def allow_dhcp_broadcast(self):
#Open DHCP port if iptables is enabled.
# We supress error logging on error.
shellutil.run("iptables -D INPUT -p udp --dport 68 -j ACCEPT",
chk_err=False)
shellutil.run("iptables -I INPUT -p udp --dport 68 -j ACCEPT",
chk_err=False)
def allow_dhcp_broadcast(self):
#Open DHCP port if iptables is enabled.
# We supress error logging on error.
shellutil.run("iptables -D INPUT -p udp --dport 68 -j ACCEPT",
chk_err=False)
shellutil.run("iptables -I INPUT -p udp --dport 68 -j ACCEPT",
chk_err=False)
def set_hostname(self, hostname):
"""
Set /etc/sysconfig/network
"""
fileutil.update_conf_file('/etc/sysconfig/network', 'HOSTNAME',
'HOSTNAME={0}'.format(hostname))
shellutil.run("hostname {0}".format(hostname), chk_err=False)
def set_hostname(self, hostname):
"""
Set /etc/sysconfig/network
"""
fileutil.update_conf_file('/etc/sysconfig/network',
'HOSTNAME',
'HOSTNAME={0}'.format(hostname))
shellutil.run("hostname {0}".format(hostname), chk_err=False)
def gen_transport_cert(self, prv_file, crt_file):
"""
Create ssl certificate for https communication with endpoint server.
"""
cmd = ("{0} req -x509 -nodes -subj /CN=LinuxTransport -days 32768 "
"-newkey rsa:2048 -keyout {1} "
"-out {2}").format(self.openssl_cmd, prv_file, crt_file)
shellutil.run(cmd)
def reg_ssh_host_key(self):
keypair_type = conf.get_ssh_host_keypair_type()
if conf.get_regenerate_ssh_host_key():
shellutil.run("rm -f /etc/ssh/ssh_host_*key*")
shellutil.run(("ssh-keygen -N '' -t {0} -f /etc/ssh/ssh_host_{1}_key"
"").format(keypair_type, keypair_type))
thumbprint = self.get_ssh_host_key_thumbprint(keypair_type)
return thumbprint
def gen_transport_cert(self, prv_file, crt_file):
"""
Create ssl certificate for https communication with endpoint server.
"""
cmd = ("{0} req -x509 -nodes -subj /CN=LinuxTransport -days 32768 "
"-newkey rsa:2048 -keyout {1} "
"-out {2}").format(self.openssl_cmd, prv_file, crt_file)
shellutil.run(cmd)
def download(self):
self.logger.info("Download extension package")
self.set_operation(WALAEventOperation.Download)
if self.pkg is None:
raise ExtensionError("No package uri found")
package = None
for uri in self.pkg.uris:
try:
package = self.protocol.download_ext_handler_pkg(uri.uri)
except ProtocolError as e:
logger.warn("Failed download extension: {0}", e)
if package is None:
raise ExtensionError("Failed to download extension")
self.logger.info("Unpack extension package")
pkg_file = os.path.join(conf.get_lib_dir(),
os.path.basename(uri.uri) + ".zip")
try:
fileutil.write_file(pkg_file, bytearray(package), asbin=True)
zipfile.ZipFile(pkg_file).extractall(self.get_base_dir())
except IOError as e:
raise ExtensionError(u"Failed to write and unzip plugin", e)
chmod = "find {0} -type f | xargs chmod u+x".format(
self.get_base_dir())
shellutil.run(chmod)
self.report_event(message="Download succeeded")
self.logger.info("Initialize extension directory")
#Save HandlerManifest.json
man_file = fileutil.search_file(self.get_base_dir(),
'HandlerManifest.json')
if man_file is None:
raise ExtensionError("HandlerManifest.json not found")
try:
man = fileutil.read_file(man_file, remove_bom=True)
fileutil.write_file(self.get_manifest_file(), man)
except IOError as e:
raise ExtensionError(u"Failed to save HandlerManifest.json", e)
#Create status and config dir
try:
status_dir = self.get_status_dir()
