def loadACLList(self,pgcursor): self.aclList = {} pgcursor.execute("SELECT aclname FROM z_eye_dns_acls") pgres = pgcursor.fetchall() for idx in pgres: tmpIPs = [] tmpNetworks = [] tmpACLs = [] tmpTSIGs = [] tmpDNSNames = [] # Load ACL ip list pgcursor.execute("SELECT ip FROM z_eye_dns_acl_ip WHERE aclname = '%s'" % idx[0]) pgres2 = pgcursor.fetchall() for idx2 in pgres2: tmpIPs.append(idx2[0]) # Load ACL network list pgcursor.execute("SELECT z_eye_dns_acl_network.netid,z_eye_dhcp_subnet_v4_declared.netmask FROM z_eye_dns_acl_network,z_eye_dhcp_subnet_v4_declared WHERE z_eye_dns_acl_network.aclname = '%s' AND z_eye_dns_acl_network.netid = z_eye_dhcp_subnet_v4_declared.netid" % idx[0]) pgres2 = pgcursor.fetchall() for idx2 in pgres2: tmpNetworks.append("%s/%s" % (idx2[0],ZEyeUtil.getCIDR(idx2[1]))) # Load ACL ACL list and verify if child ACL exists pgcursor.execute("SELECT aclchild FROM z_eye_dns_acl_acl WHERE aclname = '%s' AND aclchild IN (SELECT aclname FROM z_eye_dns_acls)" % idx[0]) pgres2 = pgcursor.fetchall() for idx2 in pgres2: tmpACLs.append(idx2[0]) # Load ACL TSIG list and verify if TSIG key exists pgcursor.execute("SELECT tsig FROM z_eye_dns_acl_tsig WHERE aclname = '%s'" % idx[0]) pgres2 = pgcursor.fetchall() for idx2 in pgres2: if idx2[0] in self.tsigList.keys(): tmpTSIGs.append(idx2[0]) # Load ACL DNS list pgcursor.execute("SELECT dnsname FROM z_eye_dns_acl_dnsname WHERE aclname = '%s'" % idx[0]) pgres2 = pgcursor.fetchall() for idx2 in pgres2: tmpDNSNames.append(idx2[0]) self.aclList[idx[0]] = (tmpIPs,tmpNetworks,tmpACLs,tmpTSIGs,tmpDNSNames)
def doConfigDHCP(self,addr,user,pwd,reservpath,subnetpath): self.incrThreadNb() subnetBuf = "" reservBuf = "" try: # One pgsql connection per thread pgsqlCon = PgSQL.connect(host=zConfig.pgHost,user=zConfig.pgUser,password=zConfig.pgPwd,database=zConfig.pgDB) pgcursor = pgsqlCon.cursor() pgcursor.execute("SELECT clustername FROM z_eye_dhcp_cluster WHERE dhcpaddr = '%s'" % addr) pgres = pgcursor.fetchall() # No cluster, then no action to do if pgcursor.rowcount == 0: self.decrThreadNb() return ssh = ZEyeSSHBroker(addr,user,pwd) if ssh.connect() == False: self.decrThreadNb() return # We get the remote OS for some commands remoteOs = ssh.getRemoteOS() if remoteOs != "Linux" and remoteOs != "FreeBSD" and remoteOs != "OpenBSD": self.logError("%s OS (on %s) is not supported" % (remoteOs,addr)) self.decrThreadNb() return hashCmd = "" if remoteOs == "Linux": hashCmd = "md5sum" elif remoteOs == "FreeBSD" or remoteOs == "OpenBSD": hashCmd = "md5 -q" # We test file existence. If they doesn't exist, we create it. If creation failed, the DHCP manager cannot use this server if ssh.isRemoteExists(reservpath) == False: ssh.sendCmd("touch %s" % reservpath) if ssh.isRemoteWritable(reservpath) == False: self.logError("%s (on %s) is not writable" % (reservpath,addr)) self.decrThreadNb() return if ssh.isRemoteExists(subnetpath) == False: ssh.sendCmd("touch %s" % subnetpath) if ssh.isRemoteWritable(subnetpath) == False: self.logError("%s (on %s) is not writable" % (subnetpath,addr)) self.decrThreadNb() return if ssh.isRemoteExists("/tmp/dhcprestart") == False: ssh.sendCmd("touch %s" % "/tmp/dhcprestart") if ssh.isRemoteWritable("/tmp/dhcprestart") == False: self.logError("%s (on %s) is not writable" % ("/tmp/dhcprestart",addr)) self.decrThreadNb() return """ This variable enable failover part With ISC DHCP failover can be declared only if used """ showFailover = False for idx in pgres: if idx[0] in self.clusterList: # custom options for cOpt in self.customOptsList: # Only real custom options are declared if self.customOptsList[cOpt][2] == False: codeType = "" if self.customOptsList[cOpt][1] == "uint8": codeType = "unsigned integer 8" elif self.customOptsList[cOpt][1] == "uint16": codeType = "unsigned integer 16" elif self.customOptsList[cOpt][1] == "uint32": codeType = "unsigned integer 32" elif self.customOptsList[cOpt][1] == "int8": codeType = "integer 8" elif self.customOptsList[cOpt][1] == "int16": codeType = "integer 16" elif self.customOptsList[cOpt][1] == "uint32": codeType = "integer 32" elif self.customOptsList[cOpt][1] == "ip": codeType = "ip-address" else: codeType = self.customOptsList[cOpt][1] subnetBuf += "option %s code %s = %s;\n" % (cOpt,self.customOptsList[cOpt][0],codeType) if len(subnetBuf) > 0: subnetBuf += "\n" # Cluster options failoverPeerBuf = "" failoverPeerName = "" if idx[0] in self.clusterOptions: # ISC dhcp clusters if self.clusterOptions[idx[0]][0] == 1 or self.clusterOptions[idx[0]][0] == 2: peerAddr = "" """ cluster members has always 2 members on this configuration then, peer is the other record """ for peer in self.clusterMembers[idx[0]]: if peer != addr: if self.clusterMembers[idx[0]][peer]["clusteraddr"] != None: peerAddr = self.clusterMembers[idx[0]][peer]["clusteraddr"] localAddr = addr # If there is a valid clusterAddr, replace localAddr if addr in self.clusterMembers[idx[0]] and self.clusterMembers[idx[0]][addr]["clusteraddr"] != None: localAddr = self.clusterMembers[idx[0]][addr]["clusteraddr"] failoverPeerBuf += "failover peer \"cluster-%s\" {" % idx[0].replace(' ','-') failoverPeerName = "cluster-%s" % idx[0].replace(' ','-') # This is for cluster master if addr == self.clusterOptions[idx[0]][1]: failoverPeerBuf += "\n\tprimary;" # This is for cluster slave else: failoverPeerBuf += "\n\tsecondary;" failoverPeerBuf += "\n\taddress %s;\n\tport 647;\n\tpeer address %s;\n\tpeer port 647;" % (localAddr,peerAddr) failoverPeerBuf += "\n\tmax-response-delay 3;\n\tmax-unacked-updates 2;\n\tload balance max seconds 10;" # This is for cluster master if (self.clusterOptions[idx[0]][0] == 1 or self.clusterOptions[idx[0]][0] == 2) and self.clusterOptions[idx[0]][1] == addr: if self.clusterOptions[idx[0]][0] == 2: failoverPeerBuf += "\n\tmclt 1800;\n\tsplit 127;" else: failoverPeerBuf += "\n\tmclt 1800;\n\tsplit 255;" failoverPeerBuf += "\n}\n\n" for subnet in self.clusterList[idx[0]]: netmask = self.subnetList[subnet][0] subnetIpList = self.subnetList[subnet][1] # Special case for DNS2 dns2 = "" if len(self.subnetList[subnet][4]) > 0 and self.subnetList[subnet][4] != self.subnetList[subnet][3]: dns2 = ",%s" % self.subnetList[subnet][4] subnetBuf += "subnet %s netmask %s {\n\toption routers %s;\n\toption domain-name \"%s\";\n" % (subnet,netmask,self.subnetList[subnet][2],self.subnetList[subnet][5]) # Set options values if subnet in self.subnetOptgroupsList: for options in self.subnetOptgroupsList[subnet]: # Text values must have braces and strip ' " ' char if self.customOptsList[options[0]][1] == "text": subnetBuf += "\toption %s \"%s\";\n" % (options[0],ZEyeUtil.addslashes(options[1])) else: if options[0] == "next-server": subnetBuf += "\t%s %s;\n" % (options[0],options[1]) else: subnetBuf += "\toption %s %s;\n" % (options[0],options[1]) if self.subnetList[subnet][6] != "" and self.subnetList[subnet][6] != 0: subnetBuf += "\tdefault-lease-time %s;\n" % self.subnetList[subnet][6] if self.subnetList[subnet][7] != "" and self.subnetList[subnet][7] != 0: subnetBuf += "\tmax-lease-time %s;\n" % self.subnetList[subnet][7] subnetBuf += "\toption domain-name-servers %s%s;\n\n" % (self.subnetList[subnet][3],dns2) # Now create pool with failover peer and ranges if subnet in self.rangeList: # Show this part only if we have rangelist if len(self.rangeList[subnet]) > 0: # Start pool brace subnetBuf += "\tpool {\n" # Show failover part and enable showFailover variable showFailover = True if len(failoverPeerName) > 0: subnetBuf += "\t\tfailover peer \"%s\";\n\n" % failoverPeerName for range in self.rangeList[subnet]: subnetBuf += "\t\trange %s %s;\n" % (range[0],range[1]) subnetBuf += "\t}\n" subnetBuf += "}\n\n" for ip in subnetIpList: reservBuf += "host %s {\n\thardware ethernet %s;\n\tfixed-address %s;\n" % (self.ipList[ip][1],self.ipList[ip][0],ip) if ip in self.IPv4OptgroupsList: for options in self.IPv4OptgroupsList[ip]: # Text values must have braces and strip ' " ' char if self.customOptsList[options[0]][1] == "text": reservBuf += "\toption %s \"%s\";\n" % (options[0],ZEyeUtil.addslashes(options[1])) else: if options[0] == "next-server": reservBuf += "\t%s %s;\n" % (options[0],options[1]) else: reservBuf += "\toption %s %s;\n" % (options[0],options[1]) reservBuf += "}\n" if showFailover == True: subnetBuf = "%s%s" % (failoverPeerBuf,subnetBuf) # check md5 trace to see if subnet file is different tmpmd5 = ssh.sendCmd("cat %s|%s" % (subnetpath,hashCmd)) tmpmd5 = re.sub("\n", "", tmpmd5) tmpmd52 = hashlib.md5("%s\n" % subnetBuf).hexdigest() if tmpmd5 != tmpmd52: ssh.sendCmd("echo '%s' > %s" % (subnetBuf,subnetpath)) ssh.sendCmd("echo 1 > /tmp/dhcprestart") self.logInfo("subnets modified on %s, asking dhcpd restart" % addr) # check md5 trace to see if reserv file is different tmpmd5 = ssh.sendCmd("cat %s|%s" % (reservpath,hashCmd)) tmpmd5 = re.sub("\n", "", tmpmd5) tmpmd52 = hashlib.md5("%s\n" % reservBuf).hexdigest() if tmpmd5 != tmpmd52: ssh.sendCmd("echo '%s' > %s" % (reservBuf,reservpath)) ssh.sendCmd("echo 1 > /tmp/dhcprestart") self.logInfo("reservations modified on %s, asking dhcpd restart" % addr) ssh.close() except Exception, e: self.logCritical(e)
def doConfigDNS(self,addr,user,pwd,namedpath,chrootpath,mzonepath,szonepath,zeyenamedpath,nsfqdn,tsigtransfer,tsigupdate): self.incrThreadNb() cfgbuffer = "" try: # No zone or cluster, stop it if len(self.zoneList) == 0 or len(self.clusterList) == 0: self.decrThreadNb() return ssh = ZEyeSSHBroker(addr,user,pwd) if ssh.connect() == False: self.decrThreadNb() return # We get the remote OS for some commands remoteOs = ssh.getRemoteOS() if remoteOs != "Linux" and remoteOs != "FreeBSD" and remoteOs != "OpenBSD": self.logError("%s OS (on %s) is not supported" % (remoteOs,addr)) self.decrThreadNb() return hashCmd = "" if remoteOs == "Linux": hashCmd = "md5sum" elif remoteOs == "FreeBSD" or remoteOs == "OpenBSD": hashCmd = "md5 -q" # We test file existence. If they doesn't exist, we create it. If creation failed, the DNS manager cannot use this