def check_status(force_signal):
if force_signal is not None:
debug("forcing status signal from cli arg")
return force_signal
if ClassicCheck().is_registered_with_classic():
debug("System is already registered to another entitlement system")
return RHN_CLASSIC
if not ConsumerIdentity.existsAndValid():
debug("The system is not currently registered.")
return RHSM_REGISTRATION_REQUIRED
facts = Facts()
sorter = CertSorter(certdirectory.ProductDirectory(),
certdirectory.EntitlementDirectory(),
facts.get_facts())
if len(sorter.unentitled_products.keys()) > 0 or len(
sorter.expired_products.keys()) > 0:
debug("System has one or more certificates that are not valid")
debug(sorter.unentitled_products.keys())
debug(sorter.expired_products.keys())
return RHSM_EXPIRED
elif len(sorter.partially_valid_products) > 0:
debug("System has one or more partially entitled products")
return RHSM_PARTIALLY_VALID
elif in_warning_period(sorter):
debug("System has one or more entitlements in their warning period")
return RHSM_WARNING
else:
debug("System entitlements appear valid")
return RHSM_VALID
def shouldAppear(self):
"""
Indicates to firstboot whether to show this screen. In this case
we want to skip over this screen if there is already an identity
certificate on the machine (most likely laid down in a kickstart).
"""
return not ConsumerIdentity.existsAndValid()
def check_status(force_signal):
if force_signal is not None:
debug("forcing status signal from cli arg")
return force_signal
if ClassicCheck().is_registered_with_classic():
debug("System is already registered to another entitlement system")
return RHN_CLASSIC
if not ConsumerIdentity.existsAndValid():
debug("The system is not currently registered.")
return RHSM_REGISTRATION_REQUIRED
facts = Facts()
sorter = CertSorter(certdirectory.ProductDirectory(),
certdirectory.EntitlementDirectory(), facts.get_facts())
if len(sorter.unentitled_products.keys()) > 0 or len(sorter.expired_products.keys()) > 0:
debug("System has one or more certificates that are not valid")
debug(sorter.unentitled_products.keys())
debug(sorter.expired_products.keys())
return RHSM_EXPIRED
elif len(sorter.partially_valid_products) > 0:
debug("System has one or more partially entitled products")
return RHSM_PARTIALLY_VALID
elif in_warning_period(sorter):
debug("System has one or more entitlements in their warning period")
return RHSM_WARNING
else:
debug("System entitlements appear valid")
return RHSM_VALID
def shouldAppear(self):
"""
Indicates to firstboot whether to show this screen. In this case
we want to skip over this screen if there is already an identity
certificate on the machine (most likely laid down in a kickstart).
"""
return not ConsumerIdentity.existsAndValid()
def get_server_versions(cp, exception_on_timeout=False):
cp_version = _("Unknown")
server_type = _("This system is currently not registered.")
# check for Classic before doing anything else
if ClassicCheck().is_registered_with_classic():
if ConsumerIdentity.existsAndValid():
server_type = get_branding().REGISTERED_TO_BOTH_SUMMARY
else:
server_type = get_branding().REGISTERED_TO_OTHER_SUMMARY
else:
if ConsumerIdentity.existsAndValid():
server_type = get_branding(
).REGISTERED_TO_SUBSCRIPTION_MANAGEMENT_SUMMARY
if cp:
try:
if cp.supports_resource("status"):
status = cp.getStatus()
cp_version = '-'.join([status['version'], status['release']])
else:
cp_version = _("Unknown")
except socket.timeout, e:
log.error("Timeout error while checking server version")
log.exception(e)
# for cli, we can assume if we get a timeout here, the rest
# of the calls will timeout as well, so raise exception here
# instead of waiting for all the calls to timeout
if exception_on_timeout:
log.error("Timeout error while checking server version")
raise
# otherwise, ignore the timeout exception
except Exception, e:
if isinstance(e, GoneException):
log.info(
"Server Versions: Error: consumer has been deleted, unable to check server version"
)
else:
# a more useful error would be handy here
log.error(("Error while checking server version: %s") % e)
log.exception(e)
cp_version = _("Unknown")
def reload(self):
"""
Check for consumer certificate on disk and update our info accordingly.