fileutil.mkdir(status_dir, mode=0o700)
conf_dir = self.get_conf_dir()
fileutil.mkdir(conf_dir, mode=0o700)
except IOError as e:
raise ExtensionError(u"Failed to create status or config dir", e)
#Save HandlerEnvironment.json
self.create_handler_env()
def download(self):
self.logger.info("Download extension package")
self.set_operation(WALAEventOperation.Download)
if self.pkg is None:
raise ExtensionError("No package uri found")
package = None
for uri in self.pkg.uris:
try:
package = self.protocol.download_ext_handler_pkg(uri.uri)
except ProtocolError as e:
logger.warn("Failed download extension: {0}", e)
if package is None:
raise ExtensionError("Failed to download extension")
self.logger.info("Unpack extension package")
pkg_file = os.path.join(conf.get_lib_dir(),
os.path.basename(uri.uri) + ".zip")
try:
fileutil.write_file(pkg_file, bytearray(package), asbin=True)
zipfile.ZipFile(pkg_file).extractall(self.get_base_dir())
except IOError as e:
raise ExtensionError(u"Failed to write and unzip plugin", e)
chmod = "find {0} -type f | xargs chmod u+x".format(self.get_base_dir())
shellutil.run(chmod)
self.report_event(message="Download succeeded")
self.logger.info("Initialize extension directory")
#Save HandlerManifest.json
man_file = fileutil.search_file(self.get_base_dir(),
'HandlerManifest.json')
if man_file is None:
raise ExtensionError("HandlerManifest.json not found")
try:
man = fileutil.read_file(man_file, remove_bom=True)
fileutil.write_file(self.get_manifest_file(), man)
except IOError as e:
raise ExtensionError(u"Failed to save HandlerManifest.json", e)
#Create status and config dir
try:
status_dir = self.get_status_dir()
fileutil.mkdir(status_dir, mode=0o700)
conf_dir = self.get_conf_dir()
fileutil.mkdir(conf_dir, mode=0o700)
except IOError as e:
raise ExtensionError(u"Failed to create status or config dir", e)
#Save HandlerEnvironment.json
self.create_handler_env()
def del_account(self, username):
if self.is_sys_user(username):
logger.error("{0} is a system user. Will not delete it.", username)
shellutil.run("> /var/run/utmp")
shellutil.run("userdel -f -r " + username)
#Remove user from suders
if os.path.isfile("/etc/suders.d/waagent"):
try:
content = fileutil.read_file("/etc/sudoers.d/waagent")
sudoers = content.split("\n")
sudoers = [x for x in sudoers if username not in x]
fileutil.write_file("/etc/sudoers.d/waagent",
"\n".join(sudoers))
except IOError as e:
raise OSUtilError("Failed to remove sudoer: {0}".format(e))
def del_account(self, username):
if self.is_sys_user(username):
logger.error("{0} is a system user. Will not delete it.", username)
shellutil.run("> /var/run/utmp")
shellutil.run("userdel -f -r " + username)
#Remove user from suders
if os.path.isfile("/etc/suders.d/waagent"):
try:
content = fileutil.read_file("/etc/sudoers.d/waagent")
sudoers = content.split("\n")
sudoers = [x for x in sudoers if username not in x]
fileutil.write_file("/etc/sudoers.d/waagent",
"\n".join(sudoers))
except IOError as e:
raise OSUtilError("Failed to remove sudoer: {0}".format(e))
def set_selinux_context(self, path, con):
"""
Calls shell 'chcon' with 'path' and 'con' context.
Returns exit result.
"""
if self.is_selinux_system():
return shellutil.run('chcon ' + con + ' ' + path)
def set_selinux_context(self, path, con):
"""
Calls shell 'chcon' with 'path' and 'con' context.
Returns exit result.