server if ssh.isRemoteExists(zeyenamedpath) == False: ssh.sendCmd("touch %s" % zeyenamedpath) if ssh.isRemoteWritable(zeyenamedpath) == False: self.logError("%s (on %s) is not writable, no DNS configuration will be done on this server" % (zeyenamedpath,addr)) self.decrThreadNb() return if ssh.isRemoteExists("/tmp/dnsrestart") == False: ssh.sendCmd("touch /tmp/dnsrestart") if ssh.isRemoteWritable("/tmp/dnsrestart") == False: self.logError("/tmp/dnsrestart (on %s) is not writable, no DNS configuration will be done on this server" % addr) self.decrThreadNb() return # Write options for cluster in self.clusterList: if addr in self.clusterList[cluster][0] or addr in self.clusterList[cluster][1] or addr in self.clusterList[cluster][2]: tmpcfgbuffer = "" if len(self.clusterList[cluster][3]) > 0: tmpcfgbuffer += "\tallow-recursion {\n" for acl in self.clusterList[cluster][3]: if acl == "none" or acl == "any": tmpcfgbuffer += "\t\t%s;\n" % acl else: tmpcfgbuffer += "\t\t\"%s\";\n" % acl tmpcfgbuffer += "\t};\n" if len(self.clusterList[cluster][4]) > 0: tmpcfgbuffer += "\tallow-transfer {\n" for acl in self.clusterList[cluster][4]: # Only write non if no tsig transfer key if acl == "none": if tsigtransfer == "": tmpcfgbuffer += "\t\t%s;\n" % acl elif acl == "any": tmpcfgbuffer += "\t\t%s;\n" % acl else: tmpcfgbuffer += "\t\t\"%s\";\n" % acl if tsigtransfer != "": tmpcfgbuffer += "\t\tkey \"%s\";\n" % self.tsigList[tsigtransfer][0] tmpcfgbuffer += "\t};\n" if len(self.clusterList[cluster][5]) > 0: tmpcfgbuffer += "\tallow-update {\n" for acl in self.clusterList[cluster][5]: # Only write non if no tsig update key if acl == "none": if tsigupdate == "": tmpcfgbuffer += "\t\t%s;\n" % acl elif acl == "any": tmpcfgbuffer += "\t\t%s;\n" % acl else: tmpcfgbuffer += "\t\t\"%s\";\n" % acl if tsigupdate != "": tmpcfgbuffer += "\t\tkey \"%s\";\n" % self.tsigList[tsigupdate][0] tmpcfgbuffer += "\t};\n" if len(self.clusterList[cluster][6]) > 0: tmpcfgbuffer += "\tallow-notify {\n" for acl in self.clusterList[cluster][6]: if acl == "none" or acl == "any": tmpcfgbuffer += "\t\t%s;\n" % acl else: tmpcfgbuffer += "\t\t\"%s\";\n" % acl tmpcfgbuffer += "\t};\n" if len(self.clusterList[cluster][7]) > 0: tmpcfgbuffer += "\tallow-query {\n\t\t127.0.0.1;\n\t\t::1;\n" for acl in self.clusterList[cluster][7]: # If none ACL is found, don't write it because we must allow localhost if acl == "any": tmpcfgbuffer += "\t\t%s;\n" % acl elif acl != "none": tmpcfgbuffer += "\t\t\"%s\";\n" % acl tmpcfgbuffer += "\t};\n" if self.clusterList[cluster][8] == True: tmpcfgbuffer += "\tdnssec-enable yes;\n" else: tmpcfgbuffer += "\tdnssec-enable no;\n" if self.clusterList[cluster][9] == True: tmpcfgbuffer += "\tdnssec-validation yes;\n" else: tmpcfgbuffer += "\tdnssec-validation no;\n" if len(tmpcfgbuffer) > 0: cfgbuffer += "options {\n\tversion\"\";\n\tlisten-on { any; };\n\tlisten-on-v6 { any; };\n%s};\n" % tmpcfgbuffer # Write TSIG keys for tsig in self.tsigList: algo = "" if self.tsigList[tsig][1] == 1: algo = "hmac-md5" elif self.tsigList[tsig][1] == 2: algo = "hmac-sha1" elif self.tsigList[tsig][2] == 3: algo = "hmac-sha256" if algo != "": cfgbuffer += "key \"%s\" {\n\talgorithm %s;\n\tsecret \"%s\";\n};\n" % (self.tsigList[tsig][0],algo,self.tsigList[tsig][2]) # Write ACLS for acl in self.aclList: tmpcfgbuffer = "" for ip in self.aclList[acl][0]: tmpcfgbuffer += "\t%s;\n" % ip for network in self.aclList[acl][1]: tmpcfgbuffer += "\t%s;\n" % network for childacl in self.aclList[acl][2]: tmpcfgbuffer += "\t\"%s\";\n" % childacl for tsig in self.aclList[acl][3]: tmpcfgbuffer += "\tkey \"%s\";\n" % tsig for dnsname in self.aclList[acl][4]: # We need to catch exception. If exception, name not resolvable try: dnsanswer = dns.resolver.query(dnsname,'A') for rdata in dnsanswer: tmpcfgbuffer += "\t%s;\n" % rdata.address except DNSException, e: self.logError("unable to resolve name %s" % dnsname) if len(tmpcfgbuffer) > 0: cfgbuffer += "acl \"%s\" {\n%s};\n" % (acl,tmpcfgbuffer) for zone in self.zoneList: srvType = 0 clusterCaches = False for cluster in self.zoneList[zone][1]: # This server must be in the zone clusters if addr in self.clusterList[cluster][0]: srvType = 1 elif addr in self.clusterList[cluster][1]: srvType = 2 elif addr in self.clusterList[cluster][2]: srvType = 3 if len(self.clusterList[cluster][2]) > 0: clusterCaches = True if srvType > 0: validZone = False masterList = None slaveList = None cacheList = None tmpcfgbuffer = "zone \"%s.