def __init__(self, is_cobblerd=False): """ Constructor """ # FIXME: this should be switchable through some simple system self.__dict__ = BootAPI.__shared_state self.perms_ok = False if not BootAPI.__has_loaded: if os.path.exists("/etc/cobbler/use.couch"): self.use_couch = True else: self.use_couch = False # NOTE: we do not log all API actions, because # a simple CLI invocation may call adds and such # to load the config, which would just fill up # the logs, so we'll do that logging at CLI # level (and remote.py web service level) instead. random.seed() self.is_cobblerd = is_cobblerd try: self.logger = clogger.Logger("/var/log/cobbler/cobbler.log") except CX: # return to CLI/other but perms are not valid # perms_ok is False return # FIMXE: conslidate into 1 server instance self.selinux_enabled = utils.is_selinux_enabled() self.dist = utils.check_dist() self.os_version = utils.os_release() BootAPI.__has_loaded = True module_loader.load_modules() self._config = config.Config(self) self.deserialize() self.authn = self.get_module_from_file("authentication", "module", "authn_configfile") self.authz = self.get_module_from_file("authorization", "module", "authz_allowall") # FIXME: pass more loggers around, and also see that those # using things via tasks construct their own kickgen/yumgen/ # pxegen versus reusing this one, which has the wrong logger # (most likely) for background tasks. self.kickgen = kickgen.KickGen(self._config) self.yumgen = yumgen.YumGen(self._config) self.pxegen = pxegen.PXEGen(self._config, logger=self.logger) self.logger.debug("API handle initialized") self.perms_ok = True
def regen_ss_file(): # this is only used for Kerberos auth at the moment. # it identifies XMLRPC requests from Apache that have already # been cleared by Kerberos. ssfile = "/var/lib/cobbler/web.ss" fd = open("/dev/urandom") data = fd.read(512) fd.close() if not os.path.isfile(ssfile): um = os.umask(int('0027',16)) fd = open(ssfile,"w+") fd.write(binascii.hexlify(data)) fd.close() os.umask(um) utils.os_system("chmod 700 /var/lib/cobbler/web.ss") http_user = "******" if utils.check_dist() in [ "debian", "ubuntu" ]: http_user = "******" utils.os_system("chown %s /var/lib/cobbler/web.ss"%http_user ) else: fd = open(ssfile,"w+") fd.write(binascii.hexlify(data)) fd.close() return 1
def createrepo_walker(self, repo, dirname, fnames): """ Used to run createrepo on a copied Yum mirror. """ if os.path.exists(dirname) or repo['breed'] == 'rsync': utils.remove_yum_olddata(dirname) # add any repo metadata we can use mdoptions = [] if os.path.isfile("%s/.origin/repomd.xml" % (dirname)): if not HAS_YUM: utils.die(self.logger, "yum is required to use this feature") rmd = yum.repoMDObject.RepoMD( '', "%s/.origin/repomd.xml" % (dirname)) if rmd.repoData.has_key("group"): groupmdfile = rmd.getData("group").location[1] mdoptions.append("-g %s" % groupmdfile) if rmd.repoData.has_key("prestodelta"): # need createrepo >= 0.9.7 to add deltas if utils.check_dist() == "redhat" or utils.check_dist( ) == "suse": cmd = "/usr/bin/rpmquery --queryformat=%{VERSION} createrepo" createrepo_ver = utils.subprocess_get(self.logger, cmd) if createrepo_ver >= "0.9.7": mdoptions.append("--deltas") else: utils.die( self.logger, "this repo has presto metadata; you must upgrade createrepo to >= 0.9.7 first and then need to resync the repo through cobbler." ) blended = utils.blender(self.api, False, repo) flags = blended.get("createrepo_flags", "(ERROR: FLAGS)") try: # BOOKMARK cmd = "createrepo %s %s %s" % (" ".join(mdoptions), flags, dirname) utils.subprocess_call(self.logger, cmd) except: utils.log_exc(self.logger) self.logger.error("createrepo failed.") del fnames[:] # we're in the right place
def run(self): """ Returns None if there are no errors, otherwise returns a list of things to correct prior to running application 'for real'. (The CLI usage is "cobbler check" before "cobbler sync") """ status = [] self.checked_dist = utils.check_dist() self.check_name(status) self.check_selinux(status) if self.settings.manage_dhcp: mode = self.config.api.get_sync().dhcp.what() if mode == "isc": self.check_dhcpd_bin(status) self.check_dhcpd_conf(status) self.check_service(status, "dhcpd") elif mode == "dnsmasq": self.check_dnsmasq_bin(status) self.check_service(status, "dnsmasq") if self.settings.manage_dns: mode = self.config.api.get_sync().dns.what() if mode == "bind": self.check_bind_bin(status) self.check_service(status, "named") elif mode == "dnsmasq" and not self.settings.manage_dhcp: self.check_dnsmasq_bin(status) self.check_service(status, "dnsmasq") mode = self.config.api.get_sync().tftpd.what() if mode == "in_tftpd": self.check_tftpd_bin(status) self.check_tftpd_dir(status) self.check_tftpd_conf(status) elif mode == "tftpd_py": self.check_ctftpd_bin(status) self.check_ctftpd_dir(status) self.check_ctftpd_conf(status) self.check_service(status, "cobblerd") self.check_bootloaders(status) self.check_for_wget_curl(status) self.check_rsync_conf(status) self.check_httpd(status) self.check_iptables(status) self.check_yum(status) self.check_debmirror(status) self.check_for_ksvalidator(status) self.check_for_default_password(status) self.check_for_unreferenced_repos(status) self.check_for_unsynced_repos(status) self.check_for_cman(status) self.check_dynamic_settings(status) return status
def __init__(self, log_settings={}, is_cobblerd=False): """ Constructor """ self.__dict__ = BootAPI.__shared_state self.log_settings = log_settings self.perms_ok = False if not BootAPI.__has_loaded: # NOTE: we do not log all API actions, because # a simple CLI invocation may call adds and such # to load the config, which would just fill up # the logs, so we'll do that logging at CLI # level (and remote.py web service level) instead. random.seed() self.is_cobblerd = is_cobblerd try: self.logger = self.__setup_logger("api") except CX: # return to CLI/other but perms are not valid # perms_ok is False return # FIMXE: conslidate into 1 server instance self.selinux_enabled = utils.is_selinux_enabled() self.dist = utils.check_dist() self.os_version = utils.os_release() self.acl_engine = acls.AclEngine() BootAPI.__has_loaded = True module_loader.load_modules() self._config = config.Config(self) self.deserialize() self.authn = self.get_module_from_file( "authentication", "module", "authn_configfile" ) self.authz = self.get_module_from_file( "authorization", "module", "authz_allowall" ) self.kickgen = kickgen.KickGen(self._config) self.yumgen = yumgen.YumGen(self._config) self.pxegen = pxegen.PXEGen(self._config) self.logger.debug("API handle initialized") self.perms_ok = True
def run(self): """ Returns None if there are no errors, otherwise returns a list of things to correct prior to running application 'for real'. (The CLI usage is "cobbler check" before "cobbler sync") """ status = [] self.checked_dist = utils.check_dist() self.check_name(status) self.check_selinux(status) if self.settings.manage_dhcp: mode = self.config.api.get_sync().dhcp.what() if mode == "isc": self.check_dhcpd_bin(status) self.check_dhcpd_conf(status) self.check_service(status,"dhcpd") elif mode == "dnsmasq": self.check_dnsmasq_bin(status) self.check_service(status,"dnsmasq") if self.settings.manage_dns: mode = self.config.api.get_sync().dns.what() if mode == "bind": self.check_bind_bin(status) self.check_service(status,"named") elif mode == "dnsmasq" and not self.settings.manage_dhcp: self.check_dnsmasq_bin(status) self.check_service(status,"dnsmasq") mode = self.config.api.get_sync().tftpd.what() if mode == "in_tftpd": self.check_tftpd_bin(status) self.check_tftpd_dir(status) self.check_tftpd_conf(status) elif mode == "tftpd_py": self.check_ctftpd_bin(status) self.check_ctftpd_dir(status) self.check_ctftpd_conf(status) self.check_service(status, "cobblerd") self.check_bootloaders(status) self.check_for_wget_curl(status) self.check_rsync_conf(status) self.check_httpd(status) self.check_iptables(status) self.check_yum(status) self.check_debmirror(status) self.check_for_ksvalidator(status) self.check_for_default_password(status) self.check_for_unreferenced_repos(status) self.check_for_unsynced_repos(status) self.check_for_cman(status) self.check_dynamic_settings(status) return status
def regen_ss_file(): # this is only used for Kerberos auth at the moment. # it identifies XMLRPC requests from Apache that have already # been cleared by Kerberos. ssfile = "/var/lib/cobbler/web.ss" fd = open("/dev/urandom") data = fd.read(512) fd.close() fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0600) os.write(fd, binascii.hexlify(data)) os.close(fd) http_user = "******" if utils.check_dist() in ["debian", "ubuntu"]: http_user = "******" elif utils.check_dist() in ["suse", "opensuse"]: http_user = "******" os.lchown("/var/lib/cobbler/web.ss", pwd.getpwnam(http_user)[2], -1) return 1