"""
log.debug("Loading consumer info from identity certificates.")
if not ConsumerIdentity.existsAndValid():
self.name = None
self.uuid = None
else:
consumer = ConsumerIdentity.read()
self.name = consumer.getConsumerName()
self.uuid = consumer.getConsumerId()
def reload(self):
"""
Check for consumer certificate on disk and update our info accordingly.
"""
log.debug("Loading consumer info from identity certificates.")
if not ConsumerIdentity.existsAndValid():
self.name = None
self.uuid = None
else:
consumer = ConsumerIdentity.read()
self.name = consumer.getConsumerName()
self.uuid = consumer.getConsumerId()
def get_server_versions(cp, exception_on_timeout=False):
cp_version = _("Unknown")
server_type = _("This system is currently not registered.")
# check for Classic before doing anything else
if ClassicCheck().is_registered_with_classic():
if ConsumerIdentity.existsAndValid():
server_type = get_branding().REGISTERED_TO_BOTH_SUMMARY
else:
server_type = get_branding().REGISTERED_TO_OTHER_SUMMARY
else:
if ConsumerIdentity.existsAndValid():
server_type = get_branding().REGISTERED_TO_SUBSCRIPTION_MANAGEMENT_SUMMARY
if cp:
try:
if cp.supports_resource("status"):
status = cp.getStatus()
cp_version = '-'.join([status['version'], status['release']])
else:
cp_version = _("Unknown")
except socket.timeout, e:
log.error("Timeout error while checking server version")
log.exception(e)
# for cli, we can assume if we get a timeout here, the rest
# of the calls will timeout as well, so raise exception here
# instead of waiting for all the calls to timeout
if exception_on_timeout:
log.error("Timeout error while checking server version")
raise
# otherwise, ignore the timeout exception
except Exception, e:
if isinstance(e, GoneException):
log.info("Server Versions: Error: consumer has been deleted, unable to check server version")
else:
# a more useful error would be handy here
log.error(("Error while checking server version: %s") % e)
log.exception(e)
cp_version = _("Unknown")
def pre_check_status(force_signal):
if force_signal is not None:
debug("forcing status signal from cli arg")
return force_signal
if ClassicCheck().is_registered_with_classic():
debug("System is already registered to another entitlement system")
return RHN_CLASSIC
if not ConsumerIdentity.existsAndValid():
debug("The system is not currently registered.")
return RHSM_REGISTRATION_REQUIRED
return None
def pre_check_status(force_signal):
if force_signal is not None:
debug("forcing status signal from cli arg")
return force_signal
if ClassicCheck().is_registered_with_classic():
debug("System is already registered to another entitlement system")
return RHN_CLASSIC
if not ConsumerIdentity.existsAndValid():
debug("The system is not currently registered.")
return RHSM_REGISTRATION_REQUIRED
return None
def setup_plugin():
"""
Setup the plugin based on registration status using the RHSM configuration.
"""
if not ConsumerIdentity.existsAndValid():
# not registered
return
cfg = plugin.cfg()
rhsm_conf = Config(RHSM_CONFIG_PATH)
certificate = ConsumerIdentity.read()
cfg.messaging.url = 'ssl://%s:5671' % rhsm_conf['server']['hostname']
cfg.messaging.uuid = 'pulp.agent.%s' % certificate.getConsumerId()
bundle(certificate)
def registration_changed(path):
"""
Notification that a change in registration has been detected.
On registration: setup the plugin; attach to the message broker.
On un-registration: detach from the message broker.
:param path: The path to the file that changed.
:type path: str
"""
log.info('changed: %s', path)
if ConsumerIdentity.existsAndValid():
setup_plugin()
plugin.attach()
else:
plugin.detach()
def changed(cls, path):
"""
A change in the rhsm certificate has been detected.
When deleted: disconnect from qpid.