\" {\n" % zone # Zone in classic mode if self.zoneList[zone][0] == 1: # Configuration for caches if clusterCaches: if srvType == 3: tmpcfgbuffer += "\ttype forward;\n\tforwarders {\n" # Forwarders are master and then slaves for cluster in self.zoneList[zone][1]: for master in self.clusterList[cluster][0]: tmpcfgbuffer += "\t\t%s;\n" % master for slave in self.clusterList[cluster][1]: tmpcfgbuffer += "\t\t%s;\n" % slave validZone = True else: # Configuration for masters if srvType == 1: tmpcfgbuffer += "\ttype master;\n" if len(chrootpath) > 0: tmpcfgbuffer += "\tfile \"%s/%s\";\n" % (re.sub(ZEyeUtil.addslashes(chrootpath),"",mzonepath),zone) else: tmpcfgbuffer += "\tfile \"%s/%s\";\n" % (mzonepath,zone) transferBuf = "" updateBuf = "" queryBuf = "" """ If there is slaves, we must allow transfer and queries If there is caches, we must allow queries We also load herited rules if herited is selected """ for cluster in self.zoneList[zone][1]: if len(self.clusterList[cluster][1]) > 0: slaveList = self.clusterList[cluster][1] if len(self.clusterList[cluster][2]) > 0: cacheList = self.clusterList[cluster][2] if "herited" in self.zoneList[zone][4]: for acl in self.clusterList[cluster][4]: if acl != "none": transferBuf += "\t\t\"%s\";\n" % acl if "herited" in self.zoneList[zone][6]: for acl in self.clusterList[cluster][5]: if acl != "none": updateBuf += "\t\t\"%s\";\n" % acl if "herited" in self.zoneList[zone][7]: for acl in self.clusterList[cluster][7]: if acl != "none": queryBuf += "\t\t\"%s\";\n" % acl if slaveList != None: for slave in slaveList: transferBuf += "\t\t%s;\n" % slave queryBuf += "\t\t%s;\n" % slave if cacheList != None: for cache in cacheList: queryBuf += "\t\t%s;\n" % cache """ We add Z-Eye TSIG key, if present """ if tsigtransfer != None and tsigtransfer != "" and tsigtransfer in self.tsigList: transferBuf += "\t\tkey %s;\n" % self.tsigList[tsigtransfer][0] queryBuf += "\t\tkey %s;\n" % self.tsigList[tsigtransfer][0] updateBuf += "\t\tkey %s;\n" % self.tsigList[tsigtransfer][0] """ Now we load real ACLs If any, allow all and simplify output. If none or herited, only allow cluster members (needed to have a working cluster) Else, allow cluster members + ACLS """ if "any" in self.zoneList[zone][4]: transferBuf = "\t\tany;\n" elif "none" not in self.zoneList[zone][4] and "herited" not in self.zoneList[zone][4]: for acl in self.zoneList[zone][4]: transferBuf += "\t\t\"%s\";\n" % acl if "any" in self.zoneList[zone][6]: updateBuf = "\t\tany;\n" elif "none" not in self.zoneList[zone][6] and "herited" not in self.zoneList[zone][6]: for acl in self.zoneList[zone][6]: updateBuf += "\t\t\"%s\";\n" % acl if "any" in self.zoneList[zone][7]: queryBuf = "\t\tany;\n" elif "none" not in self.zoneList[zone][7] and "herited" not in self.zoneList[zone][7]: for acl in self.zoneList[zone][7]: queryBuf += "\t\t\"%s\";\n" % acl # And we write ACLs if len(transferBuf) > 0: tmpcfgbuffer += "\tallow-transfer {\n%s\t\t127.0.0.1;\n\t\t::1;\n\t};\n" % transferBuf if len(updateBuf) > 0: tmpcfgbuffer += "\tallow-update {\n%s\t};\n" % updateBuf if len(queryBuf) > 0: tmpcfgbuffer += "\tallow-query {\n%s\t\t127.0.0.1;\n\t\t::1;\n\t};\n" % queryBuf tmpcfgbuffer += "\tnotify yes;\n" validZone = True # Configuration for slaves elif srvType == 2: tmpcfgbuffer += "\ttype slave;\n\tmasters {\n" # Now we configure masters for cluster in self.zoneList[zone][1]: for master in self.clusterList[cluster][0]: tmpcfgbuffer += "\t\t%s;\n" % master tmpcfgbuffer += "\t};\n" if len(chrootpath) > 0: tmpcfgbuffer += "\tfile \"%s/%s\";\n" % (re.sub(ZEyeUtil.addslashes(chrootpath),"",szonepath),zone) else: tmpcfgbuffer += "\tfile \"%s/%s\";\n" % (szonepath,zone) transferBuf = "" notifyBuf = "" queryBuf = "" """ If there is masters, we must allow transfer, queries and notify If there is caches, we must allow queries We also load herited rules if herited is selected """ for cluster in self.zoneList[zone][1]: if len(self.clusterList[cluster][0]) > 0: masterList = self.clusterList[cluster][0] if len(self.clusterList[cluster][2]) > 0: cacheList = self.clusterList[cluster][2] if "herited" in self.zoneList[zone][4]: for acl in self.clusterList[cluster][4]: if acl != "none": transferBuf += "\t\t\"%s\";\n" % acl if "herited" in self.zoneList[zone][5]: for acl in self.clusterList[cluster][6]: if acl != "none": notifyBuf += "\t\t\"%s\";\n" % acl if "herited" in self.zoneList[zone][7]: for acl in self.clusterList[cluster][7]: if acl != "none": queryBuf += "\t\t\"%s\";\n" % acl if masterList != None: for master in masterList: transferBuf += "\t\t%s;\n" % master notifyBuf += "\t\t%s;\n" % master queryBuf += "\t\t%s;\n" % master if cacheList != None: for cache in cacheList: queryBuf += "\t\t%s;\n" % cache """ We add Z-Eye TSIG key, if present """ if tsigtransfer != None and tsigtransfer != "" and tsigtransfer in self.tsigList: transferBuf += "\t\tkey %s;\n" % self.tsigList[tsigtransfer][0]; queryBuf += "\t\tkey %s;\n" % self.tsigList[tsigtransfer][0]; """ Now we load real ACLs If any, allow all and simplify output. If none, only allow cluster members Else, allow cluster members + ACLS """ if "any" in self.zoneList[zone][4]: transferBuf = "\t\tany;\n" elif "none" not in self.zoneList[zone][4] and "herited" not in self.zoneList[zone][4]: for acl in self.zoneList[zone][4]: transferBuf += "\t\t\"%s\";\n" % acl if "any" in self.zoneList[zone][5]: notifyBuf = "\t\tany;\n" elif "none" not in self.zoneList[zone][5] and "herited" not in self.zoneList[zone][5]: for acl in self.zoneList[zone][5]: notifyBuf += "\t\t\"%s\";\n" % acl if "any" in self.zoneList[zone][7]: queryBuf = "\t\tany;\n" elif "none" not in self.zoneList[zone][7] and "herited" not in self.zoneList[zone][7]: for acl in self.zoneList[zone][7]: queryBuf += "\t\t\"%s\";\n" % acl # And we write ACLs if len(transferBuf) > 0: tmpcfgbuffer += "\tallow-transfer {\n%s\t\t127.0.0.1;\n\t\t::1;\n\t};\n" % transferBuf if len(notifyBuf) > 0: tmpcfgbuffer += "\tallow-notify {\n%s\t};\n" % notifyBuf if len(queryBuf) > 0: tmpcfgbuffer += "\tallow-query {\n%s\t\t127.0.0.1;\n\t\t::1;\n\t};\n" % queryBuf validZone = True # Zone in slave mode elif self.zoneList[zone][0] == 2: # Only if there is masters if len(self.zoneList[zone][2]) > 0: # If there is caches, slave is on cache if clusterCaches: if srvType == 3: tmpcfgbuffer += "\ttype slave;\n\tmasters {\n" for fwd in self.zoneList[zone][2]: tmpcfgbuffer += "\t\t%s;\n" % fwd tmpcfgbuffer += "\t};\n" validZone = True else: tmpcfgbuffer += "\ttype slave;\n\tmasters {\n" for master in self.zoneList[zone][2]: tmpcfgbuffer += "\t\t%s;\n" % master tmpcfgbuffer += "\t};\n" if len(chrootpath) > 0: tmpcfgbuffer += "\tfile \"%s/%s\";\n" % (re.sub(ZEyeUtil.addslashes(chrootpath),"",szonepath),zone) else: tmpcfgbuffer += "\tfile \"%s/%s\";\n" % (szonepath,zone) transferBuf = "" notifyBuf = "" queryBuf = "" """ If there is masters, we must allow transfer and notify If there is caches, we must allow queries We also load herited rules if herited is selected """ for cluster in self.zoneList[zone][1]: if len(self.clusterList[cluster][2]) > 0: cacheList = self.clusterList[cluster][2] if "herited" in self.zoneList[zone][4]: for acl in self.clusterList[cluster][4]: transferBuf += "\t\t\"%s\";\n" % acl if "herited" in self.zoneList[zone][5]: for acl in self.clusterList[cluster][6]: notifyBuf += "\t\t\"%s\";\n" % acl if "herited" in self.zoneList[zone][7]: for acl in self.clusterList[cluster][7]: queryBuf += "\t\t\"%s\";\n" % acl for master in self.zoneList[zone][2]: notifyBuf += "\t\t%s;\n" % master transferBuf += "\t\t%s;\n" % master # If this is a cluster master of slave, we must allow cache to query if cacheList != None and srvType != 3: for cache in cacheList: queryBuf += "\t\t%s;\n" % cache """ We add Z-Eye TSIG key, if present """ if tsigtransfer != None and tsigtransfer != "" and tsigtransfer in self.tsigList: transferBuf += "\t\tkey %s;\n" % self.tsigList[tsigtransfer][0]; queryBuf += "\t\tkey %s;\n" % self.tsigList[tsigtransfer][0]; """ Now we load real ACLs If any, allow all and simplify output. If none or herited, only allow cluster members Else, allow cluster members + ACLS """ if "any" in self.zoneList[zone][4]: transferBuf = "\t\tany;\n" elif "none" not in self.zoneList[zone][4] and "herited" not in self.zoneList[zone][4]: for acl in self.zoneList[zone][4]: transferBuf += "\t\t\"%s\";\n" % acl if "any" in self.zoneList[zone][5]: notifyBuf = "\t\tany;\n" elif "none" not in self.zoneList[zone][5] and "herited" not in self.zoneList[zone][5]: for acl in self.zoneList[zone][5]: notifyBuf += "\t\t\"%s\";\n" % acl if "any" in self.zoneList[zone][7]: queryBuf = "\t\tany;\n" elif "none" not in self.zoneList[zone][7] and "herited" not in self.zoneList[zone][7]: for acl in self.zoneList[zone][7]: queryBuf += "\t\t\"%s\";\n" % acl # And we write ACLs if len(transferBuf) > 0: tmpcfgbuffer += "\tallow-transfer {\n%s\t};\n" % transferBuf if len(notifyBuf) > 0: tmpcfgbuffer += "\tallow-notify {\n%s\t};\n" % notifyBuf if len(queryBuf) > 0: tmpcfgbuffer += "\tallow-query {\n%s\t\t127.0.0.1;\n\t\t::1;\n\t};\n" % queryBuf validZone = True # Zone in forward mode elif self.zoneList[zone][0] == 3: # Only if there is forwarders if len(self.zoneList[zone][3]) > 0: # If there is caches, forward is on cache if clusterCaches: if srvType == 3: tmpcfgbuffer += "\ttype forward;\n\tforwarders {\n" for fwd in self.zoneList[zone][3]: tmpcfgbuffer += "\t\t%s;\n" % fwd tmpcfgbuffer += "\t};\n" # No ACL in a forward zone validZone = True else: tmpcfgbuffer += "\ttype forward;\n\tforwarders {\n" for fwd in self.zoneList[zone][3]: tmpcfgbuffer += "\t\t%s;\n" % fwd tmpcfgbuffer += "\t};\n" # No ACL in a forward zone validZone = True if validZone == True: cfgbuffer += "%s};\n" % tmpcfgbuffer # Classic zone if self.zoneList[zone][0] == 1 and srvType == 1: """ Verify if zone file exists on master servers. If not exists create a basic file Not needed for slaves. Zonefile is created when transfer if not exists on slave servers. """ if ssh.isRemoteExists("%s/%s/%s" % (chrootpath,mzonepath,zone)) == False: # SOA record ttlRefresh = self.zoneList[zone][8] if ttlRefresh == 0: ttlRefresh = 3600 ttlRetry = self.zoneList[zone][9] if ttlRetry == 0: ttlRetry = 180 ttlExpire = self.zoneList[zone][10] if ttlExpire == 0: ttlExpire = 864000 ttlMinimum = self.zoneList[zone][11] if ttlMinimum == 0: ttlMinimum = 3600 zonefile = "$ORIGIN .\n$TTL 86400\n%s IN SOA %s. hostmaster.%s. (\n\t\t\t1\n\t\t\t%d\n\t\t\t%d\n\t\t\t%d\n\t\t\t%d )\n" % (zone,nsfqdn,zone,ttlRefresh,ttlRetry,ttlExpire,ttlMinimum) # If caches, NS are on caches if cacheList != None: for cache in cacheList: zonefile += "\t\t\tNS\t%s.