Example #1
0
    def parse(self, args):
        tg = super().parse(args)

        if tg.iface:
            if not network.wait_for_network_devices([tg.iface]):
                raise KickstartParseError(lineno=self.lineno,
                        msg=_("Network interface \"%(nic)s\" required by iSCSI \"%(iscsiTarget)s\" target is not up.") %
                             {"nic": tg.iface, "iscsiTarget": tg.target})

        mode = blivet.iscsi.iscsi.mode
        if mode == "none":
            if tg.iface:
                network_proxy = NETWORK.get_proxy()
                activated_ifaces = network_proxy.GetActivatedInterfaces()
                blivet.iscsi.iscsi.create_interfaces(activated_ifaces)
        elif ((mode == "bind" and not tg.iface)
              or (mode == "default" and tg.iface)):
            raise KickstartParseError(lineno=self.lineno,
                    msg=_("iscsi --iface must be specified (binding used) either for all targets or for none"))

        try:
            blivet.iscsi.iscsi.add_target(tg.ipaddr, tg.port, tg.user,
                                          tg.password, tg.user_in,
                                          tg.password_in,
                                          target=tg.target,
                                          iface=tg.iface)
            iscsi_log.info("added iscsi target %s at %s via %s", tg.target, tg.ipaddr, tg.iface)
        except (IOError, ValueError) as e:
            raise KickstartParseError(lineno=self.lineno, msg=str(e))

        return tg
Example #2
0
def initialize_network():
    """Initialize networking."""
    if not conf.system.can_configure_network:
        return

    network_proxy = NETWORK.get_proxy()

    msg = "Initialization started."
    log.debug(msg)
    network_proxy.LogConfigurationState(msg)

    log.debug("Devices found: %s",
              [dev.device_name for dev in get_supported_devices()])

    run_network_initialization_task(network_proxy.ConsolidateInitramfsConnectionsWithTask())
    run_network_initialization_task(network_proxy.ApplyKickstartWithTask())
    run_network_initialization_task(network_proxy.DumpMissingIfcfgFilesWithTask())
    run_network_initialization_task(network_proxy.SetRealOnbootValuesFromKickstartWithTask())

    if network_proxy.Hostname == DEFAULT_HOSTNAME:
        bootopts_hostname = hostname_from_cmdline(flags.cmdline)
        if bootopts_hostname:
            log.debug("Updating host name from boot options: %s", bootopts_hostname)
            network_proxy.SetHostname(bootopts_hostname)

    # Create device configuration tracking in the module.
    # It will be used to generate kickstart from persistent network configuration
    # managed by NM (ifcfgs) and updated by NM signals on device configuration
    # changes.
    log.debug("Creating network configurations.")
    network_proxy.CreateDeviceConfigurations()

    log.debug("Initialization finished.")
Example #3
0
def download_escrow_certificate(url):
    """Download the escrow certificate.

    :param url: an URL of the certificate
    :return: a content of the certificate
    """
    # Do we need a network connection?
    if not url.startswith("/") and not url.startswith("file:"):
        network_proxy = NETWORK.get_proxy()

        if not network_proxy.Connected:
            raise KickstartError(_("Escrow certificate %s requires the network.") % url)

    # Download the certificate.
    log.info("Downloading an escrow certificate from: %s", url)

    try:
        request = util.requests_session().get(url, verify=True)
    except requests.exceptions.SSLError as e:
        raise KickstartError(_("SSL error while downloading the escrow certificate:\n\n%s") % e)
    except requests.exceptions.RequestException as e:
        raise KickstartError(_("The following error was encountered while downloading the "
                               "escrow certificate:\n\n%s") % e)

    try:
        certificate = request.content
    finally:
        request.close()

    return certificate
    def revert_changes(self, ksdata, storage):
        """:see: RuleHander.revert_changes"""
        firewall_proxy = NETWORK.get_proxy(FIREWALL)

        if self._firewall_enabled is not None:
            firewall_proxy.SetFirewallMode(self._firewall_default_state)

        # remove all services this handler added
        all_services = firewall_proxy.EnabledServices
        orig_services = set(all_services).difference(self._new_services_to_add)
        firewall_proxy.SetEnabledServices(list(orig_services))

        # remove all ports this handler added
        all_ports = firewall_proxy.EnabledPorts
        orig_ports = set(all_ports).difference(self._new_ports_to_add)
        firewall_proxy.SetEnabledPorts(list(orig_ports))

        # remove all trusts this handler added
        all_trusts = firewall_proxy.Trusts
        orig_trusts = set(all_trusts).difference(self._new_trusts_to_add)
        firewall_proxy.SetTrusts(list(orig_trusts))

        # remove all services this handler excluded
        all_services = firewall_proxy.DisabledServices
        orig_services = set(all_services).difference(self._new_services_to_remove)
        firewall_proxy.SetDisabledServices(list(orig_services))

        self._added_svcs = set()
        self._added_ports = set()
        self._added_trusts = set()
        self._removed_svcs = set()
        self._firewall_enabled = None
        self._firewall_default_state = None
Example #5
0
    def _discover(self, credentials, bind):
        # This needs to be in its own thread, not marked with gtk_action_* because it's
        # called from on_start_clicked, which is in the GTK main loop.  Those decorators
        # won't do anything special in that case.
        if not self.iscsi.initiator_set:
            self.iscsi.initiator = credentials.initiator

        # interfaces created here affect nodes that iscsi.discover would return
        if self.iscsi.mode == "none" and not bind:
            self.iscsi.delete_interfaces()
        elif (self.iscsi.mode == "bind"
              or self.iscsi.mode == "none" and bind):
            network_proxy = NETWORK.get_proxy()
            activated = set(network_proxy.GetActivatedInterfaces())
            # The only place iscsi.ifaces is modified is create_interfaces(),
            # right below, so iteration is safe.
            created = set(self.iscsi.ifaces.values())
            self.iscsi.create_interfaces(activated - created)

        try:
            self._discoveredNodes = self.iscsi.discover(credentials.targetIP,
                                                        username=credentials.username,
                                                        password=credentials.password,
                                                        r_username=credentials.rUsername,
                                                        r_password=credentials.rPassword)
        except SafeDBusError as e:
            self._discoveryError = str(e).split(':')[-1]
            return

        if len(self._discoveredNodes) == 0:
            self._discoveryError = "No nodes discovered."
Example #6
0
def run_network_initialization_task(task_path):
    """Run network initialization task and log the result."""
    task_proxy = NETWORK.get_proxy(task_path)
    log.debug("Running task %s", task_proxy.Name)
    sync_run_task(task_proxy)
    result = task_proxy.GetResult()
    msg = "%s result: %s" % (task_proxy.Name, result)
    log.debug(msg)
Example #7
0
def get_supported_devices():
    """Get existing network devices supported by the installer.

