def _parse_url(url):
""" Returns scheme, host, port, path. """
scheme, netloc, path, _params, _query, _frag = rhnLib.parseUrl(url)
host, port = urllib.splitnport(netloc)
if (port <= 0):
port = None
return scheme, host, port, path
def _parse_url(self, url):
""" Returns scheme, host, port, path. """
scheme, netloc, path, params, query, frag = rhnLib.parseUrl(url)
host, port = urllib.splitnport(netloc)
if (port <= 0):
port = None
return scheme, host, port, path
def __init__(self, req):
""" init with http request object """
# FIXME: should rename some things:
# self.bodyFd --> self.body or self.data or ?
# self.caChain --> self.caCert
self.req = req
# turn wsgi.input object into a SmartIO instance so it can be read
# more than once
if 'wsgi.input' in self.req.headers_in:
smartFd = SmartIO(max_mem_size=CFG.MAX_MEM_FILE_SIZE)
smartFd.write(self.req.headers_in['wsgi.input'].read())
self.req.headers_in['wsgi.input'] = smartFd
self.responseContext = ResponseContext()
self.uri = None # ''
# Common settings for both the proxy and the redirect
# broker and redirect immediately alter these for their own purposes
self.caChain = CFG.CA_CHAIN
self.httpProxy = CFG.HTTP_PROXY
self.httpProxyUsername = CFG.HTTP_PROXY_USERNAME
self.httpProxyPassword = CFG.HTTP_PROXY_PASSWORD
if not self.httpProxyUsername:
self.httpProxyPassword = ''
self.rhnParent = CFG.RHN_PARENT or ''
self.rhnParent = rhnLib.parseUrl(self.rhnParent)[1].split(':')[0]
CFG.set('RHN_PARENT', self.rhnParent)
def __getXmlrpcServer():
""" get an xmlrpc server object
WARNING: if CFG.USE_SSL is off, we are sending info
in the clear.
"""
log_debug(3)
# build the URL
url = CFG.RHN_PARENT or ''
url = parseUrl(url)[1].split(':')[0]
if CFG.USE_SSL:
url = 'https://' + url + '/XMLRPC'
else:
url = 'http://' + url + '/XMLRPC'
log_debug(3, 'server url: %s' % url)
if CFG.HTTP_PROXY:
serverObj = rpclib.Server(url,
proxy=CFG.HTTP_PROXY,
username=CFG.HTTP_PROXY_USERNAME,
password=CFG.HTTP_PROXY_PASSWORD)
else:
serverObj = rpclib.Server(url)
if CFG.USE_SSL and CFG.CA_CHAIN:
if not os.access(CFG.CA_CHAIN, os.R_OK):
log_error('ERROR: missing or cannot access (for ca_chain): %s' % CFG.CA_CHAIN)
raise rhnFault(1000,
_("Spacewalk Proxy error (file access issues). "
"Please contact your system administrator. "
"Please refer to Spacewalk Proxy logs."))
serverObj.add_trusted_cert(CFG.CA_CHAIN)
serverObj.add_header('X-RHN-Client-Version', 2)
return serverObj
def __init__(self, req):
""" init with http request object """
# FIXME: should rename some things:
# self.bodyFd --> self.body or self.data or ?
# self.caChain --> self.caCert
self.req = req
# turn wsgi.input object into a SmartIO instance so it can be read
# more than once
if 'wsgi.input' in self.req.headers_in:
smartFd = SmartIO(max_mem_size=CFG.MAX_MEM_FILE_SIZE)
smartFd.write(self.req.headers_in['wsgi.input'].read())
self.req.headers_in['wsgi.input'] = smartFd
self.responseContext = ResponseContext()
self.uri = None # ''
# Common settings for both the proxy and the redirect
# broker and redirect immediately alter these for their own purposes
self.caChain = CFG.CA_CHAIN
self.httpProxy = CFG.HTTP_PROXY
self.httpProxyUsername = CFG.HTTP_PROXY_USERNAME
self.httpProxyPassword = CFG.HTTP_PROXY_PASSWORD
if not self.httpProxyUsername:
self.httpProxyPassword = ''
self.rhnParent = CFG.RHN_PARENT or ''
self.rhnParent = rhnLib.parseUrl(self.rhnParent)[1].split(':')[0]
CFG.set('RHN_PARENT', self.rhnParent)
def _parse_url(url):
""" Returns scheme, host, port, path. """
scheme, netloc, path, _params, _query, _frag = rhnLib.parseUrl(url)
host, port = urllib.splitnport(netloc)
if port <= 0:
port = None
return scheme, host, port, path
def setURL(self, path='/APP'):
# overloaded for uploadlib.py
if not CFG.RHN_PARENT:
self.die(-1, "rhn_parent not set in the configuration file")
self.url = CFG.RHN_PARENT
scheme = 'http://'
if not self.options.no_ssl and CFG.USE_SSL:
# i.e., --no-ssl overrides the USE_SSL config variable.
scheme = 'https://'
self.url = CFG.RHN_PARENT or ''
self.url = parseUrl(self.url)[1].split(':')[0]
self.url = scheme + self.url + path
def setURL(self, path='/APP'):
# overloaded for uploadlib.py
if not CFG.RHN_PARENT:
self.die(-1, "rhn_parent not set in the configuration file")
self.url = CFG.RHN_PARENT
scheme = 'http://'
if not self.options.no_ssl and CFG.USE_SSL:
# i.e., --no-ssl overrides the USE_SSL config variable.
scheme = 'https://'
self.url = CFG.RHN_PARENT or ''
self.url = parseUrl(self.url)[1].split(':')[0]
self.url = scheme + self.url + path
def __init__(self, req):
SharedHandler.__init__(self, req)
# Initialize variables
self.componentType = 'proxy.broker'
self.cachedClientInfo = None # headers - session token
self.authChannels = None
self.clientServerId = None
self.rhnParentXMLRPC = None
self.authToken = None
self.fullRequestURL = None
hostname = ''
# should *always* exist and be my ip address
my_ip_addr = req.headers_in['SERVER_ADDR']
if req.headers_in.has_key('Host'):
# the client has provided a host header
try:
# When a client with python 2.4 (RHEL 5) uses SSL
# the host header is in the 'hostname:port' form
# (In python 2.6 RFE #1472176 changed this and 'hostname'
# is used). We need to use the 'hostname' part in any case
# or we create bogus 'hostname:port' DNS queries
host_header = req.headers_in['Host'].split(':')[0]
if host_header != my_ip_addr and \
socket.gethostbyname(host_header) == my_ip_addr:
# if host header is valid (i.e. not just an /etc/hosts
# entry on the client or the hostname of some other
# machine (say a load balancer)) then use it
hostname = host_header
except (socket.gaierror, socket.error, socket.herror,
socket.timeout):
# hostname probably didn't exist, fine
pass
if not hostname:
# okay, that didn't work, let's do a reverse dns lookup on my
# ip address
try:
hostname = socket.gethostbyaddr(my_ip_addr)[0]
except (socket.gaierror, socket.error, socket.herror,
socket.timeout):
# unknown host, we don't have a hostname?
pass
if not hostname:
# this shouldn't happen
# socket.gethostname is a punt. Shouldn't need to do it.
hostname = socket.gethostname()
log_debug(
-1, 'WARNING: no hostname in the incoming headers; '
'punting: %s' % hostname)
hostname = parseUrl(hostname)[1].split(':')[0]
self.proxyAuth = proxy.rhnProxyAuth.get_proxy_auth(hostname)
self._initConnectionVariables(req)
def schemeAndUrl(self, url):
""" http[s]://BLAHBLAHBLAH/ACKACK --> http[s]://BLAHBLAHBLAH """
if not url:
url = CFG.RHN_PARENT # the default
# just make the url complete.
hostname = rhnLib.parseUrl(url or '')[1]
hostname = hostname.split(':')[0] # just in case
if self.sslYN:
url = 'https://' + hostname
else:
url = 'http://' + hostname
return url
def schemeAndUrl(self, url):
""" http[s]://BLAHBLAHBLAH/ACKACK --> http[s]://BLAHBLAHBLAH """
if not url:
url = CFG.RHN_PARENT # the default
# just make the url complete.
hostname = rhnLib.parseUrl(url or '')[1]
hostname = hostname.split(':')[0] # just in case
if self.sslYN:
url = 'https://' + hostname
else:
url = 'http://' + hostname
return url
def testParseUrl(self):
self.assertEquals(("", "", "", "", "", ""), rhnLib.parseUrl(""))
self.assertEquals(("", "somehostname", "", "", "", ""), rhnLib.parseUrl("somehostname"))
self.assertEquals(("http", "somehostname", "", "", "", ""), rhnLib.parseUrl("http://somehostname"))
self.assertEquals(("https", "somehostname", "", "", "", ""), rhnLib.parseUrl("https://somehostname"))
self.assertEquals(("https", "somehostname:123", "", "", "", ""), rhnLib.parseUrl("https://somehostname:123"))
self.assertEquals(
("https", "somehostname:123", "/ABCDE", "", "", ""), rhnLib.parseUrl("https://somehostname:123/ABCDE")
)
def __init__(self, req):
SharedHandler.__init__(self, req)
# Initialize variables
self.componentType = 'proxy.broker'
self.cachedClientInfo = None # headers - session token
self.authChannels = None
self.clientServerId = None
self.rhnParentXMLRPC = None
hostname = ''
# should *always* exist and be my ip address
my_ip_addr = req.headers_in['SERVER_ADDR']
if req.headers_in.has_key('Host'):
# the client has provided a host header
try:
# When a client with python 2.4 (RHEL 5) uses SSL
# the host header is in the 'hostname:port' form
# (In python 2.6 RFE #1472176 changed this and 'hostname'
# is used). We need to use the 'hostname' part in any case
# or we create bogus 'hostname:port' DNS queries
host_header = req.headers_in['Host'].split(':')[0]
if socket.gethostbyname(host_header) == my_ip_addr:
# if host header is valid (i.e. not just an /etc/hosts
# entry on the client or the hostname of some other
# machine (say a load balancer)) then use it
hostname = host_header
except (socket.gaierror, socket.error,
socket.herror, socket.timeout):
# hostname probably didn't exist, fine
pass
if not hostname:
# okay, that didn't work, let's do a reverse dns lookup on my
# ip address
try:
hostname = socket.gethostbyaddr(my_ip_addr)[0]
except (socket.gaierror, socket.error,
socket.herror, socket.timeout):
# unknown host, we don't have a hostname?
pass
if not hostname:
# this shouldn't happen
# socket.gethostname is a punt. Shouldn't need to do it.
hostname = socket.gethostname()
log_debug(-1, 'WARNING: no hostname in the incoming headers; '
'punting: %s' % hostname)
hostname = parseUrl(hostname)[1].split(':')[0]
self.proxyAuth = proxy.rhnProxyAuth.get_proxy_auth(hostname)
self._initConnectionVariables(req)
def testParseUrl(self):
self.assertEquals(('', '', '', '', '', ''), rhnLib.parseUrl(''))
self.assertEquals(('', 'somehostname', '', '', '', ''),
rhnLib.parseUrl('somehostname'))
self.assertEquals(('http', 'somehostname', '', '', '', ''),
rhnLib.parseUrl('http://somehostname'))
self.assertEquals(('https', 'somehostname', '', '', '', ''),
rhnLib.parseUrl('https://somehostname'))
self.assertEquals(('https', 'somehostname:123', '', '', '', ''),
rhnLib.parseUrl('https://somehostname:123'))
self.assertEquals(('https', 'somehostname:123', '/ABCDE', '', '', ''),
rhnLib.parseUrl('https://somehostname:123/ABCDE'))
def testParseUrl(self):
self.assertEquals(('', '', '', '', '', ''),
rhnLib.parseUrl(''))
self.assertEquals(('', 'somehostname', '', '', '', ''),
rhnLib.parseUrl('somehostname'))
self.assertEquals(('http', 'somehostname', '', '', '', ''),
rhnLib.parseUrl('http://somehostname'))
self.assertEquals(('https', 'somehostname', '', '', '', ''),
rhnLib.parseUrl('https://somehostname'))
self.assertEquals(('https', 'somehostname:123', '', '', '', ''),
rhnLib.parseUrl('https://somehostname:123'))
self.assertEquals(('https', 'somehostname:123', '/ABCDE', '', '', ''),
rhnLib.parseUrl('https://somehostname:123/ABCDE'))
def __init__(self, req):
SharedHandler.__init__(self, req)
# Initialize variables
self.componentType = 'proxy.broker'
self.cachedClientInfo = None # headers - session token
self.authChannels = None
self.clientServerId = None
self.rhnParentXMLRPC = None
hostname = ''
# should *always* exist and be my ip address
my_ip_addr = req.headers_in['SERVER_ADDR']
if req.headers_in.has_key('Host'):
# the client has provided a host header
try:
if socket.gethostbyname(req.headers_in['Host']) == my_ip_addr:
# if host header is valid (i.e. not just an /etc/hosts
# entry on the client or the hostname of some other
# machine (say a load balancer)) then use it
hostname = req.headers_in['Host']
except (socket.gaierror, socket.error,
socket.herror, socket.timeout):
# hostname probably didn't exist, fine
pass
if not hostname:
# okay, that didn't work, let's do a reverse dns lookup on my
# ip address
try:
hostname = socket.gethostbyaddr(my_ip_addr)[0]
except (socket.gaierror, socket.error,
socket.herror, socket.timeout):