"""
if self.is_selinux_system():
return shellutil.run('chcon ' + con + ' ' + path)
def save_customdata(self, ovfenv):
customdata = ovfenv.customdata
if customdata is None:
return
logger.info("Save custom data")
lib_dir = conf.get_lib_dir()
if conf.get_decode_customdata():
customdata= self.distro.osutil.decode_customdata(customdata)
customdata_file = os.path.join(lib_dir, CUSTOM_DATA_FILE)
fileutil.write_file(customdata_file, customdata)
if conf.get_execute_customdata():
logger.info("Execute custom data")
os.chmod(customdata_file, 0o700)
shellutil.run(customdata_file)
def route_add(self, net, mask, gateway):
"""
Add specified route using /sbin/route add -net.
"""
cmd = ("/sbin/route add -net "
"{0} netmask {1} gw {2}").format(net, mask, gateway)
return shellutil.run(cmd, chk_err=False)
def route_add(self, net, mask, gateway):
"""
Add specified route using /sbin/route add -net.
"""
cmd = ("/sbin/route add -net "
"{0} netmask {1} gw {2}").format(net, mask, gateway)
return shellutil.run(cmd, chk_err=False)
def set_selinux_enforce(self, state):
"""
Calls shell command 'setenforce' with 'state'
and returns resulting exit code.
"""
if self.is_selinux_system():
if state: s = '1'
else: s = '0'
return shellutil.run("setenforce " + s)
def is_atapiix_mod_loaded(self, max_retry=1):
for retry in range(0, max_retry):
ret = shellutil.run("lsmod | grep ata_piix", chk_err=False)
if ret == 0:
logger.info("Module driver for ATAPI CD-ROM is already present.")
return True
if retry < max_retry - 1:
time.sleep(1)
return False
def set_selinux_enforce(self, state):
"""
Calls shell command 'setenforce' with 'state'
and returns resulting exit code.
"""
if self.is_selinux_system():
if state: s = '1'
else: s='0'
return shellutil.run("setenforce "+s)
def is_selinux_system(self):
"""
Checks and sets self.selinux = True if SELinux is available on system.
"""
if self.selinux == None:
if shellutil.run("which getenforce", chk_err=False) == 0:
self.selinux = True
else:
self.selinux = False
return self.selinux
def is_selinux_system(self):
"""
Checks and sets self.selinux = True if SELinux is available on system.
"""
if self.selinux == None:
if shellutil.run("which getenforce", chk_err=False) == 0:
self.selinux = True
else:
self.selinux = False
return self.selinux
def is_atapiix_mod_loaded(self, max_retry=1):
for retry in range(0, max_retry):
ret = shellutil.run("lsmod | grep ata_piix", chk_err=False)
if ret == 0:
logger.info(
"Module driver for ATAPI CD-ROM is already present.")
return True
if retry < max_retry - 1:
time.sleep(1)
return False
def set_admin_access_to_ip(self, dest_ip):
#This allows root to access dest_ip
rm_old = "iptables -D OUTPUT -d {0} -j ACCEPT -m owner --uid-owner 0"
rule = "iptables -A OUTPUT -d {0} -j ACCEPT -m owner --uid-owner 0"
shellutil.run(rm_old.format(dest_ip), chk_err=False)
shellutil.run(rule.format(dest_ip))
#This blocks all other users to access dest_ip
rm_old = "iptables -D OUTPUT -d {0} -j DROP"
rule = "iptables -A OUTPUT -d {0} -j DROP"
shellutil.run(rm_old.format(dest_ip), chk_err=False)
shellutil.run(rule.format(dest_ip))
def set_admin_access_to_ip(self, dest_ip):
#This allows root to access dest_ip
rm_old= "iptables -D OUTPUT -d {0} -j ACCEPT -m owner --uid-owner 0"
rule = "iptables -A OUTPUT -d {0} -j ACCEPT -m owner --uid-owner 0"
shellutil.run(rm_old.format(dest_ip), chk_err=False)
shellutil.run(rule.format(dest_ip))
#This blocks all other users to access dest_ip