    :return: basic information about the devices
    :rtype: list(NetworkDeviceInfo)
    """
    network_proxy = NETWORK.get_proxy()
    return NetworkDeviceInfo.from_structure_list(network_proxy.GetSupportedDevices())
Example #8
0
    def execute(self, payload):
        fcoe_proxy = STORAGE.get_proxy(FCOE)
        fcoe_nics = fcoe_proxy.GetNics()
        fcoe_ifaces = [dev.device_name for dev in network.get_supported_devices()
                       if dev.device_name in fcoe_nics]
        overwrite = network.can_overwrite_configuration(payload)
        network_proxy = NETWORK.get_proxy()
        task_path = network_proxy.InstallNetworkWithTask(util.getSysroot(),
                                                         fcoe_ifaces,
                                                         overwrite)
        task_proxy = NETWORK.get_proxy(task_path)
        sync_run_task(task_proxy)

        if conf.system.can_change_hostname:
            hostname = network_proxy.Hostname
            if hostname != network.DEFAULT_HOSTNAME:
                network_proxy.SetCurrentHostname(hostname)
Example #9
0
def get_interface_hw_address(iface):
    """Get hardware address of network interface."""
    network_proxy = NETWORK.get_proxy()
    device_infos = NetworkDeviceInfo.from_structure_list(network_proxy.GetSupportedDevices())

    for info in device_infos:
        if info.device_name == iface:
            return info.hw_address
    return ""
Example #10
0
 def __init__(self, data, storage, payload, instclass):
     NormalTUISpoke.__init__(self, data, storage, payload, instclass)
     self.title = N_("Network configuration")
     self._network_module = NETWORK.get_observer()
     self._network_module.connect()
     self._container = None
     self._value = self._network_module.proxy.Hostname
     self.supported_devices = []
     self.errors = []
     self._apply = False
Example #11
0
    def refresh(self):
        self._nicCombo.remove_all()

        network_proxy = NETWORK.get_proxy()
        ethernet_devices = [NetworkDeviceInfo.from_structure(device)
                            for device in network_proxy.GetSupportedDevices()
                            if device['device-type'] == NM.DeviceType.ETHERNET]
        for dev_info in ethernet_devices:
            self._nicCombo.append_text("%s - %s" % (dev_info.device_name, dev_info.hw_address))

        self._nicCombo.set_active(0)
Example #12
0
def wait_for_network_devices(devices, timeout=constants.NETWORK_CONNECTION_TIMEOUT):
    """Wait for network devices to be activated with a connection."""
    devices = set(devices)
    i = 0
    log.debug("waiting for connection of devices %s for iscsi", devices)
    while i < timeout:
        network_proxy = NETWORK.get_proxy()
        activated_devices = network_proxy.GetActivatedInterfaces()
        if not devices - set(activated_devices):
            return True
        i += 1
        time.sleep(1)
    return False
Example #13
0
    def _get_hostname(self):
        """Return a hostname."""
        ignored_hostnames = {None, "", 'localhost', 'localhost.localdomain'}

        network_proxy = NETWORK.get_proxy()
        hostname = network_proxy.Hostname

        if hostname in ignored_hostnames:
            hostname = network_proxy.GetCurrentHostname()

        if hostname in ignored_hostnames:
            hostname = None

        return hostname
Example #14
0
    def __init__(self, *args):
        NormalSpoke.__init__(self, *args)

        # taking values from the kickstart file?
        self._kickstarted = flags.flags.automatedInstall

        self._update_datetime_timer = None
        self._start_updating_timer = None
        self._shown = False
        self._tz = None

        self._timezone_module = TIMEZONE.get_observer()
        self._timezone_module.connect()
        self._network_module = NETWORK.get_observer()
        self._network_module.connect()
Example #15
0
    def __init__(self, data, storage, payload):
        NormalTUISpoke.__init__(self, data, storage, payload)
        self.title = N_("Network configuration")
        self._network_module = NETWORK.get_observer()
        self._network_module.connect()

        self.nm_client = network.get_nm_client()
        if not self.nm_client and conf.system.provides_system_bus:
            self.nm_client = NM.Client.new(None)

        self._container = None
        self.hostname = self._network_module.proxy.Hostname
        self.editable_configurations = []
        self.errors = []
        self._apply = False
Example #16
0
    def execute(self):
        args = []

        firewall_proxy = NETWORK.get_proxy(FIREWALL)
        # If --use-system-defaults was passed then the user wants
        # whatever was provided by the rpms or ostree to be the
        # default, do nothing.
        if firewall_proxy.FirewallMode == FIREWALL_USE_SYSTEM_DEFAULTS:
            firewall_log.info("ks file instructs to use system defaults for "
                              "firewall, skipping configuration.")
            return

        # enabled is None if neither --enable or --disable is passed
        # default to enabled if nothing has been set.
        if firewall_proxy.FirewallMode == FIREWALL_DISABLED:
            args += ["--disabled"]
        else:
            args += ["--enabled"]

        ssh_service_not_enabled = "ssh" not in firewall_proxy.EnabledServices
        ssh_service_not_disabled = "ssh" not in firewall_proxy.DisabledServices
        ssh_port_not_enabled = "22:tcp" not in firewall_proxy.EnabledPorts

        # always enable SSH unless the service is explicitely disabled
        if ssh_service_not_enabled and ssh_service_not_disabled and ssh_port_not_enabled:
            args += ["--service=ssh"]

        for dev in firewall_proxy.Trusts:
            args += ["--trust=%s" % (dev,)]

        for port in firewall_proxy.EnabledPorts:
            args += ["--port=%s" % (port,)]

        for remove_service in firewall_proxy.DisabledServices:
            args += ["--remove-service=%s" % (remove_service,)]

        for service in firewall_proxy.EnabledServices:
            args += ["--service=%s" % (service,)]

        cmd = "/usr/bin/firewall-offline-cmd"
        if not os.path.exists(util.getSysroot() + cmd):
            if firewall_proxy.FirewallMode == FIREWALL_ENABLED:
                msg = _("%s is missing. Cannot setup firewall.") % (cmd,)
                raise KickstartError(msg)
        else:
            util.execInSysroot(cmd, args)
Example #17
0
def dracut_setup_args(network_storage_device):
    """Dracut cmdline arguments needed to access network storage device."""

    target_ip = network_storage_device.host_address

    if network_storage_device.nic == "default" or ":" in network_storage_device.nic:
        if getattr(network_storage_device, 'ibft', False):
            nic = ibft_iface()
        else:
            nic = iface_for_host_ip(target_ip)
        if not nic:
            return ""
    else:
        nic = network_storage_device.nic

    network_proxy = NETWORK.get_proxy()
    netargs = network_proxy.GetDracutArguments(nic, target_ip, "")

    return netargs
Example #18
0
def wait_for_connected_NM(timeout=constants.NETWORK_CONNECTION_TIMEOUT, only_connecting=False):
    """Wait for NM being connected.

