(), r.kind) log.alert(msg) m = user.message_to() m.set_headers(subject = "unknown request") m.write_line(msg) m.send() status.pop() return True
def handle_request(req, filename=None): if req == '': log.alert('Empty body received. Filename: %s' % filename) return False keys = gpg.get_keys(req) (em, body) = gpg.verify_sig(req) if not em: log.alert( "Invalid signature, missing/untrusted key. Keys in gpg batch: '%s'" % keys) return False user = acl.user_by_email(em) if user == None: # FIXME: security email here log.alert("'%s' not in acl. Keys in gpg batch: '%s'" % (em, keys)) return False acl.set_current_user(user) status.push("request from %s" % user.login) r = request.parse_request(body) if r.kind == 'group': handle_group(r, user) elif r.kind == 'notification': handle_notification(r, user) else: msg = "%s: don't know how to handle requests of this kind '%s'" \ % (user.get_login(), r.kind) log.alert(msg) m = user.message_to() m.set_headers(subject="unknown request") m.write_line(msg) m.send() status.pop() return True
def check_double_id(id): id_nl = id + "\n" ids = open(path.processed_ids_file) for i in ids.xreadlines(): if i == id_nl: # FIXME: security email here? log.alert("request %s already processed" % id) return 1 ids.close() ids = open(path.processed_ids_file, "a") ids.write(id_nl) ids.close() return 0
def send_file(src, target): global problems try: log.notice("sending %s to %s (size %d bytes)" % (src, target, os.stat(src).st_size)) m = re.match('rsync://([^/]+)/.*', target) if m: return not rsync_file(src, target, host = m.group(1)) if target != "" and target[0] == '/': return not copy_file(src, target) m = re.match('scp://([^@:]+@[^/:]+)(:|)(.*)', target) if m: return not scp_file(src, m.group(1) + ":" + m.group(3)) m = re.match('ssh\+rsync://([^@:]+@[^/:]+)(:|)(.*)', target) if m: return not rsync_ssh_file(src, m.group(1) + ":" + m.group(3)) m = re.match('http://.*', target) if m: return not post_file(src, target) log.alert("unsupported protocol: %s" % target) except OSError, e: problems[src] = e log.error("send_file(%s, %s): %s" % (src, target, e)) return False
def send_file(src, target): global problems try: log.notice("sending %s to %s (size %d bytes)" % (src, target, os.stat(src).st_size)) m = re.match('rsync://([^/]+)/.*', target) if m: return not rsync_file(src, target, host=m.group(1)) if target != "" and target[0] == '/': return not copy_file(src, target) m = re.match('scp://([^@:]+@[^/:]+)(:|)(.*)', target) if m: return not scp_file(src, m.group(1) + ":" + m.group(3)) m = re.match('ssh\+rsync://([^@:]+@[^/:]+)(:|)(.*)', target) if m: return not rsync_ssh_file(src, m.group(1) + ":" + m.group(3)) m = re.match('(http|https)://.*', target) if m: return not post_file(src, target) log.alert("unsupported protocol: %s" % target) except OSError, e: problems[src] = e log.error("send_file(%s, %s): %s" % (src, target, e)) return False
def wrap(main): try: main() except: exctype, value = sys.exc_info()[:2] if exctype == SystemExit: sys.exit(value) s = StringIO.StringIO() traceback.print_exc(file=s, limit=20) log.alert("fatal python exception") log.alert(s.getvalue()) log.alert("during: %s" % status.get()) sendmail(s.getvalue()) sys.exit(1)
def wrap(main): try: main() except: exctype, value = sys.exc_info()[:2] if exctype == SystemExit: sys.exit(value) s = StringIO.StringIO() traceback.print_exc(file = s, limit = 20) log.alert("fatal python exception") log.alert(s.getvalue()) log.alert("during: %s" % status.get()) sendmail(s.getvalue()) sys.exit(1)
req = urllib2.Request(url=control_url + "/queue.gz", headers=headers) f = urllib2.urlopen(req) signal.alarm(0) except Exception, e: signal.alarm(0) log.error("can't fetch %s: %s" % (control_url + "/queue.gz", e)) sys.exit(1) sio = StringIO.StringIO() util.sendfile(f, sio) f.close() sio.seek(0) f = gzip.GzipFile(fileobj = sio) (signers, body) = gpg.verify_sig(f.read()) u = acl.user_by_email(signers) if u == None: log.alert("queue.gz not signed with signature of valid user: %s" % signers) sys.exit(1) if not u.can_do("sign_queue", "all"): log.alert("user %s is not allowed to sign my queue" % u.login) sys.exit(1) return request.parse_requests(body) def handle_reqs(builder, reqs): qpath = path.queue_file + "-" + builder if not os.access(qpath, os.F_OK): util.append_to(qpath, "<queue/>\n") q = B_Queue(qpath) q.lock(0) q.read() for r in reqs: if r.kind != 'group':
req = urllib2.Request(url=control_url + "/queue.gz", headers=headers) f = urllib2.urlopen(req) signal.alarm(0) except Exception, e: signal.alarm(0) log.error("can't fetch %s: %s" % (control_url + "/queue.gz", e)) sys.exit(1) sio = StringIO.StringIO() util.sendfile(f, sio) f.close() sio.seek(0) f = gzip.GzipFile(fileobj=sio) (signers, body) = gpg.verify_sig(f.read()) u = acl.user_by_email(signers) if u == None: log.alert("queue.gz not signed with signature of valid user: %s" % signers) sys.exit(1) if not u.can_do("sign_queue", "all"): log.alert("user %s is not allowed to sign my queue" % u.login) sys.exit(1) return request.parse_requests(body) def handle_reqs(builder, reqs): qpath = path.queue_file + "-" + builder if not os.access(qpath, os.F_OK): util.append_to(qpath, "<queue/>\n") q = B_Queue(qpath) q.lock(0) q.read() for r in reqs:
req = urllib2.Request(url=control_url + "/queue.gz", headers=headers) f = urllib2.urlopen(req) signal.alarm(0) except Exception, e: signal.alarm(0) log.error("can't fetch %s: %s" % (control_url + "/queue.gz", e)) sys.exit(1) sio = StringIO.StringIO() util.sendfile(f, sio) f.close() sio.seek(0) f = gzip.GzipFile(fileobj=sio) try: fdata = f.read() except struct.error, e: log.alert("corrupted fetched queue.gz file") sys.exit(1) (signers, body) = gpg.verify_sig(fdata) u = acl.user_by_email(signers) if u == None: log.alert("queue.gz not signed with signature of valid user: %s" % signers) sys.exit(1) if not u.can_do("sign_queue", "all"): log.alert("user %s is not allowed to sign my queue" % u.login) sys.exit(1) return request.parse_requests(body) def handle_reqs(builder, reqs): qpath = path.queue_file + "-" + builder