When added/updated: reconnect to qpid.
@param path: The changed file (ignored).
@type path: str
"""
log.info('changed: %s', path)
if ConsumerIdentity.existsAndValid():
cert = ConsumerIdentity.read()
cls.bundle(cert)
uuid = cert.getConsumerId()
plugin.setuuid(uuid)
else:
plugin.setuuid(None)
def send_enabled_report(path=REPOSITORY_PATH):
"""
Send the enabled repository report.
:param path: The path to a repository file.
:type path: str
"""
if not ConsumerIdentity.existsAndValid():
# not registered
return
try:
uep = UEP()
certificate = ConsumerIdentity.read()
report = EnabledReport(path)
uep.report_enabled(certificate.getConsumerId(), report.content)
except Exception, e:
log.error('send enabled report failed: %s', str(e))
def main(options, log):
if not ConsumerIdentity.existsAndValid():
log.error('Either the consumer is not registered or the certificates' +
' are corrupted. Certificate update using daemon failed.')
sys.exit(-1)
print _('Updating entitlement certificates & repositories')
try:
uep = connection.UEPConnection(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
mgr = certmgr.CertManager(uep=uep)
updates = mgr.update(options.autoheal)
print _('%d updates required') % updates
print _('done')
except connection.ExpiredIdentityCertException, e:
log.critical(_("Your identity certificate has expired"))
raise e
def main(options, log):
if not ConsumerIdentity.existsAndValid():
log.error('Either the consumer is not registered or the certificates' +
' are corrupted. Certificate update using daemon failed.')
sys.exit(-1)
print _('Updating entitlement certificates & repositories')
try:
uep = connection.UEPConnection(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
mgr = certmgr.CertManager(uep=uep)
updates = mgr.update(options.autoheal)
print _('%d updates required') % updates
print _('done')
except connection.GoneException, ge:
uuid = ConsumerIdentity.read().getConsumerId()
if ge.deleted_id == uuid:
log.critical(_("This consumer's profile has been deleted from the server. It's local certificates will now be archived"))
managerlib.clean_all_data()
log.critical(_("Certificates archived to '/etc/pki/consumer.old'. Contact your system administrator if you need more information."))
else:
raise ge
def main(options, log):
if not ConsumerIdentity.existsAndValid():
log.error('Either the consumer is not registered or the certificates' +
' are corrupted. Certificate update using daemon failed.')
sys.exit(-1)
print _('Updating entitlement certificates & repositories')
try:
if options.autoheal:
actionclient = action_client.HealingActionClient()
else:
actionclient = action_client.ActionCertClient()
update_reports = actionclient.update(options.autoheal)
for update_report in update_reports:
# FIXME: make sure we don't get None reports
if update_report:
print update_report
except connection.ExpiredIdentityCertException, e:
log.critical(_("Your identity certificate has expired"))
raise e
raise
if certs:
try:
writer = Writer()
cert = certificate.create_from_pem(certs['cert'])
key = certificate.Key(certs['key'])
writer.write(key, cert)
except:
raise
rhiclib.cleanExpiredCerts(ProductDirectory(), EntitlementDirectory(), facts.to_dict())
sys.exit(0)
if not ConsumerIdentity.existsAndValid():
log.error('Either the consumer is not registered or the certificates' +
' are corrupted. Certificate update using daemon failed.')
sys.exit(-1)
print _('Updating entitlement certificates & repositories')
try:
uep = connection.UEPConnection(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
mgr = certmgr.CertManager(uep=uep)
updates = mgr.update(options.autoheal)
print _('%d updates required') % updates
print _('done')
except connection.GoneException, ge:
uuid = ConsumerIdentity.read().getConsumerId()
def is_registered(self):
if ConsumerIdentity.existsAndValid():
return True
return False
def registered(self):
return ConsumerIdentity.existsAndValid()
def _set_validity_status(self):
""" Updates the entitlement validity status portion of the UI. """
if ClassicCheck().is_registered_with_classic():
self._set_status_icons(VALID)
self.subscription_status_label.set_text(
_("This system is registered to RHN Classic"))
return
is_registered = ConsumerIdentity.existsAndValid()
self.set_registered(is_registered)
# Look for products which have invalid entitlements
sorter = CertSorter(self.product_dir, self.entitlement_dir,
self.facts.get_facts())
warn_count = len(sorter.expired_products) + \
len(sorter.unentitled_products)
partial_count = len(sorter.partially_valid_products)
if warn_count > 0:
self._set_status_icons(INVALID)
# Change wording slightly for just one product
if warn_count > 1:
self.subscription_status_label.set_markup(
_("You have <b>%s</b> products with <i>invalid</i> entitlement certificates."
