def commit(self): nfsv4 = storage.NFSv4() nfsv4.domain(domain) fs.Config().persist(nfsv4.configfilename) system.service("rpcidmapd", "restart") process.check_call("nfsidmap -c")
def commit(self): action = "restart" if enabled else "stop" try: system.service("ovirt-cim", action) self.logger.debug("Configured CIM successfully") except RuntimeError: raise TransactionError("CIM configuration failed")
def enable_puppet(self): cfg = Puppet().retrieve() conf = File("/etc/puppet/puppet.conf") conf_builder = "" for line in conf: try: item = re.match(r'^#?\s+(\w+) =', line).group(1) if item in cfg and cfg[item] is not '': if re.match(r'^#.*', line): line = re.sub(r'^#', '', line) conf_builder += re.sub(r'(^.*?' + item + ' =).*', r'\1 "' + cfg[item] + '"', line) else: conf_builder += line except: conf_builder += line conf.write(conf_builder, "w") fs.Config().persist("/etc/puppet/puppet.conf") try: system.service("puppet", "stop") utils.process.pipe("puppet agent --waitforcert 60 " "--test", shell=True, check=True) system.service("puppet", "start") fs.Config().persist("/var/lib/puppet") except: self.logger.debug("Couldn't start puppet agent", exc_info=True) raise RuntimeError("Synchronization with the puppet master timed " "out.\nCheck whether a certificate is waiting " "for signing on the master or a certificate " "for this hostname already exists and needs to" " be revoked.")
def disable_snmpd(): system.service("snmpd", "stop") # copy to /tmp for enable/disable toggles w/o reboot process.check_call(["cp", "/etc/snmp/snmpd.conf", "/tmp"]) process.check_call("sed -c -ie '/^createUser root/d' %s" % snmp_conf, shell=True) fs.Config().unpersist(snmp_conf)
def enable_snmpd(password): from ovirtnode.ovirtfunctions import ovirt_store_config system.service("snmpd", "stop") # get old password # if os.path.exists("/tmp/snmpd.conf"): conf = "/tmp/snmpd.conf" else: conf = snmp_conf cmd = "cat %s|grep createUser|awk '{print $4}'" % conf oldpwd, stderr = process.pipe(cmd) oldpwd = oldpwd.stdout.read().strip() process.call("sed -c -ie '/^createUser root/d' %s" % snmp_conf) f = open(snmp_conf, "a") # create user account f.write("createUser root SHA %s AES\n" % password) f.close() system.service("snmpd", "start") # change existing password if len(oldpwd) > 0: pwd_change_cmd = (("snmpusm -v 3 -u root -n \"\" -l authNoPriv -a " + "SHA -A %s localhost passwd %s %s -x AES") % (oldpwd, oldpwd, password)) process.check_call(pwd_change_cmd) # Only reached when no excepion occurs process.call("rm -rf /tmp/snmpd.conf") ovirt_store_config(snmp_conf)
def enable_puppet(self): cfg = Puppet().retrieve() conf = File("/etc/puppet/puppet.conf") conf_builder = "" for line in conf: try: item = re.match(r'^#?\s+(\w+) =', line).group(1) if item in cfg and cfg[item] is not '': if re.match(r'^#.*', line): line = re.sub(r'^#', '', line) conf_builder += re.sub(r'(^.*?' + item + ' =).*', r'\1 "' + cfg[item] + '"', line) else: conf_builder += line except: conf_builder += line conf.write(conf_builder, "w") fs.Config().persist("/etc/puppet/puppet.conf") system.service("puppet", "stop") utils.process.check_call("puppet agent --waitforcert 60 --test", shell=True) system.service("puppet", "start") fs.Config().persist("/var/lib/puppet")
def commit(self): self.logger.info("Connecting to Puppet server") cfg = Puppet().retrieve() conf = File("/etc/puppet/puppet.conf") conf_builder = "" for line in conf: try: item = re.match(r'^#?\s+(\w+) =', line).group(1) if item in cfg and cfg[item] is not '': if re.match(r'^#.*', line): line = re.sub(r'^#', '', line) conf_builder += re.sub(r'(^.*?' + item + ' =).*', r'\1 "' + cfg[item] + '"', line) else: conf_builder += line except: conf_builder += line conf.write(conf_builder, "w") fs.Config().persist("/etc/puppet/puppet.conf") system.service("puppet", "stop") utils.process.check_call("puppet agent --waitforcert 60 --test", shell=True) system.service("puppet", "start")
