def _get_file_revision(self, config_channel, revision, path):
if revision and not revision.isdigit():
raise rhnFault(
4016,
"Invalid revision number '%s' specified for path %s "
"in channel %s" % (revision, path, config_channel),
explain=0)
f = self._get_file(config_channel, path, revision=revision)
if not f:
raise rhnFault(4011,
"File %s (revision %s) does not exist "
"in channel %s" % (path, revision, config_channel),
explain=0)
if f['label'] == 'file' and f['is_binary'] == 'Y':
raise rhnFault(4004,
"File %s (revision %s) seems to contain "
"binary data" % (path, revision),
explain=0)
# We have to read the contents of the first file here, because the LOB
# object is tied to a cursor; if we re-execute the cursor, the LOB
# seems to be invalid (bug 151220)
# Empty files or directories may have NULL instead of lobs
fc_lob = f.get('file_contents')
if fc_lob:
f['file_content'] = rhnSQL._fix_encoding(
rhnSQL.read_lob(fc_lob)).splitlines()
else:
f['file_content'] = ''
return f
def _checkCertMatch_rhnCryptoKey(cert, description, org_id, deleteRowYN=0,
verbosity=0):
""" is there an CA SSL certificate already in the database?
If yes:
return ID:
-1, then no cert in DB
None if they are identical (i.e., nothing to do)
0...N if cert is in database
if found, optionally deletes the row and returns -1
Used ONLY by: store_rhnCryptoKey(...)
"""
row = lookup_cert(description, org_id)
rhn_cryptokey_id = -1
if row:
if cert == rhnSQL._fix_encoding(rhnSQL.read_lob(row['key'])):
# match found, nothing to do
if verbosity:
print("Nothing to do: certificate to be pushed matches certificate in database.")
return
# there can only be one (bugzilla: 120297)
rhn_cryptokey_id = int(row['id'])
# print 'found existing certificate - id:', rhn_cryptokey_id
# NUKE IT!
if deleteRowYN:
# print 'found a cert, nuking it! id:', rhn_cryptokey_id
h = rhnSQL.prepare('delete from rhnCryptoKey where id=:rhn_cryptokey_id')
h.execute(rhn_cryptokey_id=rhn_cryptokey_id)
# rhnSQL.commit()
rhn_cryptokey_id = -1
return rhn_cryptokey_id
def _push_contents(self, file):
checksum_type = 'sha256' # FIXME: this should be configuration option
file['file_size'] = 0
file['is_binary'] = 'N'
file_path = file.get('path')
file_contents = file.get('file_contents') or ''
if 'enc64' in file and file_contents:
file_contents = base64.decodestring(file_contents.encode())
if 'config_file_type_id' not in file:
log_debug(4, "Client does not support config directories, so set file_type_id to 1")
file['config_file_type_id'] = '1'
file['checksum_type'] = checksum_type
file['checksum'] = getStringChecksum(checksum_type, file_contents or '')
if file_contents:
file['file_size'] = len(file_contents)
if file['file_size'] > self._get_maximum_file_size():
raise ConfigFileTooLargeError(file_path, file['file_size'])
# Is the content binary data?
# XXX We may need a heuristic; this is what the web site does, and we
# have to be consistent
# XXX Yes this is iterating over a string
try:
file_contents.decode('UTF-8')
except Exception:
file['is_binary'] = 'Y'
h = rhnSQL.prepare(self._query_content_lookup)
h.execute(**file)
row = h.fetchone_dict()
if row:
db_contents = rhnSQL._fix_encoding(rhnSQL.read_lob(row['contents']) or '')
if file_contents == db_contents:
# Same content
file['config_content_id'] = row['id']
log_debug(5, "same content")
return
# We have to insert a new file now
content_seq = rhnSQL.Sequence('rhn_confcontent_id_seq')
config_content_id = content_seq.next()
file['config_content_id'] = config_content_id
file['contents'] = file_contents
h = rhnSQL.prepare(self._query_insert_content,
blob_map={'contents': 'contents'})
h.execute(**file)
def format_file_results(row, server=None):
encoding = ''
checksum = row['checksum'] or ''
is_binary = row['is_binary'] == 'Y'
raw_contents = rhnSQL.read_lob(row['file_contents'])
if is_binary:
contents = raw_contents
else:
contents = rhnSQL._fix_encoding(raw_contents or '')
if server and not is_binary and contents:
interpolator = ServerTemplatedDocument(server,
start_delim=row['delim_start'],
end_delim=row['delim_end'])
contents = interpolator.interpolate(contents)
if row['checksum_type']:
checksummer = hashlib.new(row['checksum_type'])
checksummer.update(contents.encode())
checksum = checksummer.hexdigest()
if contents:
client_caps = rhnCapability.get_client_capabilities()
if client_caps and 'configfiles.base64_enc' in client_caps:
encoding = 'base64'
if is_binary:
contents = contents
else:
contents = contents.encode()
contents = base64.encodestring(contents).decode()
if row.get('modified', False):
m_date = xmlrpclib.DateTime(str(row['modified']))
else:
m_date = ''
return {
'path': row['path'],
'config_channel': row['config_channel'],
'file_contents': contents,
'symlink': row['symlink'] or '',
'checksum_type': row['checksum_type'] or '',
'checksum': checksum,
'verify_contents': True,
'delim_start': row['delim_start'] or '',
'delim_end': row['delim_end'] or '',
'revision': row['revision'] or '',
'username': row['username'] or '',
'groupname': row['groupname'] or '',
'filemode': row['filemode'] or '',
'encoding': encoding or '',
'filetype': row['label'],
'selinux_ctx': row['selinux_ctx'] or '',
'modified': m_date,
'is_binary': row['is_binary'] or '',
}
def run(server_id, action_id, dry_run=0):
log_debug(3, dry_run)
data = {}
h = rhnSQL.prepare(_query_action_script)
h.execute(action_id=action_id)
info = h.fetchone_dict() or []
if info:
data['username'] = info['username']
data['groupname'] = info['groupname']
data['timeout'] = info['timeout'] or ''
data['script'] = rhnSQL._fix_encoding(rhnSQL.read_lob(info['script']) or '')
# used to make the resulting times make some sense in the db
data['now'] = info['now']
return action_id, data
def xccdf_eval(server_id, action_id, dry_run=0):
log_debug(3)
statement = """
select path, parameters
from rhnActionScap
where action_id = :action_id"""
h = rhnSQL.prepare(statement)
h.execute(action_id=action_id)
d = h.fetchone_dict()
if not d:
raise InvalidAction("scap.xccdf_eval: Unknown action id "
"%s for server %s" % (action_id, server_id))
return ({
'path':
d['path'],
'id':
action_id,
'file_size':
_scap_file_limit(server_id),
'params':
rhnSQL._fix_encoding(rhnSQL.read_lob(d['parameters']) or '')
}, )