) % warn_count)
else:
self.subscription_status_label.set_markup(
_("You have <b>1</b> product with an <i>invalid</i> entitlement certificate."
))
elif partial_count > 0:
self._set_status_icons(PARTIAL)
# Change wording slightly for just one product
if partial_count > 1:
self.subscription_status_label.set_markup(
_("You have <b>%s</b> products in need of <i>additional</i> entitlement certificates."
) % partial_count)
else:
self.subscription_status_label.set_markup(
_("You have <b>1</b> product in need of <i>additional</i> entitlement certificates."
))
else:
first_invalid = find_first_invalid_date(self.entitlement_dir,
self.product_dir,
self.facts.get_facts())
self._set_status_icons(VALID)
if first_invalid:
self.subscription_status_label.set_markup(
_("Product entitlement certificates <i>valid</i> until %s") % \
managerlib.formatDate(first_invalid))
else:
# No product certs installed, no first invalid date, and
# the subscription assistant can't do anything, so we'll disable
# the button to launch it:
self.subscription_status_label.set_text(
_("No product certificates installed."))
if not is_registered:
self.subscription_status_label.set_text(
_("You must register this system before subscribing."))
def is_registered(self):
if ConsumerIdentity.existsAndValid():
return True
return False
def registered(self):
return ConsumerIdentity.existsAndValid()
def _set_validity_status(self):
""" Updates the entitlement validity status portion of the UI. """
if ClassicCheck().is_registered_with_classic():
self._set_status_icons(VALID)
self.subscription_status_label.set_text(
_("This system is registered to RHN Classic"))
return
is_registered = ConsumerIdentity.existsAndValid()
self.set_registered(is_registered)
# Look for products which have invalid entitlements
sorter = CertSorter(self.product_dir, self.entitlement_dir,
self.facts.get_facts())
warn_count = len(sorter.expired_products) + \
len(sorter.unentitled_products)
partial_count = len(sorter.partially_valid_products)
if warn_count > 0:
self._set_status_icons(INVALID)
# Change wording slightly for just one product
if warn_count > 1:
self.subscription_status_label.set_markup(
_("You have <b>%s</b> products with <i>invalid</i> entitlement certificates.")
% warn_count)
else:
self.subscription_status_label.set_markup(
_("You have <b>1</b> product with an <i>invalid</i> entitlement certificate."))
elif partial_count > 0:
self._set_status_icons(PARTIAL)
# Change wording slightly for just one product
if partial_count > 1:
self.subscription_status_label.set_markup(
_("You have <b>%s</b> products in need of <i>additional</i> entitlement certificates.")
% partial_count)
else:
self.subscription_status_label.set_markup(
_("You have <b>1</b> product in need of <i>additional</i> entitlement certificates."))
else:
first_invalid = find_first_invalid_date(self.entitlement_dir,
self.product_dir, self.facts.get_facts())
self._set_status_icons(VALID)
if first_invalid:
self.subscription_status_label.set_markup(
_("Product entitlement certificates <i>valid</i> until %s") % \
managerlib.formatDate(first_invalid))
else:
# No product certs installed, no first invalid date, and
# the subscription assistant can't do anything, so we'll disable
# the button to launch it:
self.subscription_status_label.set_text(
_("No product certificates installed."))
if not is_registered:
self.subscription_status_label.set_text(
_("You must register this system before subscribing."))