def enable_snmpd(password): def change_password(oldpwd): system.service("snmpd", "start") pwd_change_cmd = (("snmpusm -v 3 -u root -n \"\" -l authNoPriv " + "-a SHA -A %s localhost passwd %s %s -x AES") % (oldpwd, oldpwd, password)) process.check_call(pwd_change_cmd, shell=True) # Only reached when no excepion occurs process.call(["rm", "-rf", "/tmp/snmpd.conf"]) # Check for an old password if os.path.exists("/tmp/snmpd.conf"): conf = "/tmp/snmpd.conf" else: conf = snmp_conf cmd = "cat %s | grep createUser | grep -v '^#' | awk '{print $4}'" % conf oldpwd = process.pipe(cmd, shell=True).strip() if len(oldpwd) > 0: change_password(oldpwd) else: system.service("snmpd", "stop") # create user account process.check_call(["net-snmp-create-v3-user", "-A", password, "-a", "SHA", "-x", "AES", "root"]) system.service("snmpd", "start") fs.Config().persist(snmp_dir) firewall.open_port(port="161", proto="udp")
def disable_snmpd(): from ovirtnode.ovirtfunctions import remove_config system.service("snmpd", "stop") # copy to /tmp for enable/disable toggles w/o reboot process.check_call("cp /etc/snmp/snmpd.conf /tmp") process.check_call("sed -c -ie '/^createUser root/d' %s" % snmp_conf) remove_config(snmp_conf)
def change_password(oldpwd): system.service("snmpd", "start") pwd_change_cmd = (("snmpusm -v 3 -u root -n \"\" -l authNoPriv " + "-a SHA -A %s localhost passwd %s %s -x AES") % (oldpwd, oldpwd, password)) process.check_call(pwd_change_cmd, shell=True) # Only reached when no excepion occurs process.call(["rm", "-rf", "/tmp/snmpd.conf"])
def commit(self): from ovirtnode.ovirtfunctions import remove_config remove_config("/etc/kdump.conf") system.service("kdump", "stop") fs.File('/etc/kdump.conf').touch() self.backups.remove()
def commit(self): def check_for_errors(smreg_output): mapping = {"Invalid credentials": "Invalid username" "/password combination", "already been taken": "This hostname is " "already registered", "Organization": "Organization must be " "specified with " "Satellite 6"} for k, v in mapping.items(): if k in smreg_output: raise RuntimeError(v) # Fallthrough raise RuntimeError("Registration Failed") self.logger.info("Registering with subscription-manager") self.logger.info(Vars.argbuilder.get_commandlist(string=True, filtered=True) ) # This may block if waiting for input with check_output. # pipe doesn't block smreg_output = process.pipe( Vars.argbuilder.get_commandlist()) if "been registered" not in smreg_output: check_for_errors(smreg_output) # If we made it down here, we registered successfully else: system.service("rhsmcertd", "start") configs = ["/var/lib/rhsm/cache/installed_products.json", "/var/lib/rhsm/facts/facts.json"] for conf in configs: Config().persist(conf) Config().persist("/etc/pki/consumer/key.pem") Config().persist("/etc/pki/consumer/cert.pem") if cfg["url"]: self.logger.info("System %s successfully " "registered to %s" % (cfg["profile"], cfg["url"])) else: self.logger.info("System %s successfully " "registered to SAM" % cfg["profile"]) # This isn't strictly necessary if RHN().retrieve()["activationkey"]: cmd = ["subscription-manager", "auto-attach"] try: process.check_call(cmd) except process.CalledProcessError: raise RuntimeError("Registration succeded, but " "there was a problem while " "auto-attaching with the " "provided key")