# unknown host, we don't have a hostname?
pass
if not hostname:
# this shouldn't happen
# socket.gethostname is a punt. Shouldn't need to do it.
hostname = socket.gethostname()
log_debug(-1, 'WARNING: no hostname in the incoming headers; '
'punting: %s' % hostname)
hostname = parseUrl(hostname)[1].split(':')[0]
self.proxyAuth = proxy.rhnProxyAuth.get_proxy_auth(hostname)
self._initConnectionVariables(req)
def __init__(self, req):
SharedHandler.__init__(self, req)
# Initialize variables
self.componentType = 'proxy.broker'
self.cachedClientInfo = None # headers - session token
self.authChannels = None
self.clientServerId = None
hostname = ''
if req.headers_in.has_key('Host'):
hostname = req.headers_in['Host'] or ''
if not hostname:
# this shouldn't happen
# socket.gethostname is a punt. Shouldn't need to do it.
hostname = socket.gethostname()
log_debug(-1, 'WARNING: no hostname in the incoming headers; '
'punting: %s' % hostname)
hostname = string.split(parseUrl(hostname)[1], ':')[0]
self.proxyAuth = proxy.rhnProxyAuth.get_proxy_auth(hostname)
self._initConnectionVariables(req)
def __init__(self, req):
""" init with http request object """
# FIXME: should rename some things:
# self.bodyFd --> self.body or self.data or ?
# self.caChain --> self.caCert
self.req = req
self.responseContext = ResponseContext()
self.uri = None # ''
# Common settings for both the proxy and the redirect
# broker and redirect immediately alter these for their own purposes
self.caChain = CFG.CA_CHAIN
self.httpProxy = CFG.HTTP_PROXY
self.httpProxyUsername = CFG.HTTP_PROXY_USERNAME
self.httpProxyPassword = CFG.HTTP_PROXY_PASSWORD
if not self.httpProxyUsername:
self.httpProxyPassword = ''
self.rhnParent = CFG.RHN_PARENT or ''
self.rhnParent = string.split(rhnLib.parseUrl(self.rhnParent)[1], ':')[0]
CFG.set('RHN_PARENT', self.rhnParent)
def __init__(self, req):
""" init with http request object """
# FIXME: should rename some things:
# self.bodyFd --> self.body or self.data or ?
# self.caChain --> self.caCert
self.req = req
self.responseContext = ResponseContext()
self.uri = None # ''
# Common settings for both the proxy and the redirect
# broker and redirect immediately alter these for their own purposes
self.caChain = CFG.CA_CHAIN
self.httpProxy = CFG.HTTP_PROXY
self.httpProxyUsername = CFG.HTTP_PROXY_USERNAME
self.httpProxyPassword = CFG.HTTP_PROXY_PASSWORD
if not self.httpProxyUsername:
self.httpProxyPassword = ''
self.rhnParent = CFG.RHN_PARENT or ''
self.rhnParent = rhnLib.parseUrl(self.rhnParent)[1].split(':')[0]
CFG.set('RHN_PARENT', self.rhnParent)
def processCommandline():
options = [
Option('--systemid',
action='store',
help='(FOR TESTING ONLY) alternative systemid path/filename. ' +
'The system default is used if not specified.'),
Option('--rhn-cert',
action='store',
help='new RHN certificate path/filename (default is' +
' %s - the saved RHN cert).' % DEFAULT_RHN_CERT_LOCATION),
Option('--no-ssl',
action='store_true',
help='(FOR TESTING ONLY) disables SSL'),
Option('--sanity-only',
action='store_true',
help="confirm certificate sanity. Does not activate" +
"the Red Hat Satellite locally or remotely."),
Option('--disconnected',
action='store_true',
help="activate locally, but not on remote RHN servers,"),
Option('--ignore-expiration',
action='store_true',
help='execute regardless of the expiration' +
'of the RHN Certificate (not recommended).'),
Option('--ignore-version-mismatch',
action='store_true',
help='execute regardless of version ' +
'mismatch of existing and new certificate.'),
Option('-v',
'--verbose',
action='count',
help='be verbose ' +
'(accumulable: -vvv means "be *really* verbose").'),
Option('--dump-version',
action='store',
help="requested version of XML dump"),
]
options, args = OptionParser(option_list=options).parse_args()
# we take no extra commandline arguments that are not linked to an option
if args:
msg = "ERROR: these arguments make no sense in this context (try --help): %s\n" % repr(
args)
raise ValueError(msg)
initCFG('server.satellite')
# systemid, rhn-cert
if not options.systemid:
options.systemid = DEFAULT_SYSTEMID_LOCATION
options.systemid = fileutils.cleanupAbsPath(options.systemid)
if not options.rhn_cert:
print "NOTE: using backup cert as default: %s" % DEFAULT_RHN_CERT_LOCATION
options.rhn_cert = DEFAULT_RHN_CERT_LOCATION
options.rhn_cert = fileutils.cleanupAbsPath(options.rhn_cert)
if not os.path.exists(options.rhn_cert):
sys.stderr.write("ERROR: RHN Cert (%s) does not exist\n" %
options.rhn_cert)
sys.exit(1)
if options.sanity_only:
options.disconnected = 1
if CFG.DISCONNECTED and not options.disconnected:
sys.stderr.write(
"""ERROR: Satellite server has been setup to run in disconnected mode.
Either correct server configuration in /etc/rhn/rhn.conf
or use --disconnected to activate it locally.
""")
sys.exit(1)
options.server = ''
if not options.disconnected:
if not CFG.RHN_PARENT:
sys.stderr.write(
"ERROR: rhn_parent is not set in /etc/rhn/rhn.conf\n")
sys.exit(1)
options.server = idn_ascii_to_pune(
rhnLib.parseUrl(CFG.RHN_PARENT)[1].split(':')[0])
print 'RHN_PARENT: %s' % options.server
options.http_proxy = idn_ascii_to_pune(CFG.HTTP_PROXY)
options.http_proxy_username = CFG.HTTP_PROXY_USERNAME
options.http_proxy_password = CFG.HTTP_PROXY_PASSWORD
options.ca_cert = CFG.CA_CHAIN
if options.verbose:
print 'HTTP_PROXY: %s' % options.http_proxy
print 'HTTP_PROXY_USERNAME: %s' % options.http_proxy_username
print 'HTTP_PROXY_PASSWORD: <password>'
if not options.no_ssl:
print 'CA_CERT: %s' % options.ca_cert
return options
def processCommandline():
options = [
Option('--systemid',
action='store',
help='(FOR TESTING ONLY) alternative systemid path/filename. ' +
'The system default is used if not specified.'),
Option('--rhn-cert',
action='store',
help='new RHN certificate path/filename (default is' +
' %s - the saved RHN cert).' % DEFAULT_RHN_CERT_LOCATION),
Option('--no-ssl',
action='store_true',
help='(FOR TESTING ONLY) disables SSL'),
Option('--sanity-only',
action='store_true',
help="confirm certificate sanity. Does not activate" +
"the Red Hat Satellite locally or remotely."),
Option('--ignore-expiration',
action='store_true',
help='execute regardless of the expiration' +
'of the RHN Certificate (not recommended).'),
Option('--ignore-version-mismatch',
action='store_true',
help='execute regardless of version ' +
'mismatch of existing and new certificate.'),
Option('-v',
'--verbose',
action='count',
help='be verbose ' +
'(accumulable: -vvv means "be *really* verbose").'),
Option('--dump-version',
action='store',
help="requested version of XML dump"),
Option('--manifest',
action='store',
help='the RHSM manifest path/filename to activate for CDN'),
Option('--old-api',
action='store_true',
help='activate Satellite using old API, system ' +
'has to be registered to RHN Classic'),
Option('-f',
'--force',
action='store_true',
help='force activate Satellite if it is already activated'),
Option('--cdn-deactivate',
action='store_true',
help='deactivate CDN-activated Satellite'),
]
options, args = OptionParser(option_list=options).parse_args()
# we take no extra commandline arguments that are not linked to an option
if args:
msg = "ERROR: these arguments make no sense in this context (try --help): %s\n" % repr(
args)
raise ValueError(msg)
initCFG('server.satellite')
if options.manifest or options.cdn_deactivate:
if not cdn_activation:
sys.stderr.write(
"ERROR: Package spacewalk-backend-cdn has to be installed for using --manifest "
"and --cdn-deactivate.\n")
sys.exit(1)
# No need to check further if deactivating
if options.cdn_deactivate:
return options
# systemid
if not options.systemid:
options.systemid = DEFAULT_SYSTEMID_LOCATION
options.systemid = fileutils.cleanupAbsPath(options.systemid)
if not options.rhn_cert and not options.manifest:
print "NOTE: using backup cert as default: %s" % DEFAULT_RHN_CERT_LOCATION
options.rhn_cert = DEFAULT_RHN_CERT_LOCATION
if options.manifest:
cdn_manifest = Manifest(options.manifest)
tmp_cert_path = cdn_manifest.get_certificate_path()
if tmp_cert_path is not None:
options.rhn_cert = tmp_cert_path
options.rhn_cert = fileutils.cleanupAbsPath(options.rhn_cert)
if not os.path.exists(options.rhn_cert):
sys.stderr.write("ERROR: RHN Cert (%s) does not exist\n" %
options.rhn_cert)
sys.exit(1)
if not options.sanity_only and CFG.DISCONNECTED:
sys.stderr.write(
"""ERROR: Satellite server has been setup to run in disconnected mode.