\n" % self.serverList[cache][7] else: zonefile += "\t\t\tNS\t%s.\n" % nsfqdn if slaveList != None: for slave in slaveList: zonefile += "\t\t\tNS\t%s.\n" % self.serverList[slave][7] zonefile += "\n$ORIGIN %s.\n" % zone if ssh.isRemoteWritable("%s/%s/%s" % (chrootpath,mzonepath,zone)) == False: self.logError("Unable to write zonefile on server %s. Please ensure %s/%s/%s is writable !" % (addr,chrootpath,mzonepath,zone)) else: ssh.sendCmd("echo '%s' > %s/%s/%s" % (zonefile,chrootpath,mzonepath,zone)) ssh.sendCmd("echo 1 > /tmp/dnsrestart") self.logInfo("file for zone %s created on %s" % (zone,addr)) elif self.zoneList[zone][0] == 1 and srvType == 2: """ Verify if zone file exists on slave servers. If not exists ask a service restart to load zone """ if ssh.isRemoteExists("%s/%s/%s" % (chrootpath,szonepath,zone)) == False: ssh.sendCmd("echo 1 > /tmp/dnsrestart") self.logInfo("file for zone %s inexistant on %s (slave), asking named restart" % (zone,addr)) # check md5 trace to see if subnet file is different tmpmd5 = ssh.sendCmd("cat %s|%s" % (zeyenamedpath,hashCmd)) tmpmd5 = re.sub("\n", "", tmpmd5) tmpmd52 = hashlib.md5("%s\n" % cfgbuffer).hexdigest() if tmpmd5 != tmpmd52: ssh.sendCmd("echo '%s' > %s" % (cfgbuffer,zeyenamedpath)) ssh.sendCmd("echo 1 > /tmp/dnsrestart") self.logInfo("configuration modified on %s" % addr) ssh.close()
def do14Upgrade(self): try: if self.dbVersion < "1400": self.tryCreateTable("z_eye_switch_infos","device varchar(128) NOT NULL, building varchar(64) NOT NULL, PRIMARY KEY(device)") self.setDBVersion("1400") if self.dbVersion == "1400": self.tryAddColumn("z_eye_switch_infos","room","varchar(64)") self.setDBVersion("1401") if self.dbVersion == "1401": self.tryAddColumn("z_eye_dns_clusters","dnssec_enable","bool") self.tryAddColumn("z_eye_dns_clusters","dnssec_validation","bool") self.setDBVersion("1402") if self.dbVersion == "1402": self.tryAddColumn("z_eye_dhcp_ip","expiration_date","date") self.setDBVersion("1403") if self.dbVersion == "1403": self.rawRequest("UPDATE z_eye_icinga_commands set cmd = '/usr/bin/printf \"%b\" \"***** Icinga *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n\" | /usr/bin/mail -s \"** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **\" $CONTACTEMAIL$' WHERE name = 'notify-host-by-email'") self.rawRequest("UPDATE z_eye_icinga_commands set cmd = '/usr/bin/printf \"%b\" \"***** Icinga *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $ HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n\" | /usr/bin/mail -s \"** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **\" $CONTACTEMAIL$' WHERE name = 'notify-service-by-email'") self.setDBVersion("1404") if self.dbVersion == "1404": self.tryAddColumn("z_eye_icinga_commands","cmd_comment","text") self.tryAddColumn("z_eye_icinga_commands","syscmd","bool DEFAULT 'f'") self.rawRequest("UPDATE z_eye_icinga_commands set syscmd = 't' WHERE name IN ('notify-host-by-email','notify-service-by-email','process-host-perfdata','process-service-perfdata')") self.setDBVersion("1405") if self.dbVersion == "1405": self.tryCreateTable("z_eye_icinga_notif_strategy","name varchar(64) NOT NULL, alias varchar(64) NOT NULL, interval INT NOT NULL, period VARCHAR(64) NOT NULL, ev_updown boolean NOT NULL, ev_crit boolean NOT NULL, ev_warn boolean NOT NULL, ev_unavailable boolean NOT NULL, ev_flap boolean NOT NULL, ev_recovery boolean NOT NULL, ev_scheduled boolean NOT NULL, PRIMARY KEY(name)") self.setDBVersion("1406") if self.dbVersion == "1406": pgcursor = self.pgsqlCon.cursor() """ Verify if 24x7 timeperiod exists, we need it to migrate our strategies If not exist, create it """ pgcursor.execute("SELECT count(*) FROM z_eye_icinga_timeperiods WHERE name = '24x7'") pgres = pgcursor.fetchone() if pgres[0] == 0: self.rawRequest("INSERT INTO z_eye_icinga_timeperiods (name,alias,mhs,mms,tuhs,tums,whs,wms,thhs,fhs,fms,sahs,sams,suhs,sums,mhe,mme,tuhe,tume,whe,wme,thhe,thme,fhe,fme,sahe,same,suhe,sume) VALUES ('24x7','24 Hours A Day, 7 Days A Week','0','0','0','0','0','0','0','0','0','0','0','0','0','0','23','59','23','59','23','59','23','59','23','59','23','59','23','59')") # Now create the default strategies pgcursor.execute("SELECT count(*) FROM z_eye_icinga_notif_strategy WHERE name = 'All'") pgres = pgcursor.fetchone() if pgres[0] == 0: self.rawRequest("INSERT INTO z_eye_icinga_notif_strategy (name,alias,interval,period,ev_updown,ev_crit,ev_warn,ev_unavailable,ev_flap,ev_recovery,ev_scheduled) VALUES ('All','Every time, every notification','0','24x7','t','t','t','t','t','t','t')") pgcursor.execute("SELECT count(*) FROM z_eye_icinga_notif_strategy WHERE name = 'Nothing'") pgres = pgcursor.fetchone() if pgres[0] == 0: self.rawRequest("INSERT INTO z_eye_icinga_notif_strategy (name,alias,interval,period,ev_updown,ev_crit,ev_warn,ev_unavailable,ev_flap,ev_recovery,ev_scheduled) VALUES ('Nothing','No alert','0','24x7','f','f','f','f','f','f','f')") # we