def is_firewalld_started(): """Check if firewalld is started """ is_started = False try: system.service("firewalld", "status") is_started = True except Exception as e: LOGGER.debug("Firewalld service status: %s" % e) return is_started
def ovirt_netconsole(server, port): _functions.augtool("set", \ "/files/etc/sysconfig/netconsole/SYSLOGADDR", server) _functions.augtool("set", \ "/files/etc/sysconfig/netconsole/SYSLOGPORT", port) try: system.service("netconsole", "restart") except: raise RuntimeError("Failed to restart netconsole service. " "Is the host resolvable?") if _functions.ovirt_store_config("/etc/sysconfig/netconsole"): logger.info("Netconsole Configuration Updated") return True
def enable_snmpd(password): system.service("snmpd", "stop") # get old password # if os.path.exists("/tmp/snmpd.conf"): conf = "/tmp/snmpd.conf" else: conf = snmp_conf cmd = "cat %s|grep createUser| grep -v '^#' | awk '{print $4}'" % conf oldpwd = process.pipe(cmd, shell=True).strip() # change existing password if len(oldpwd) > 0: system.service("snmpd", "start") pwd_change_cmd = (("snmpusm -v 3 -u root -n \"\" -l authNoPriv -a " + "SHA -A %s localhost passwd %s %s -x AES") % (oldpwd, oldpwd, password)) process.check_call(pwd_change_cmd, shell=True) # Only reached when no excepion occurs process.call(["rm", "-rf", "/tmp/snmpd.conf"]) system.service("snmpd", "stop") if not any([x for x in open('/etc/snmp/snmpd.conf').readlines() if 'rwuser root' in x]): with open('/etc/snmp/snmpd.conf', 'a') as f: f.write("rwuser root") fs.Config().persist("/etc/snmp/snmpd.conf") cfg = fs.File(snmp_conf) # create user account cfg.write("createUser root SHA %s AES\n" % password) system.service("snmpd", "start") fs.Config().persist(snmp_conf) firewall.open_port(port="161", proto="udp")
def disable_puppet(self): item_args = ["server", "certname"] conf = File("/etc/puppet/puppet.conf") conf_builder = "" for line in conf: for item in item_args: line = re.sub(r'(^.*?' + item + ' =).*', r'#\1 "' '"', line) if item in line else line conf_builder += line conf.write(conf_builder, "w") fs.Config().persist("/etc/puppet/puppet.conf") system.service("puppet", "stop") Puppet().clear()
def disable_puppet(self): item_args = ["server", "certname"] conf = File("/etc/puppet/puppet.conf") conf_builder = "" for line in conf: for item in item_args: line = re.sub(r'(^.*?' + item + ' =).*', r'#\1 "''"', line) if item in line else line conf_builder += line conf.write(conf_builder, "w") fs.Config().persist("/etc/puppet/puppet.conf") system.service("puppet", "stop") Puppet().clear()
def commit(self): from ovirtnode.ovirtfunctions import unmount_config, \ ovirt_store_config try: system.service("kdump", "restart") except utils.process.CalledProcessError as e: self.logger.info("Failure while restarting kdump: %s" % e) unmount_config("/etc/kdump.conf") self.backups.restore("/etc/kdump.conf") system.service("kdump", "restart") raise RuntimeError("KDump configuration failed, " + "location unreachable. Previous " + "configuration was restored.") ovirt_store_config("/etc/kdump.conf") self.backups.remove()
def commit(self): self.logger.info("Connecting to Puppet server") cfg = Puppet().retrieve() lines = File("/etc/puppet/puppet.conf").read() conf = File("/etc/puppet/puppet.conf", "w") for line in lines: try: item = re.match(r'^\s+(\w+) =', line).group(1) if item in cfg: conf.write(re.sub(r'(^.*?' + item + ' =).*', r'\1 "' + cfg[item] + '"', line)) except: conf.write(line) system.service("puppet", "stop") utils.process.check_call("puppet agent --test") system.service("puppet", "start")