Correct server configuration in /etc/rhn/rhn.conf.
""")
sys.exit(1)
options.server = ''
if not options.sanity_only:
if not CFG.RHN_PARENT:
sys.stderr.write(
"ERROR: rhn_parent is not set in /etc/rhn/rhn.conf\n")
sys.exit(1)
options.server = idn_ascii_to_puny(
rhnLib.parseUrl(CFG.RHN_PARENT)[1].split(':')[0])
options.http_proxy = idn_ascii_to_puny(CFG.HTTP_PROXY)
options.http_proxy_username = CFG.HTTP_PROXY_USERNAME
options.http_proxy_password = CFG.HTTP_PROXY_PASSWORD
options.ca_cert = CFG.CA_CHAIN
if options.verbose:
print 'HTTP_PROXY: %s' % options.http_proxy
print 'HTTP_PROXY_USERNAME: %s' % options.http_proxy_username
print 'HTTP_PROXY_PASSWORD: <password>'
if not options.no_ssl:
print 'CA_CERT: %s' % options.ca_cert
return options
def processCommandline():
options = [
Option('--systemid', action='store', help='(FOR TESTING ONLY) alternative systemid path/filename. '
+ 'The system default is used if not specified.'),
Option('--rhn-cert', action='store', help='new RHN certificate path/filename (default is'
+ ' %s - the saved RHN cert).' % DEFAULT_RHN_CERT_LOCATION),
Option('--no-ssl', action='store_true', help='(FOR TESTING ONLY) disables SSL'),
Option('--sanity-only', action='store_true', help="confirm certificate sanity. Does not activate"
+ "the Red Hat Satellite locally or remotely."),
Option('--disconnected', action='store_true', help="activate locally, but not on remote RHN servers,"),
Option('--ignore-expiration', action='store_true', help='execute regardless of the expiration'
+ 'of the RHN Certificate (not recommended).'),
Option('--ignore-version-mismatch', action='store_true', help='execute regardless of version '
+ 'mismatch of existing and new certificate.'),
Option('-v', '--verbose', action='count', help='be verbose '
+ '(accumulable: -vvv means "be *really* verbose").'),
Option('--dump-version', action='store', help="requested version of XML dump"),
]
options, args = OptionParser(option_list=options).parse_args()
# we take no extra commandline arguments that are not linked to an option
if args:
msg = "ERROR: these arguments make no sense in this context (try --help): %s\n" % repr(args)
raise ValueError(msg)
initCFG('server.satellite')
# systemid, rhn-cert
if not options.systemid:
options.systemid = DEFAULT_SYSTEMID_LOCATION
options.systemid = fileutils.cleanupAbsPath(options.systemid)
if not options.rhn_cert:
print "NOTE: using backup cert as default: %s" % DEFAULT_RHN_CERT_LOCATION
options.rhn_cert = DEFAULT_RHN_CERT_LOCATION
options.rhn_cert = fileutils.cleanupAbsPath(options.rhn_cert)
if not os.path.exists(options.rhn_cert):
sys.stderr.write("ERROR: RHN Cert (%s) does not exist\n" % options.rhn_cert)
sys.exit(1)
if options.sanity_only:
options.disconnected = 1
if CFG.DISCONNECTED and not options.disconnected:
sys.stderr.write("""ERROR: Satellite server has been setup to run in disconnected mode.