add the strategy column to hosts self.tryAddColumn("z_eye_icinga_hosts","notif_strategy","varchar(64) NOT NULL DEFAULT ''") # Now we apply a patch to use the previous created strategies (BREAKUP some configurations) pgcursor.execute("SELECT name FROM z_eye_icinga_hosts WHERE hostoptd = 't' AND hostoptu = 't' AND hostoptr = 't' AND hostoptf = 't' AND hostopts = 't'") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_hosts SET notif_strategy = 'All' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) pgcursor.execute("SELECT name FROM z_eye_icinga_hosts WHERE (hostoptd = 'f' AND hostoptu = 'f' AND hostoptr = 'f' AND hostoptf = 'f' AND hostopts = 'f') OR notifen = 'f'") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_hosts SET notif_strategy = 'Nothing' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) pgcursor.execute("SELECT name FROM z_eye_icinga_hosts WHERE notif_strategy = ''") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_hosts SET notif_strategy = 'All' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) # we add the strategy column to services self.tryAddColumn("z_eye_icinga_services","notif_strategy","varchar(64) NOT NULL DEFAULT ''") # Now we apply a patch to use the previous created strategies (BREAKUP some configurations) pgcursor.execute("SELECT name FROM z_eye_icinga_services WHERE srvoptc = 't' AND srvoptw = 't' AND srvoptf = 't' AND srvopts = 't' AND srvoptu = 't'") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_services SET notif_strategy = 'All' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) pgcursor.execute("SELECT name FROM z_eye_icinga_services WHERE (srvoptc = 'f' AND srvoptw = 'f' AND srvoptf = 'f' AND srvopts = 'f' AND srvoptu = 'f') OR notifen = 'f'") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_services SET notif_strategy = 'Nothing' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) pgcursor.execute("SELECT name FROM z_eye_icinga_services WHERE notif_strategy = ''") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_services SET notif_strategy = 'All' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) self.setDBVersion("1407") if self.dbVersion == "1407": self.tryDropColumn("z_eye_icinga_services","notifperiod") self.tryDropColumn("z_eye_icinga_services","notifintval") self.tryDropColumn("z_eye_icinga_services","srvoptc") self.tryDropColumn("z_eye_icinga_services","srvoptw") self.tryDropColumn("z_eye_icinga_services","srvoptu") self.tryDropColumn("z_eye_icinga_services","srvoptf") self.tryDropColumn("z_eye_icinga_services","srvopts") self.tryDropColumn("z_eye_icinga_services","srvoptr") self.setDBVersion("1408") if self.dbVersion == "1408": self.tryDropColumn("z_eye_icinga_hosts","notifperiod") self.tryDropColumn("z_eye_icinga_hosts","notifintval") self.tryDropColumn("z_eye_icinga_hosts","hostoptd") self.tryDropColumn("z_eye_icinga_hosts","hostoptu") self.tryDropColumn("z_eye_icinga_hosts","hostoptr") self.tryDropColumn("z_eye_icinga_hosts","hostoptf") self.tryDropColumn("z_eye_icinga_hosts","hostopts") self.setDBVersion("1409") if self.dbVersion == "1409": pgcursor = self.pgsqlCon.cursor() """ Verify if 24x7 timeperiod exists, we need it to migrate our strategies If not exist, create it It's the second time because contacts were forgotten before """ pgcursor.execute("SELECT count(*) FROM z_eye_icinga_timeperiods WHERE name = '24x7'") pgres = pgcursor.fetchone() if pgres[0] == 0: self.rawRequest("INSERT INTO z_eye_icinga_timeperiods (name,alias,mhs,mms,tuhs,tums,whs,wms,thhs,fhs,fms,sahs,sams,suhs,sums,mhe,mme,tuhe,tume,whe,wme,thhe,thme,fhe,fme,sahe,same,suhe,sume) VALUES ('24x7','24 Hours A Day, 7 Days A Week','0','0','0','0','0','0','0','0','0','0','0','0','0','0','23','59','23','59','23','59','23','59','23','59','23','59','23','59')") # Now create the default strategies pgcursor.execute("SELECT count(*) FROM z_eye_icinga_notif_strategy WHERE name = 'All'") pgres = pgcursor.fetchone() if pgres[0] == 0: self.rawRequest("INSERT INTO z_eye_icinga_notif_strategy (name,alias,interval,period,ev_updown,ev_crit,ev_warn,ev_unavailable,ev_flap,ev_recovery,ev_scheduled) VALUES ('All','Every time, every notification','0','24x7','t','t','t','t','t','t','t')") pgcursor.execute("SELECT count(*) FROM z_eye_icinga_notif_strategy WHERE name = 'Nothing'") pgres = pgcursor.fetchone() if pgres[0] == 0: self.rawRequest("INSERT INTO z_eye_icinga_notif_strategy (name,alias,interval,period,ev_updown,ev_crit,ev_warn,ev_unavailable,ev_flap,ev_recovery,ev_scheduled) VALUES ('Nothing','No alert','0','24x7','f','f','f','f','f','f','f')") # we add the strategy column to contacts self.tryAddColumn("z_eye_icinga_contacts","host_notif_strategy","varchar(64) NOT NULL DEFAULT ''") self.tryAddColumn("z_eye_icinga_contacts","service_notif_strategy","varchar(64) NOT NULL DEFAULT ''") # Now we apply a patch to use the previous created strategies (BREAKUP some configurations) # First for hosts pgcursor.execute("SELECT name FROM z_eye_icinga_contacts WHERE hoptd = 't' AND hoptu = 