    If only_connecting is set, wait only if NM is in connecting state and
    return immediately after leaving this state (regardless of the new state).
    Used to wait for dhcp configuration in progress.

    :param timeout: timeout in seconds
    :type timeout: int
    :parm only_connecting: wait only for the result of NM being connecting
    :type only_connecting: bool
    :return: NM is connected
    :rtype: bool
    """

    network_proxy = NETWORK.get_proxy()
    if network_proxy.Connected:
        return True

    if only_connecting:
        if network_proxy.IsConnecting():
            log.debug("waiting for connecting NM (dhcp in progress?), timeout=%d", timeout)
        else:
            return False
    else:
        log.debug("waiting for connected NM, timeout=%d", timeout)

    i = 0
    while i < timeout:
        i += constants.NETWORK_CONNECTED_CHECK_INTERVAL
        time.sleep(constants.NETWORK_CONNECTED_CHECK_INTERVAL)
        if network_proxy.Connected:
            log.debug("NM connected, waited %d seconds", i)
            return True
        elif only_connecting:
            if not network_proxy.IsConnecting():
                break

    log.debug("NM not connected, waited %d seconds", i)
    return False
Example #19
0
def check_vnc_can_be_started(anaconda):
    """Check if we can start VNC in the current environment.

    :returns: if VNC can be started and list of possible reasons
              why VNC can't be started
    :rtype: (boot, list)
    """

    error_messages = []
    vnc_startup_possible = True

    # disable VNC over text question when not enough memory is available
    if blivet.util.total_memory() < isys.MIN_GUI_RAM:
        error_messages.append("Not asking for VNC because current memory (%d) < MIN_GUI_RAM (%d)" %
                              (blivet.util.total_memory(), isys.MIN_GUI_RAM))
        vnc_startup_possible = False

    # disable VNC question if text mode is requested and this is a ks install
    if anaconda.tui_mode and flags.automatedInstall:
        error_messages.append("Not asking for VNC because of an automated install")
        vnc_startup_possible = False

    # disable VNC question if we were explicitly asked for text in kickstart
    if anaconda.ksdata.displaymode.displayMode == DISPLAY_MODE_TEXT:
        error_messages.append("Not asking for VNC because text mode was explicitly asked for in kickstart")
        vnc_startup_possible = False

    # disable VNC question if we don't have network
    network_proxy = NETWORK.get_proxy()
    if not network_proxy.IsConnecting() and not network_proxy.Connected:
        error_messages.append("Not asking for VNC because we don't have a network")
        vnc_startup_possible = False

    # disable VNC question if we don't have Xvnc
    if not os.access('/usr/bin/Xvnc', os.X_OK):
        error_messages.append("Not asking for VNC because we don't have Xvnc")
        vnc_startup_possible = False

    return vnc_startup_possible, error_messages
Example #20
0
    def eval_rules(self, ksdata, storage, report_only=False):
        """:see: RuleHandler.eval_rules"""

        firewall_proxy = NETWORK.get_proxy(FIREWALL)
        messages = []

        if self._firewall_default_state is None:
            # firewall default startup setting
            self._firewall_default_state = firewall_proxy.FirewallMode

        if self._firewall_enabled is False:
            msg = _("Firewall will be disabled on startup")
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))
            if not report_only:
                firewall_proxy.SetFirewallMode(FIREWALL_DISABLED)

        elif self._firewall_enabled is True:
            msg = _("Firewall will be enabled on startup")
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))
            if not report_only:
                firewall_proxy.SetFirewallMode(FIREWALL_ENABLED)

        # add messages for the already added services
        for svc in self._added_svcs:
            msg = _(
                "service '%s' has been added to the list of services to be "
                "added to the firewall" % svc)
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))

        # add messages for the already added ports
        for port in self._added_ports:
            msg = _("port '%s' has been added to the list of ports to be "
                    "added to the firewall" % port)
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))

        # add messages for the already added trusts
        for trust in self._added_trusts:
            msg = _("trust '%s' has been added to the list of trusts to be "
                    "added to the firewall" % trust)
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))

        # services, that should be added
        self._new_services_to_add = {
            svc
            for svc in self._add_svcs
            if svc not in firewall_proxy.EnabledServices
        }

        # ports, that should be added
        self._new_ports_to_add = {
            ports
            for ports in self._add_ports
            if ports not in firewall_proxy.EnabledPorts
        }

        # trusts, that should be added
        self._new_trusts_to_add = {
            trust
            for trust in self._add_trusts if trust not in firewall_proxy.Trusts
        }

        for svc in self._new_services_to_add:
            # add the service unless already added
            if not report_only:
                self._added_svcs.add(svc)

            msg = _(
                "service '%s' has been added to the list of services to be "
                "added to the firewall" % svc)
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))
        if not report_only:
            all_services = list(
                self._add_svcs.union(set(firewall_proxy.EnabledServices)))
            firewall_proxy.SetEnabledServices(all_services)

        for port in self._new_ports_to_add:
            # add the port unless already added
            if not report_only:
                self._added_ports.add(port)

            msg = _("port '%s' has been added to the list of ports to be "
                    "added to the firewall" % port)
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))
        if not report_only:
            all_ports = list(
                self._add_ports.union(set(firewall_proxy.EnabledPorts)))
            firewall_proxy.SetEnabledPorts(all_ports)

        for trust in self._new_trusts_to_add:
            # add the trust unless already added
            if not report_only:
                self._added_trusts.add(trust)

            msg = _("trust '%s' has been added to the list of trusts to be "
                    "added to the firewall" % trust)
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))
        if not report_only:
            all_trusts = list(
                self._add_trusts.union(set(firewall_proxy.Trusts)))
            firewall_proxy.SetTrusts(all_trusts)

        # now do the same for the services that should be excluded

        # add messages for the already excluded services
        for svc in self._removed_svcs:
            msg = _(
                "service '%s' has been added to the list of services to be "
                "removed from the firewall" % svc)
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))