rm_old = "iptables -D OUTPUT -d {0} -j DROP"
rule = "iptables -A OUTPUT -d {0} -j DROP"
shellutil.run(rm_old.format(dest_ip), chk_err=False)
shellutil.run(rule.format(dest_ip))
def create_swap_space(self, mount_point, size_mb):
size_kb = size_mb * 1024
size = size_kb * 1024
swapfile = os.path.join(mount_point, 'swapfile')
swaplist = shellutil.run_get_output("swapon -s")[1]
if swapfile in swaplist and os.path.getsize(swapfile) == size:
logger.info("Swap already enabled")
return
if os.path.isfile(swapfile) and os.path.getsize(swapfile) != size:
logger.info("Remove old swap file")
shellutil.run("swapoff -a", chk_err=False)
os.remove(swapfile)
if not os.path.isfile(swapfile):
logger.info("Create swap file")
shellutil.run(("dd if=/dev/zero of={0} bs=1024 "
"count={1}").format(swapfile, size_kb))
shellutil.run("mkswap {0}".format(swapfile))
if shellutil.run("swapon {0}".format(swapfile)):
raise ResourceDiskError("{0}".format(swapfile))
logger.info("Enabled {0}KB of swap at {1}".format(size_kb, swapfile))
def create_swap_space(self, mount_point, size_mb):
size_kb = size_mb * 1024
size = size_kb * 1024
swapfile = os.path.join(mount_point, 'swapfile')
swaplist = shellutil.run_get_output("swapon -s")[1]
if swapfile in swaplist and os.path.getsize(swapfile) == size:
logger.info("Swap already enabled")
return
if os.path.isfile(swapfile) and os.path.getsize(swapfile) != size:
logger.info("Remove old swap file")
shellutil.run("swapoff -a", chk_err=False)
os.remove(swapfile)
if not os.path.isfile(swapfile):
logger.info("Create swap file")
shellutil.run(("dd if=/dev/zero of={0} bs=1024 "
"count={1}").format(swapfile, size_kb))
shellutil.run("mkswap {0}".format(swapfile))
if shellutil.run("swapon {0}".format(swapfile)):
raise ResourceDiskError("{0}".format(swapfile))
logger.info("Enabled {0}KB of swap at {1}".format(size_kb, swapfile))
def restart_if(self, iface):
shellutil.run("systemctl restart systemd-networkd")
def restart_ssh_service(self):
return shellutil.run("systemctl restart sshd", chk_err=False)
def remove_route_for_dhcp_broadcast(self, ifname):
shellutil.run("route del 255.255.255.255 dev {0}".format(ifname),
chk_err=False)
def unregister_agent_service(self):
return shellutil.run("systemctl disable waagent", chk_err=False)
def start_network(self):
return shellutil.run("/sbin/service networking start", chk_err=False)
def start_agent_service(self):
return shellutil.run("/sbin/service waagent start", chk_err=False)
def unregister_agent_service(self):
return shellutil.run("/sbin/insserv -r waagent", chk_err=False)
def publish_hostname(self, hostname):
"""
Restart NetworkManager first before publishing hostname
"""
shellutil.run("service NetworkManager restart")
super(RedhatOSUtil, self).publish_hostname(hostname)
def restart_ssh_service(self):
return shellutil.run("/sbin/service sshd restart", chk_err=False)
def start_agent_service(self):
return shellutil.run("/sbin/service waagent start", chk_err=False)
def start_network(self) :
return shellutil.run("/sbin/service start network", chk_err=False)
def start_dhcp_service(self):
cmd = "/sbin/service {0} start".format(self.dhclient_name)
return shellutil.run(cmd, chk_err=False)
def set_hostname(self, hostname):
fileutil.write_file('/etc/HOSTNAME', hostname)
shellutil.run("hostname {0}".format(hostname), chk_err=False)
def start_dhcp_service(self):
return shellutil.run("systemctl start systemd-networkd", chk_err=False)