def commit(self): self.logger.info("Connecting to Puppet server") cfg = Puppet().retrieve() lines = File("/etc/puppet/puppet.conf").read() conf = File("/etc/puppet/puppet.conf") for line in lines: try: item = re.match(r'^\s+(\w+) =', line).group(1) if item in cfg: conf.write( re.sub(r'(^.*?' + item + ' =).*', r'\1 "' + cfg[item] + '"', line)) except: conf.write(line) system.service("puppet", "stop") utils.process.check_call("puppet agent --test", shell=True) system.service("puppet", "start")
def enable_snmpd(password): system.service("snmpd", "stop") # get old password # if os.path.exists("/tmp/snmpd.conf"): conf = "/tmp/snmpd.conf" else: conf = snmp_conf cmd = "cat %s|grep createUser| grep -v '^#' | awk '{print $4}'" % conf oldpwd = process.pipe(cmd, shell=True).strip() process.call("sed -c -ie '/^createUser root/d' %s" % snmp_conf, shell=True) f = open(snmp_conf, "a") # create user account f.write("createUser root SHA %s AES\n" % password) f.close() # change existing password if len(oldpwd) > 0: system.service("snmpd", "start") pwd_change_cmd = (("snmpusm -v 3 -u root -n \"\" -l authNoPriv -a " + "SHA -A %s localhost passwd %s %s -x AES") % (oldpwd, oldpwd, password)) process.check_call(pwd_change_cmd, shell=True) # Only reached when no excepion occurs process.call(["rm", "-rf", "/tmp/snmpd.conf"]) system.service("snmpd", "stop") fs.Config().persist(snmp_conf) if not any([ x for x in open('/etc/snmp/snmpd.conf').readlines() if 'rwuser root' in x ]): with open('/etc/snmp/snmpd.conf', 'a') as f: f.write("rwuser root") fs.Config().persist("/etc/snmp/snmpd.conf") system.service("snmpd", "start")
def do_services(cmd, services): with console.CaptureOutput(): for name in services: system.service(name, cmd, False)
def restart(self): self.logger.debug("Restarting SSH") system.service("sshd", "restart")
def commit(self): def check_for_errors(smreg_output): mapping = {"Invalid credentials": "Invalid username" "/password combination", "already been taken": "This hostname is " "already registered", "Organization": "Organization not found " "on Satellite 6"} for k, v in mapping.items(): if k in smreg_output: raise RuntimeError(v) # Fallthrough raise RuntimeError("Registration Failed") self.logger.info("Registering with subscription-manager") self.logger.info(Vars.argbuilder.get_commandlist(string=True, filtered=True) ) # This may block if waiting for input with check_output. # pipe doesn't block smreg_output = process.pipe( Vars.argbuilder.get_commandlist()) if "been registered" not in smreg_output: check_for_errors(smreg_output) # If we made it down here, we registered successfully else: # Truncate the classic rhn cron job in favor of RHSM rhn_cronjob = "/etc/cron.d/rhn-virtualization.cron" with open(rhn_cronjob, "w"): pass Config().persist(rhn_cronjob) system.service("rhsmcertd", "start") configs = ["/var/lib/rhsm/cache/installed_products.json", "/var/lib/rhsm/facts/facts.json"] for conf in configs: Config().persist(conf) Config().persist("/etc/pki/consumer/key.pem") Config().persist("/etc/pki/consumer/cert.pem") if cfg["url"]: self.logger.info("System %s successfully " "registered to %s" % (cfg["profile"], cfg["url"])) else: self.logger.info("System %s successfully " "registered to RHSM" % cfg["profile"]) # This isn't strictly necessary if RHN().retrieve()["activationkey"]: cmd = ["subscription-manager", "auto-attach"] try: process.check_call(cmd) except process.CalledProcessError: raise RuntimeError("Registration succeded, but " "there was a problem while " "auto-attaching with the " "provided key")
def commit(self): system.service("ntpd", "stop", False) system.service("ntpdate", "start", False) system.service("ntpd", "start", False)