        # services, that should be excluded
        self._new_services_to_remove = {
            svc
            for svc in self._remove_svcs
            if svc not in firewall_proxy.DisabledServices
        }

        for svc in self._new_services_to_remove:
            # exclude the service unless already excluded
            if not report_only:
                self._removed_svcs.add(svc)

            msg = _(
                "service '%s' has been added to the list of services to be "
                "removed from the firewall" % svc)
            messages.append(
                RuleMessage(self.__class__, common.MESSAGE_TYPE_INFO, msg))
        if not report_only:
            all_services = list(
                self._remove_svcs.union(set(firewall_proxy.DisabledServices)))
            firewall_proxy.SetDisabledServices(all_services)

        return messages
Example #21
0
 def __str__(self):
     network_proxy = NETWORK.get_proxy()
     return network_proxy.GenerateKickstart()
Example #22
0
 def _initialize_network(self):
     log.debug("initializing network")
     network_proxy = NETWORK.get_proxy()
     network_proxy.CreateDeviceConfigurations()
Example #23
0
 def setup(self):
     firewall_proxy = NETWORK.get_proxy(FIREWALL)
     if firewall_proxy.FirewallKickstarted:
         self.packages = ["firewalld"]
Example #24
0
    def _set_storage_boot_args(self, storage):
        """Set the storage boot args."""
        fcoe_proxy = STORAGE.get_proxy(FCOE)
        iscsi_proxy = STORAGE.get_proxy(ISCSI)

        # FIPS
        boot_device = storage.mountpoints.get("/boot")
        if kernel_arguments.get("fips") == "1" and boot_device:
            self.boot_args.add("boot=%s" % self.stage2_device.fstab_spec)

        # Storage
        dracut_devices = [storage.root_device]
        if self.stage2_device != storage.root_device:
            dracut_devices.append(self.stage2_device)

        swap_devices = storage.fsset.swap_devices
        dracut_devices.extend(swap_devices)

        # Add resume= option to enable hibernation on x86.
        # Choose the largest swap device for that.
        if blivet.arch.is_x86() and swap_devices:
            resume_device = max(swap_devices, key=lambda x: x.size)
            self.boot_args.add("resume=%s" % resume_device.fstab_spec)

        # Does /usr have its own device? If so, we need to tell dracut
        usr_device = storage.mountpoints.get("/usr")
        if usr_device:
            dracut_devices.extend([usr_device])

        netdevs = [d for d in storage.devices \
                   if (getattr(d, "complete", True) and
                       isinstance(d, NetworkStorageDevice))]

        rootdev = storage.root_device
        if any(rootdev.depends_on(netdev) for netdev in netdevs):
            dracut_devices = set(dracut_devices)
            # By this time this thread should be the only one running, and also
            # mountpoints is a property function that returns a new dict every
            # time, so iterating over the values is safe.
            for dev in storage.mountpoints.values():
                if any(dev.depends_on(netdev) for netdev in netdevs):
                    dracut_devices.add(dev)

        done = []
        for device in dracut_devices:
            for dep in storage.devices:
                if dep in done:
                    continue

                if device != dep and not device.depends_on(dep):
                    continue

                if isinstance(dep, blivet.devices.FcoeDiskDevice):
                    setup_args = fcoe_proxy.GetDracutArguments(dep.nic)
                elif isinstance(dep, blivet.devices.iScsiDiskDevice):
                    # (partial) offload devices do not need setup in dracut
                    if not dep.offload:
                        node = _get_iscsi_node_from_device(dep)
                        setup_args = iscsi_proxy.GetDracutArguments(
                            Node.to_structure(node))
                else:
                    setup_args = dep.dracut_setup_args()

                if not setup_args:
                    continue

                self.boot_args.update(setup_args)
                self.dracut_args.update(setup_args)
                done.append(dep)

                # network configuration arguments
                if isinstance(dep, NetworkStorageDevice):
                    network_proxy = NETWORK.get_proxy()
                    network_args = []
                    ibft = False
                    nic = ""
                    if isinstance(dep, blivet.devices.iScsiDiskDevice):
                        if dep.iface == "default" or ":" in dep.iface:
                            node = _get_iscsi_node_from_device(dep)
                            if iscsi_proxy.IsNodeFromIbft(
                                    Node.to_structure(node)):
                                ibft = True
                            else:
                                nic = iface_for_host_ip(dep.host_address)
                        else:
                            nic = iscsi_proxy.GetInterface(dep.iface)
                    else:
                        nic = dep.nic
                    if nic or ibft:
                        network_args = network_proxy.GetDracutArguments(
                            nic, dep.host_address, "", ibft)

                    self.boot_args.update(network_args)
                    self.dracut_args.update(network_args)

        # This is needed for FCoE, bug #743784. The case:
        # We discover LUN on an iface which is part of multipath setup.
        # If the iface is disconnected after discovery anaconda doesn't
        # write dracut ifname argument for the disconnected iface path
        # (in NETWORK.GetDracutArguments).
        # Dracut needs the explicit ifname= because biosdevname
        # fails to rename the iface (because of BFS booting from it).
        for nic in fcoe_proxy.GetNics():
            hwaddr = get_interface_hw_address(nic)
            if hwaddr:
                self.boot_args.add("ifname=%s:%s" % (nic, hwaddr.lower()))

        # Add rd.iscsi.firmware to trigger dracut running iscsistart
        # See rhbz#1099603 and rhbz#1185792
        if len(glob("/sys/firmware/iscsi_boot*")) > 0:
            self.boot_args.add("rd.iscsi.firmware")
Example #25
0
        flags.rescue_mode = True

    # reboot with kexec
    if ksdata.reboot.kexec:
        flags.kexec = True

    # Some kickstart commands must be executed immediately, as they affect
    # how anaconda operates.
    ksdata.logging.execute()

    anaconda.ksdata = ksdata

    # setup network module mode depending on anaconda runtime environment
    if not can_touch_runtime_system("setup network module mode"):
        from pyanaconda.modules.common.constants.services import NETWORK
        network_proxy = NETWORK.get_proxy()
        network_proxy.DontTouchRuntimeSystem()
        log.debug("Network module set up to not touch runtime system")

    # setup keyboard layout from the command line option and let
    # it override from kickstart if/when X is initialized

    from pyanaconda.modules.common.constants.services import LOCALIZATION
    localization_proxy = LOCALIZATION.get_proxy()

    configured = any(
        (localization_proxy.Keyboard, localization_proxy.VirtualConsoleKeymap,
         localization_proxy.XLayouts))

    if opts.keymap and not configured:
        localization_proxy.SetKeyboard(opts.keymap)
Example #26
0
 def setup(self):
     firewall_proxy = NETWORK.get_proxy(FIREWALL)
     if firewall_proxy.FirewallKickstarted:
         self.packages = ["firewalld"]
Example #27
0
 def __str__(self):
     network_proxy = NETWORK.get_proxy()
     return network_proxy.GenerateKickstart()
Example #28
0
def doConfiguration(storage, payload, ksdata):
    """Configure the installed system."""