def start_dhcp_service(self):
cmd = "systemctl start {0}".format(self.dhclient_name)
return shellutil.run(cmd, chk_err=False)
def stop_agent_service(self):
return shellutil.run("systemctl stop wagent", chk_err=False)
def start_network(self) :
return shellutil.run("systemctl start network", chk_err=False)
def unregister_agent_service(self):
return shellutil.run("systemctl disable waagent", chk_err=False)
def restart_ssh_service(self):
return shellutil.run("systemctl restart sshd", chk_err=False)
def restart_ssh_service(self):
return shellutil.run("/sbin/service sshd condrestart", chk_err=False)
def mount_resource_disk(self, mount_point, fs):
device = self.distro.osutil.device_for_ide_port(1)
if device is None:
raise ResourceDiskError("unable to detect disk topology")
device = "/dev/" + device
mountlist = shellutil.run_get_output("mount")[1]
existing = self.distro.osutil.get_mount_point(mountlist, device)
if (existing):
logger.info("Resource disk {0}1 is already mounted", device)
return existing
fileutil.mkdir(mount_point, mode=0o755)
logger.info("Detect GPT...")
partition = device + "1"
ret = shellutil.run_get_output("parted {0} print".format(device))
if ret[0]:
raise ResourceDiskError("({0}) {1}".format(device, ret[1]))
if "gpt" in ret[1]:
logger.info("GPT detected")
logger.info("Get GPT partitions")
parts = [
x for x in ret[1].split("\n") if re.match("^\s*[0-9]+", x)
]
logger.info("Found more than {0} GPT partitions.", len(parts))
if len(parts) > 1:
logger.info("Remove old GPT partitions")
for i in range(1, len(parts) + 1):
logger.info("Remove partition: {0}", i)
shellutil.run("parted {0} rm {1}".format(device, i))
logger.info(
"Create a new GPT partition using entire disk space")
shellutil.run(
"parted {0} mkpart primary 0% 100%".format(device))
logger.info("Format partition: {0} with fstype {1}", partition,
fs)
shellutil.run("mkfs." + fs + " " + partition + " -F")
else:
logger.info("GPT not detected")
logger.info("Check fstype")
ret = shellutil.run_get_output("sfdisk -q -c {0} 1".format(device))
if ret[1].rstrip() == "7" and fs != "ntfs":
logger.info("The partition is formatted with ntfs")
logger.info("Format partition: {0} with fstype {1}", partition,
fs)
shellutil.run("sfdisk -c {0} 1 83".format(device))
shellutil.run("mkfs." + fs + " " + partition + " -F")
logger.info("Mount resource disk")
ret = shellutil.run("mount {0} {1}".format(partition, mount_point),
chk_err=False)
if ret:
logger.warn("Failed to mount resource disk. Retry mounting")
shellutil.run("mkfs." + fs + " " + partition + " -F")
ret = shellutil.run("mount {0} {1}".format(partition, mount_point))
if ret:
raise ResourceDiskError("({0}) {1}".format(partition, ret))
logger.info("Resource disk ({0}) is mounted at {1} with fstype {2}",
device, mount_point, fs)
return mount_point
def unregister_agent_service(self):
return shellutil.run("chkconfig --del waagent", chk_err=False)
def remove_route_for_dhcp_broadcast(self, ifname):
shellutil.run("route del 255.255.255.255 dev {0}".format(ifname),
chk_err=False)
def start_agent_service(self):
return shellutil.run("systemctl start waagent", chk_err=False)
def set_route_for_dhcp_broadcast(self, ifname):
return shellutil.run("route add 255.255.255.255 dev {0}".format(ifname),
chk_err=False)
def restart_if(self, ifname):
shellutil.run("ifdown {0} && ifup {1}".format(ifname, ifname))
def restart_if(self, ifname):
shellutil.run("ifdown {0} && ifup {1}".format(ifname, ifname))