't' AND hoptr = 't' AND hoptf = 't' AND hopts = 't'") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_contacts SET host_notif_strategy = 'All' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) pgcursor.execute("SELECT name FROM z_eye_icinga_contacts WHERE hoptd = 'f' AND hoptu = 'f' AND hoptr = 'f' AND hoptf = 'f' AND hopts = 'f'") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_contacts SET host_notif_strategy = 'Nothing' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) pgcursor.execute("SELECT name FROM z_eye_icinga_contacts WHERE host_notif_strategy = ''") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_contacts SET host_notif_strategy = 'All' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) # Second for services pgcursor.execute("SELECT name FROM z_eye_icinga_contacts WHERE soptc = 't' AND soptw = 't' AND soptu = 't' AND soptr = 't' AND soptf = 't' AND sopts = 't'") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_contacts SET service_notif_strategy = 'All' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) pgcursor.execute("SELECT name FROM z_eye_icinga_contacts WHERE soptc = 'f' AND soptw = 'f' AND soptu = 'f' AND soptr = 'f' AND soptf = 'f' AND sopts = 'f'") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_contacts SET service_notif_strategy = 'Nothing' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) pgcursor.execute("SELECT name FROM z_eye_icinga_contacts WHERE service_notif_strategy = ''") pgres = pgcursor.fetchall() for idx in pgres: self.rawRequest("UPDATE z_eye_icinga_contacts SET service_notif_strategy = 'All' WHERE name = '%s'" % ZEyeUtil.addPgSlashes(idx[0])) self.setDBVersion("1410") if self.dbVersion == "1410": self.tryDropColumn("z_eye_icinga_contacts","hostperiod") self.tryDropColumn("z_eye_icinga_contacts","hoptd") self.tryDropColumn("z_eye_icinga_contacts","hoptu") self.tryDropColumn("z_eye_icinga_contacts","hoptr") self.tryDropColumn("z_eye_icinga_contacts","hoptf") self.tryDropColumn("z_eye_icinga_contacts","hopts") self.tryDropColumn("z_eye_icinga_contacts","srvperiod") self.tryDropColumn("z_eye_icinga_contacts","soptc") self.tryDropColumn("z_eye_icinga_contacts","soptw") self.tryDropColumn("z_eye_icinga_contacts","soptu") self.tryDropColumn("z_eye_icinga_contacts","soptr") self.tryDropColumn("z_eye_icinga_contacts","soptf") self.tryDropColumn("z_eye_icinga_contacts","sopts") self.setDBVersion("1411") if self.dbVersion == "1411": self.tryAddColumn("z_eye_dhcp_servers","clusteraddr","inet") self.setDBVersion("1412") if self.dbVersion == "1412": self.rawRequest("UPDATE z_eye_group_rules SET rulename = 'mrule_switchmgmt_discover' WHERE rulename = 'mrule_switches_discover'") self.rawRequest("UPDATE z_eye_group_rules SET rulename = 'mrule_switchmgmt_rmswitch' WHERE rulename = 'mrule_switches_rmswitch'") self.rawRequest("UPDATE z_eye_group_rules SET rulename = 'mrule_switchmgmt_write' WHERE rulename = 'mrule_switches_write'") self.rawRequest("UPDATE z_eye_group_rules SET rulename = 'mrule_switchmgmt_globalsave' WHERE rulename = 'mrule_switches_globalsave'") self.rawRequest("UPDATE z_eye_group_rules SET rulename = 'mrule_switchmgmt_globalbackup' WHERE rulename = 'mrule_switches_globalbackup'") self.rawRequest("UPDATE z_eye_group_rules SET rulename = 'mrule_switchmgmt_import_plugs' WHERE rulename = 'mrule_switches_import_plugs'") self.rawRequest("UPDATE z_eye_group_rules SET rulename = 'mrule_switchmgmt_read' WHERE rulename = 'mrule_switches_read'") self.rawRequest("UPDATE z_eye_group_rules SET rulename = 'mrule_switchrightsmgmt_backup' WHERE rulename = 'mrule_switchmgmt_backup'") self.rawRequest("UPDATE z_eye_user_rules SET rulename = 'mrule_switchmgmt_discover' WHERE rulename = 'mrule_switches_discover'") self.rawRequest("UPDATE z_eye_user_rules SET rulename = 'mrule_switchmgmt_rmswitch' WHERE rulename = 'mrule_switches_rmswitch'") self.rawRequest("UPDATE z_eye_user_rules SET rulename = 'mrule_switchmgmt_write' WHERE rulename = 'mrule_switches_write'") self.rawRequest("UPDATE z_eye_user_rules SET rulename = 'mrule_switchmgmt_globalsave' WHERE rulename = 'mrule_switches_globalsave'") self.rawRequest("UPDATE z_eye_user_rules SET rulename = 'mrule_switchmgmt_globalbackup' WHERE rulename = 'mrule_switches_globalbackup'") self.rawRequest("UPDATE z_eye_user_rules SET rulename = 'mrule_switchmgmt_import_plugs' WHERE rulename = 'mrule_switches_import_plugs'") self.rawRequest("UPDATE z_eye_user_rules SET rulename = 'mrule_switchmgmt_read' WHERE rulename = 'mrule_switches_read'") self.rawRequest("UPDATE z_eye_user_rules SET rulename = 'mrule_switchrightsmgmt_backup' WHERE rulename = 'mrule_switchmgmt_backup'") self.setDBVersion("1413") if self.dbVersion == "1413": self.tryCreateTable("z_eye_switch_configs","device varchar(128) NOT NULL, cfgtype int NOT NULL, cfgoutput TEXT, PRIMARY KEY(device,cfgtype)") self.setDBVersion("1414") except PgSQL.Error, e: if self.pgsqlCon: self.pgsqlCon.close() self.logger.critical("DBUpgrade: %s" % e) print "PgSQL Error: %s" % e sys.exit(1);