    configuration_queue = TaskQueue("Configuration queue")
    # connect progress reporting
    configuration_queue.queue_started.connect(lambda x: progress_message(x.status_message))
    configuration_queue.task_completed.connect(lambda x: progress_step(x.name))

    # schedule the execute methods of ksdata that require an installed system to be present
    os_config = TaskQueue("Installed system configuration", N_("Configuring installed system"))
    os_config.append(Task("Configure authselect", ksdata.authselect.execute))

    security_proxy = SECURITY.get_proxy()
    security_dbus_tasks = security_proxy.InstallWithTasks(util.getSysroot())
    # add one Task instance per DBUS task
    for dbus_task in security_dbus_tasks:
        task_proxy = SECURITY.get_proxy(dbus_task)
        os_config.append(Task(task_proxy.Name, sync_run_task, (task_proxy,)))

    services_proxy = SERVICES.get_proxy()
    services_dbus_tasks = services_proxy.InstallWithTasks(util.getSysroot())
    # add one Task instance per DBUS task
    for dbus_task in services_dbus_tasks:
        task_proxy = SERVICES.get_proxy(dbus_task)
        os_config.append(Task(task_proxy.Name, sync_run_task, (task_proxy,)))

    os_config.append(Task("Configure keyboard", ksdata.keyboard.execute))
    os_config.append(Task("Configure timezone", ksdata.timezone.execute))

    localization_proxy = LOCALIZATION.get_proxy()
    localization_dbus_tasks = localization_proxy.InstallWithTasks(util.getSysroot())
    # add one Task instance per DBUS task
    for dbus_task in localization_dbus_tasks:
        task_proxy = LOCALIZATION.get_proxy(dbus_task)
        os_config.append(Task(task_proxy.Name, sync_run_task, (task_proxy,)))

    firewall_proxy = NETWORK.get_proxy(FIREWALL)
    firewall_dbus_task = firewall_proxy.InstallWithTask(util.getSysroot())
    task_proxy = NETWORK.get_proxy(firewall_dbus_task)
    os_config.append(Task(task_proxy.Name, sync_run_task, (task_proxy,)))

    os_config.append(Task("Configure X", ksdata.xconfig.execute))
    configuration_queue.append(os_config)

    # schedule network configuration (if required)
    if conf.system.provides_network_config:
        network_config = TaskQueue("Network configuration", N_("Writing network configuration"))
        network_config.append(Task("Network configuration",
                                   ksdata.network.execute, (payload, )))
        configuration_queue.append(network_config)

    # creating users and groups requires some pre-configuration.
    user_config = TaskQueue("User creation", N_("Creating users"))

    users_proxy = USERS.get_proxy()
    users_dbus_tasks = users_proxy.InstallWithTasks(util.getSysroot())
    # add one Task instance per DBUS task
    for dbus_task in users_dbus_tasks:
        task_proxy = USERS.get_proxy(dbus_task)
        user_config.append(Task(task_proxy.Name, sync_run_task, (task_proxy,)))
    configuration_queue.append(user_config)

    # Anaconda addon configuration
    addon_config = TaskQueue("Anaconda addon configuration", N_("Configuring addons"))
    # there is no longer a User class & addons should no longer need it
    # FIXME: drop user class parameter from the API & all known addons
    addon_config.append(Task("Configure Anaconda addons", ksdata.addons.execute, (storage, ksdata, None, payload)))
    configuration_queue.append(addon_config)

    # Initramfs generation
    generate_initramfs = TaskQueue("Initramfs generation", N_("Generating initramfs"))
    generate_initramfs.append(Task("Generate initramfs", payload.recreate_initrds))

    # This works around 2 problems, /boot on BTRFS and BTRFS installations where the initrd is
    # recreated after the first writeBootLoader call. This reruns it after the new initrd has
    # been created, fixing the kernel root and subvol args and adding the missing initrd entry.
    boot_on_btrfs = isinstance(storage.mountpoints.get("/"), BTRFSDevice)

    bootloader_proxy = STORAGE.get_proxy(BOOTLOADER)
    bootloader_enabled = bootloader_proxy.BootloaderMode != BOOTLOADER_DISABLED

    if isinstance(payload, LiveImagePayload) and boot_on_btrfs and bootloader_enabled:
        generate_initramfs.append(Task("Write BTRFS bootloader fix", write_boot_loader, (storage, payload)))

    # Invoking zipl should be the last thing done on a s390x installation (see #1652727).
    if arch.is_s390() and not conf.target.is_directory and bootloader_enabled:
        generate_initramfs.append(Task("Rerun zipl", lambda: util.execInSysroot("zipl", [])))

    configuration_queue.append(generate_initramfs)

    # join a realm (if required)
    if ksdata.realm.discovered:
        join_realm = TaskQueue("Realm join", N_("Joining realm: %s") % ksdata.realm.discovered)
        join_realm.append(Task("Join a realm", ksdata.realm.execute))
        configuration_queue.append(join_realm)

    post_scripts = TaskQueue("Post installation scripts", N_("Running post-installation scripts"))
    post_scripts.append(Task("Run post installation scripts", runPostScripts, (ksdata.scripts,)))
    configuration_queue.append(post_scripts)

    # setup kexec reboot if requested
    if flags.flags.kexec:
        kexec_setup = TaskQueue("Kexec setup", N_("Setting up kexec"))
        kexec_setup.append(Task("Setup kexec", setup_kexec))
        configuration_queue.append(kexec_setup)

    # write anaconda related configs & kickstarts
    write_configs = TaskQueue("Write configs and kickstarts", N_("Storing configuration files and kickstarts"))

    # Write the kickstart file to the installed system (or, copy the input
    # kickstart file over if one exists).
    if flags.flags.nosave_output_ks:
        # don't write the kickstart file to the installed system if this has
        # been disabled by the nosave option
        log.warning("Writing of the output kickstart to installed system has been disabled"
                    " by the nosave option.")
    else:
       # write anaconda related configs & kickstarts
        write_configs.append(Task("Store kickstarts", _writeKS, (ksdata,)))

    # only add write_configs to the main queue if we actually store some kickstarts/configs
    if write_configs.task_count:
        configuration_queue.append(write_configs)

    # notify progress tracking about the number of steps
    progress_init(configuration_queue.task_count)
    # log contents of the main task queue
    log.info(configuration_queue.summary)

    # log tasks and queues when they are started
    # - note that we are using generators to add the counter
    queue_counter = util.item_counter(configuration_queue.queue_count)
    task_started_counter = util.item_counter(configuration_queue.task_count)
    task_completed_counter = util.item_counter(configuration_queue.task_count)
    configuration_queue.queue_started.connect(lambda x: log.info("Queue started: %s (%s)", x.name, next(queue_counter)))
    configuration_queue.task_started.connect(lambda x: log.info("Task started: %s (%s)", x.name, next(task_started_counter)))
    configuration_queue.task_completed.connect(lambda x: log.debug("Task completed: %s (%s) (%1.1f s)",
                                                                   x.name, next(task_completed_counter),
                                                                   x.elapsed_time))
    # start the task queue
    configuration_queue.start()
    # done
    progress_complete()
Example #29
0
def _prepare_configuration(payload, ksdata):
    """Configure the installed system."""