Either correct server configuration in /etc/rhn/rhn.conf
or use --disconnected to activate it locally.
""")
sys.exit(1)
options.server = ''
if not options.disconnected:
if not CFG.RHN_PARENT:
sys.stderr.write("ERROR: rhn_parent is not set in /etc/rhn/rhn.conf\n")
sys.exit(1)
options.server = idn_ascii_to_puny(rhnLib.parseUrl(CFG.RHN_PARENT)[1].split(':')[0])
print 'RHN_PARENT: %s' % options.server
options.http_proxy = idn_ascii_to_puny(CFG.HTTP_PROXY)
options.http_proxy_username = CFG.HTTP_PROXY_USERNAME
options.http_proxy_password = CFG.HTTP_PROXY_PASSWORD
options.ca_cert = CFG.CA_CHAIN
if options.verbose:
print 'HTTP_PROXY: %s' % options.http_proxy
print 'HTTP_PROXY_USERNAME: %s' % options.http_proxy_username
print 'HTTP_PROXY_PASSWORD: <password>'
if not options.no_ssl:
print 'CA_CERT: %s' % options.ca_cert
return options
def processCommandline():
options = [
Option(
"--systemid",
action="store",
help="(FOR TESTING ONLY) alternative systemid path/filename. The system default is used if not specified.",
),
Option(
"--rhn-cert",
action="store",
help="new RHN certificate path/filename (default is %s - the saved RHN cert)." % DEFAULT_RHN_CERT_LOCATION,
),
Option("--no-ssl", action="store_true", help="(FOR TESTING ONLY) disables SSL"),
Option(
"--sanity-only",
action="store_true",
help="confirm certificate sanity. Does not activate the RHN Satellite locally or remotely.",
),
Option("--disconnected", action="store_true", help="activate locally, but not on remote RHN servers,"),
Option(
"--ignore-expiration",
action="store_true",
help="execute regardless of the expiration of the RHN Certificate (not recommended).",
),
Option(
"--ignore-version-mismatch",
action="store_true",
help="execute regardless of version mismatch of existing and new certificate.",
),
Option("-v", "--verbose", action="count", help='be verbose (accumulable: -vvv means "be *really* verbose").'),
Option("--dump-version", action="store", help="requested version of XML dump"),
]
options, args = OptionParser(option_list=options).parse_args()
# we take no extra commandline arguments that are not linked to an option
if args:
msg = "ERROR: these arguments make no sense in this context (try --help): %s\n" % repr(args)
raise ValueError(msg)
initCFG("server.satellite")
# systemid, rhn-cert
if not options.systemid:
options.systemid = DEFAULT_SYSTEMID_LOCATION
options.systemid = fileutils.cleanupAbsPath(options.systemid)
if not options.rhn_cert:
print "NOTE: using backup cert as default: %s" % DEFAULT_RHN_CERT_LOCATION
options.rhn_cert = DEFAULT_RHN_CERT_LOCATION
options.rhn_cert = fileutils.cleanupAbsPath(options.rhn_cert)
if not os.path.exists(options.rhn_cert):
sys.stderr.write("ERROR: RHN Cert (%s) does not exist\n" % options.rhn_cert)
sys.exit(1)
if options.sanity_only:
options.disconnected = 1
options.server = ""
if not options.disconnected:
if not CFG.RHN_PARENT:
sys.stderr.write("ERROR: rhn_parent is not set in /etc/rhn/rhn.conf\n")
sys.exit(1)
options.server = string.split(rhnLib.parseUrl(CFG.RHN_PARENT)[1], ":")[0]
print "RHN_PARENT: %s" % options.server
options.http_proxy = CFG.HTTP_PROXY
options.http_proxy_username = CFG.HTTP_PROXY_USERNAME
options.http_proxy_password = CFG.HTTP_PROXY_PASSWORD
options.ca_cert = CFG.CA_CHAIN
if options.verbose:
print "HTTP_PROXY: %s" % options.http_proxy
print "HTTP_PROXY_USERNAME: %s" % options.http_proxy_username
print "HTTP_PROXY_PASSWORD: <password>"
if not options.no_ssl:
print "CA_CERT: %s" % options.ca_cert
return options