    configuration_queue = TaskQueue("Configuration queue")
    # connect progress reporting
    configuration_queue.queue_started.connect(
        lambda x: progress_message(x.status_message))
    configuration_queue.task_completed.connect(lambda x: progress_step(x.name))

    # schedule the execute methods of ksdata that require an installed system to be present
    os_config = TaskQueue("Installed system configuration",
                          N_("Configuring installed system"))

    # add installation tasks for the Security DBus module
    security_proxy = SECURITY.get_proxy()
    security_dbus_tasks = security_proxy.InstallWithTasks()
    os_config.append_dbus_tasks(SECURITY, security_dbus_tasks)

    # add installation tasks for the Services DBus module
    services_proxy = SERVICES.get_proxy()
    services_dbus_tasks = services_proxy.InstallWithTasks()
    os_config.append_dbus_tasks(SERVICES, services_dbus_tasks)

    # add installation tasks for the Timezone DBus module
    timezone_proxy = TIMEZONE.get_proxy()
    timezone_dbus_tasks = timezone_proxy.InstallWithTasks()
    os_config.append_dbus_tasks(TIMEZONE, timezone_dbus_tasks)

    # add installation tasks for the Localization DBus module
    localization_proxy = LOCALIZATION.get_proxy()
    localization_dbus_tasks = localization_proxy.InstallWithTasks()
    os_config.append_dbus_tasks(LOCALIZATION, localization_dbus_tasks)

    # add the Firewall configuration task
    firewall_proxy = NETWORK.get_proxy(FIREWALL)
    firewall_dbus_task = firewall_proxy.InstallWithTask()
    os_config.append_dbus_tasks(NETWORK, [firewall_dbus_task])

    configuration_queue.append(os_config)

    # schedule network configuration (if required)
    if conf.system.provides_network_config:
        overwrite = payload.type in PAYLOAD_LIVE_TYPES
        network_config = TaskQueue("Network configuration",
                                   N_("Writing network configuration"))
        network_config.append(
            Task("Network configuration", network.write_configuration,
                 (overwrite, )))
        configuration_queue.append(network_config)

    # add installation tasks for the Users DBus module
    user_config = TaskQueue("User creation", N_("Creating users"))
    users_proxy = USERS.get_proxy()
    users_dbus_tasks = users_proxy.InstallWithTasks()
    os_config.append_dbus_tasks(USERS, users_dbus_tasks)
    configuration_queue.append(user_config)

    # Anaconda addon configuration
    addon_config = TaskQueue("Anaconda addon configuration",
                             N_("Configuring addons"))

    # there is no longer a User class & addons should no longer need it
    # FIXME: drop user class parameter from the API & all known addons
    addon_config.append(
        Task("Configure Anaconda addons", ksdata.addons.execute,
             (None, ksdata, None, payload)))

    boss_proxy = BOSS.get_proxy()
    addon_config.append_dbus_tasks(BOSS, [boss_proxy.InstallSystemWithTask()])

    configuration_queue.append(addon_config)

    # Initramfs generation
    generate_initramfs = TaskQueue("Initramfs generation",
                                   N_("Generating initramfs"))
    generate_initramfs.append(
        Task("Generate initramfs", payload.recreate_initrds))

    # This works around 2 problems, /boot on BTRFS and BTRFS installations where the initrd is
    # recreated after the first writeBootLoader call. This reruns it after the new initrd has
    # been created, fixing the kernel root and subvol args and adding the missing initrd entry.
    bootloader_proxy = STORAGE.get_proxy(BOOTLOADER)

    if payload.type in PAYLOAD_LIVE_TYPES:
        btrfs_task = bootloader_proxy.FixBTRFSWithTask(
            payload.kernel_version_list)
        generate_initramfs.append_dbus_tasks(STORAGE, [btrfs_task])

    # Invoking zipl should be the last thing done on a s390x installation (see #1652727).
    zipl_task = bootloader_proxy.FixZIPLWithTask()
    generate_initramfs.append_dbus_tasks(STORAGE, [zipl_task])
    configuration_queue.append(generate_initramfs)

    # realm join
    # - this can run only after network is configured in the target system chroot
    configuration_queue.append_dbus_tasks(SECURITY,
                                          [security_proxy.JoinRealmWithTask()])

    post_scripts = TaskQueue("Post installation scripts",
                             N_("Running post-installation scripts"))
    post_scripts.append(
        Task("Run post installation scripts", runPostScripts,
             (ksdata.scripts, )))
    configuration_queue.append(post_scripts)

    # setup kexec reboot if requested
    if flags.flags.kexec:
        kexec_setup = TaskQueue("Kexec setup", N_("Setting up kexec"))
        kexec_setup.append(Task("Setup kexec", setup_kexec))
        configuration_queue.append(kexec_setup)

    # write anaconda related configs & kickstarts
    write_configs = TaskQueue("Write configs and kickstarts",
                              N_("Storing configuration files and kickstarts"))

    # Write the kickstart file to the installed system (or, copy the input
    # kickstart file over if one exists).
    if flags.flags.nosave_output_ks:
        # don't write the kickstart file to the installed system if this has
        # been disabled by the nosave option
        log.warning(
            "Writing of the output kickstart to installed system has been disabled"
            " by the nosave option.")
    else:
        # write anaconda related configs & kickstarts
        write_configs.append(Task("Store kickstarts", _writeKS, (ksdata, )))

    # only add write_configs to the main queue if we actually store some kickstarts/configs
    if write_configs.task_count:
        configuration_queue.append(write_configs)

    return configuration_queue
    def eval_rules(self, ksdata, storage, report_only=False):
        """:see: RuleHandler.eval_rules"""

        firewall_proxy = NETWORK.get_proxy(FIREWALL)
        messages = []

        if self._firewall_default_state is None:
            # firewall default startup setting
            self._firewall_default_state = firewall_proxy.FirewallMode

        if self._firewall_enabled is False:
            msg = _("Firewall will be disabled on startup")
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))
            if not report_only:
                firewall_proxy.SetFirewallMode(FIREWALL_DISABLED)

        elif self._firewall_enabled is True:
            msg = _("Firewall will be enabled on startup")
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))
            if not report_only:
                firewall_proxy.SetFirewallMode(FIREWALL_ENABLED)

        # add messages for the already added services
        for svc in self._added_svcs:
            msg = _("service '%s' has been added to the list of services to be "
                    "added to the firewall" % svc)
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))

        # add messages for the already added ports
        for port in self._added_ports:
            msg = _("port '%s' has been added to the list of ports to be "
                    "added to the firewall" % port)
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))

        # add messages for the already added trusts
        for trust in self._added_trusts:
            msg = _("trust '%s' has been added to the list of trusts to be "
                    "added to the firewall" % trust)
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))

        # services, that should be added
        self._new_services_to_add = {
            svc for svc in self._add_svcs
            if svc not in firewall_proxy.EnabledServices}

        # ports, that should be added
        self._new_ports_to_add = {
            ports for ports in self._add_ports
            if ports not in firewall_proxy.EnabledPorts}

        # trusts, that should be added
        self._new_trusts_to_add = {
            trust for trust in self._add_trusts
            if trust not in firewall_proxy.Trusts}

        for svc in self._new_services_to_add:
            # add the service unless already added
            if not report_only:
                self._added_svcs.add(svc)

            msg = _("service '%s' has been added to the list of services to be "
                    "added to the firewall" % svc)
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))
        if not report_only:
            all_services = list(self._add_svcs.union(set(firewall_proxy.EnabledServices)))
            firewall_proxy.SetEnabledServices(all_services)

        for port in self._new_ports_to_add:
            # add the port unless already added
            if not report_only:
                self._added_ports.add(port)

            msg = _("port '%s' has been added to the list of ports to be "
                    "added to the firewall" % port)
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))
        if not report_only:
            all_ports = list(self._add_ports.union(set(firewall_proxy.EnabledPorts)))
            firewall_proxy.SetEnabledPorts(all_ports)

        for trust in self._new_trusts_to_add:
            # add the trust unless already added
            if not report_only:
                self._added_trusts.add(trust)

            msg = _("trust '%s' has been added to the list of trusts to be "
                    "added to the firewall" % trust)
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))
        if not report_only:
            all_trusts = list(self._add_trusts.union(set(firewall_proxy.Trusts)))
            firewall_proxy.SetTrusts(all_trusts)

        # now do the same for the services that should be excluded

        # add messages for the already excluded services
        for svc in self._removed_svcs:
            msg = _("service '%s' has been added to the list of services to be "
                    "removed from the firewall" % svc)
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))

        # services, that should be excluded
        self._new_services_to_remove = {
            svc for svc in self._remove_svcs
            if svc not in firewall_proxy.DisabledServices}

        for svc in self._new_services_to_remove:
            # exclude the service unless already excluded
            if not report_only:
                self._removed_svcs.add(svc)

            msg = _("service '%s' has been added to the list of services to be "
                    "removed from the firewall" % svc)
            messages.append(RuleMessage(self.__class__,
                                        common.MESSAGE_TYPE_INFO, msg))
        if not report_only:
            all_services = list(self._remove_svcs.union(set(firewall_proxy.DisabledServices)))
            firewall_proxy.SetDisabledServices(all_services)

        return messages
Example #31
0
    def _apply(self):
        # Do not execute sections that were part of the original
        # anaconda kickstart file (== have .seen flag set)

        log.info("applying changes")

        services_proxy = SERVICES.get_proxy()
        reconfig_mode = services_proxy.SetupOnBoot == SETUP_ON_BOOT_RECONFIG

        # data.selinux
        # data.firewall

        # Configure the timezone.
        timezone_proxy = TIMEZONE.get_proxy()
        for task_path in timezone_proxy.InstallWithTasks():
            task_proxy = TIMEZONE.get_proxy(task_path)
            sync_run_task(task_proxy)

        # Configure the localization.
        localization_proxy = LOCALIZATION.get_proxy()
        for task_path in localization_proxy.InstallWithTasks():
            task_proxy = LOCALIZATION.get_proxy(task_path)
            sync_run_task(task_proxy)

        # Configure persistent hostname
        network_proxy = NETWORK.get_proxy()
        network_task = network_proxy.ConfigureHostnameWithTask(True)
        task_proxy = NETWORK.get_proxy(network_task)
        sync_run_task(task_proxy)
        # Set current hostname
        network_proxy.SetCurrentHostname(network_proxy.Hostname)

        # Configure groups, users & root account
        #
        # NOTE: We only configure groups, users & root account if the respective
        #       kickstart commands are *not* seen in the input kickstart.
        #       This basically means that we will configure only what was
        #       set in the Initial Setup UI and will not attempt to configure
        #       anything that looks like it was configured previously in
        #       the Anaconda UI or installation kickstart.
        users_proxy = USERS.get_proxy()

        if self._groups_already_configured and not reconfig_mode:
            log.debug("skipping user group configuration - already configured")
        elif users_proxy.Groups:  # only run of there are some groups to create
            groups_task = users_proxy.ConfigureGroupsWithTask()
            task_proxy = USERS.get_proxy(groups_task)
            log.debug("configuring user groups via %s task", task_proxy.Name)
            sync_run_task(task_proxy)

        if self._users_already_configured and not reconfig_mode:
            log.debug("skipping user configuration - already configured")
        elif users_proxy.Users:  # only run if there are some users to create
            users_task = users_proxy.ConfigureUsersWithTask()
            task_proxy = USERS.get_proxy(users_task)
            log.debug("configuring users via %s task", task_proxy.Name)
            sync_run_task(task_proxy)

        if self._root_password_already_configured and not reconfig_mode:
            log.debug(
                "skipping root password configuration - already configured")
        else:
            root_task = users_proxy.SetRootPasswordWithTask()
            task_proxy = USERS.get_proxy(root_task)
            log.debug("configuring root password via %s task", task_proxy.Name)
            sync_run_task(task_proxy)

        # Configure all addons
        log.info("executing addons")
        boss_proxy = BOSS.get_proxy()
        for service_name, object_path in boss_proxy.CollectInstallSystemTasks(
        ):
            task_proxy = DBus.get_proxy(service_name, object_path)
            sync_run_task(task_proxy)

        if self.external_reconfig:
            # prevent the reconfig flag from being written out
            # to kickstart if neither /etc/reconfigSys or /.unconfigured
            # are present
            services_proxy = SERVICES.get_proxy()
            services_proxy.SetSetupOnBoot(SETUP_ON_BOOT_DEFAULT)

        # Write the kickstart data to file
        log.info("writing the Initial Setup kickstart file %s",
                 OUTPUT_KICKSTART_PATH)
        with open(OUTPUT_KICKSTART_PATH, "w") as f:
            f.write(str(self.data))
        log.info("finished writing the Initial Setup kickstart file")

        # Remove the reconfig files, if any - otherwise the reconfig mode
        # would start again next time the Initial Setup service is enabled.
        if self.external_reconfig:
            for reconfig_file in RECONFIG_FILES:
                if os.path.exists(reconfig_file):
                    log.debug("removing reconfig trigger file: %s" %
                              reconfig_file)
                    os.remove(reconfig_file)

        # and we are done with applying changes
        log.info("all changes have been applied")
Example #32
0
def _prepare_configuration(payload, ksdata):
    """Configure the installed system."""

    configuration_queue = TaskQueue("Configuration queue")
    # connect progress reporting
    configuration_queue.queue_started.connect(
        lambda x: progress_message(x.status_message))
    configuration_queue.task_completed.connect(lambda x: progress_step(x.name))

    # add installation tasks for the Subscription DBus module
    if is_module_available(SUBSCRIPTION):
        # we only run the tasks if the Subscription module is available
        subscription_config = TaskQueue("Subscription configuration",
                                        N_("Configuring Red Hat subscription"))
        subscription_proxy = SUBSCRIPTION.get_proxy()
        subscription_dbus_tasks = subscription_proxy.InstallWithTasks()
        subscription_config.append_dbus_tasks(SUBSCRIPTION,
                                              subscription_dbus_tasks)
        configuration_queue.append(subscription_config)

    # schedule the execute methods of ksdata that require an installed system to be present
    os_config = TaskQueue("Installed system configuration",
                          N_("Configuring installed system"))

    # add installation tasks for the Security DBus module
    if is_module_available(SECURITY):
        security_proxy = SECURITY.get_proxy()
        security_dbus_tasks = security_proxy.InstallWithTasks()
        os_config.append_dbus_tasks(SECURITY, security_dbus_tasks)

    # add installation tasks for the Timezone DBus module
    # run these tasks before tasks of the Services module
    if is_module_available(TIMEZONE):
        timezone_proxy = TIMEZONE.get_proxy()
        timezone_dbus_tasks = timezone_proxy.InstallWithTasks()
        os_config.append_dbus_tasks(TIMEZONE, timezone_dbus_tasks)

    # add installation tasks for the Services DBus module
    if is_module_available(SERVICES):
        services_proxy = SERVICES.get_proxy()
        services_dbus_tasks = services_proxy.InstallWithTasks()
        os_config.append_dbus_tasks(SERVICES, services_dbus_tasks)

    # add installation tasks for the Localization DBus module
    if is_module_available(LOCALIZATION):
        localization_proxy = LOCALIZATION.get_proxy()
        localization_dbus_tasks = localization_proxy.InstallWithTasks()
        os_config.append_dbus_tasks(LOCALIZATION, localization_dbus_tasks)

    # add the Firewall configuration task
    if conf.target.can_configure_network:
        firewall_proxy = NETWORK.get_proxy(FIREWALL)
        firewall_dbus_task = firewall_proxy.InstallWithTask()
        os_config.append_dbus_tasks(NETWORK, [firewall_dbus_task])

    configuration_queue.append(os_config)

    # schedule network configuration (if required)
    if conf.target.can_configure_network and conf.system.provides_network_config:
        overwrite = payload.type in PAYLOAD_LIVE_TYPES
        network_config = TaskQueue("Network configuration",
                                   N_("Writing network configuration"))
        network_config.append(
            Task("Network configuration", network.write_configuration,
                 (overwrite, )))
        configuration_queue.append(network_config)

    # add installation tasks for the Users DBus module
    if is_module_available(USERS):
        user_config = TaskQueue("User creation", N_("Creating users"))
        users_proxy = USERS.get_proxy()
        users_dbus_tasks = users_proxy.InstallWithTasks()
        user_config.append_dbus_tasks(USERS, users_dbus_tasks)
        configuration_queue.append(user_config)

    # Anaconda addon configuration
    addon_config = TaskQueue("Anaconda addon configuration",
                             N_("Configuring addons"))

    boss_proxy = BOSS.get_proxy()
    for service_name, object_path in boss_proxy.CollectInstallSystemTasks():
        task_proxy = DBus.get_proxy(service_name, object_path)
        addon_config.append(DBusTask(task_proxy))

    configuration_queue.append(addon_config)

    # Initramfs generation
    generate_initramfs = TaskQueue("Initramfs generation",
                                   N_("Generating initramfs"))
    bootloader_proxy = STORAGE.get_proxy(BOOTLOADER)

    def run_generate_initramfs():
        tasks = bootloader_proxy.GenerateInitramfsWithTasks(
            payload.type, payload.kernel_version_list)

        for task in tasks:
            sync_run_task(STORAGE.get_proxy(task))

    generate_initramfs.append(
        Task("Generate initramfs", run_generate_initramfs))
    configuration_queue.append(generate_initramfs)

    if is_module_available(SECURITY):
        security_proxy = SECURITY.get_proxy()

        # Configure FIPS.
        configuration_queue.append_dbus_tasks(
            SECURITY, [security_proxy.ConfigureFIPSWithTask()])

        # Join a realm. This can run only after network is configured in the target system chroot.
        configuration_queue.append_dbus_tasks(
            SECURITY, [security_proxy.JoinRealmWithTask()])

    # setup kexec reboot if requested
    if flags.flags.kexec:
        kexec_setup = TaskQueue("Kexec setup", N_("Setting up kexec"))
        kexec_setup.append(Task("Setup kexec", setup_kexec))
        configuration_queue.append(kexec_setup)

    # write anaconda related configs & kickstarts
    write_configs = TaskQueue("Write configs and kickstarts",
                              N_("Storing configuration files and kickstarts"))

    # Write the kickstart file to the installed system (or, copy the input
    # kickstart file over if one exists).
    if conf.target.can_save_output_kickstart:
        # write anaconda related configs & kickstarts
        write_configs.append(Task("Store kickstarts", _writeKS, (ksdata, )))
    else:
        # don't write the kickstart file to the installed system if this has
        # been disabled by the nosave option
        log.warning(
            "Writing of the output kickstart to installed system has been disabled"
            " by the nosave option.")

    # only add write_configs to the main queue if we actually store some kickstarts/configs
    if write_configs.task_count:
        configuration_queue.append(write_configs)

    post_scripts = TaskQueue("Post installation scripts",
                             N_("Running post-installation scripts"))
    post_scripts.append(
        Task("Run post installation scripts", runPostScripts,
             (ksdata.scripts, )))
    configuration_queue.append(post_scripts)

    boss_proxy = BOSS.get_proxy()
    copy_logs = TaskQueue("Copy logs", N_("Copying logs"))
    logs_task = boss_proxy.CopyLogsWithTask()
    copy_logs.append_dbus_tasks(BOSS, [logs_task])
    configuration_queue.append(copy_logs)

    return configuration_queue