def createrepo_walker(self, repo, dirname, fnames): """ Used to run createrepo on a copied Yum mirror. """ if os.path.exists(dirname) or repo["breed"] == "rsync": utils.remove_yum_olddata(dirname) # add any repo metadata we can use mdoptions = [] if os.path.isfile("%s/repodata/repomd.xml" % (dirname)): if not HAS_YUM: utils.die(self.logger, "yum is required to use this feature") rmd = yum.repoMDObject.RepoMD("", "%s/repodata/repomd.xml" % (dirname)) if rmd.repoData.has_key("group"): groupmdfile = rmd.getData("group").location[1] mdoptions.append("-g %s" % groupmdfile) if rmd.repoData.has_key("prestodelta"): # need createrepo >= 0.9.7 to add deltas if utils.check_dist() == "redhat" or utils.check_dist() == "suse": cmd = "/usr/bin/rpmquery --queryformat=%{VERSION} createrepo" createrepo_ver = utils.subprocess_get(self.logger, cmd) if createrepo_ver >= "0.9.7": mdoptions.append("--deltas") else: utils.die( self.logger, "this repo has presto metadata; you must upgrade createrepo to >= 0.9.7 first and then need to resync the repo through cobbler.", ) blended = utils.blender(self.api, False, repo) flags = blended.get("createrepo_flags", "(ERROR: FLAGS)") try: # BOOKMARK cmd = "createrepo %s %s %s" % (" ".join(mdoptions), flags, dirname) utils.subprocess_call(self.logger, cmd) except: utils.log_exc(self.logger) self.logger.error("createrepo failed.") del fnames[:] # we're in the right place
def run(self): """ Returns None if there are no errors, otherwise returns a list of things to correct prior to running application 'for real'. (The CLI usage is "cobbler check" before "cobbler sync") """ status = [] self.checked_dist = utils.check_dist() self.check_name(status) self.check_selinux(status) if self.settings.manage_dhcp: mode = self.config.api.get_sync().dhcp.what() if mode == "isc": self.check_dhcpd_bin(status) self.check_dhcpd_conf(status) self.check_service(status,"dhcpd") elif mode == "dnsmasq": self.check_dnsmasq_bin(status) self.check_service(status,"dnsmasq") if self.settings.manage_dns: mode = self.config.api.get_sync().dns.what() if mode == "bind": self.check_bind_bin(status) self.check_service(status,"named") elif mode == "dnsmasq" and not self.settings.manage_dhcp: self.check_dnsmasq_bin(status) self.check_service(status,"dnsmasq") self.check_service(status, "cobblerd") # self.check_bootloaders(status) self.check_tftpd_bin(status) self.check_tftpd_dir(status) self.check_tftpd_conf(status) self.check_httpd(status) self.check_iptables(status) self.check_yum(status) self.check_for_default_password(status) self.check_for_unreferenced_repos(status) self.check_for_unsynced_repos(status) # comment out until s390 virtual PXE is fully supported # self.check_vsftpd_bin(status) self.check_for_cman(status) return status
def __init__(self, config, logger=None): """ Constructor """ #self.config = config #self.api = config.api #self.settings = config.settings() if logger is None: logger = clogger.Logger() self.logger = logger self.distro = utils.check_dist() if self.distro == "ubuntu" or self.distro == "debian": self.hardlink = "/usr/bin/hardlink" self.hardlink_args = "-f -p -o -t -v /var/www/cobbler/ks_mirror /var/www/cobbler/repo_mirror" else: self.hardlink = "/usr/sbin/hardlink" self.hardlink_args = "-c -v /var/www/cobbler/ks_mirror /var/www/cobbler/repo_mirror" self.hardlink_cmd = "%s %s" % (self.hardlink, self.hardlink_args)
def __init__(self,config,logger=None): """ Constructor """ #self.config = config #self.api = config.api #self.settings = config.settings() if logger is None: logger = clogger.Logger() self.logger = logger self.distro = utils.check_dist() if self.distro == "ubuntu" or self.distro == "debian": self.hardlink = "/usr/bin/hardlink" self.hardlink_args = "-f -p -o -t -v /var/www/cobbler/ks_mirror /var/www/cobbler/repo_mirror" else: self.hardlink = "/usr/sbin/hardlink" self.hardlink_args = "-c -v /var/www/cobbler/ks_mirror /var/www/cobbler/repo_mirror" self.hardlink_cmd = "%s %s" % (self.hardlink, self.hardlink_args)
def regen_ss_file(): # this is only used for Kerberos auth at the moment. # it identifies XMLRPC requests from Apache that have already # been cleared by Kerberos. fd = open("/dev/urandom") data = fd.read(512) fd.close() fd = open("/var/lib/cobbler/web.ss","w+") fd.write(binascii.hexlify(data)) fd.close() utils.os_system("chmod 700 /var/lib/cobbler/web.ss") http_user = "******" if utils.check_dist() in [ "debian", "ubuntu" ]: http_user = "******" cmd = "chown %s /var/lib/cobbler/web.ss" % http_user utils.os_system( cmd ) return 1
def regen_ss_file(): # this is only used for Kerberos auth at the moment. # it identifies XMLRPC requests from Apache that have already # been cleared by Kerberos. ssfile = "/var/lib/cobbler/web.ss" fd = open("/dev/urandom") data = fd.read(512) fd.close() if not os.path.isfile(ssfile): fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0600) os.write(fd, binascii.hexlify(data)) os.close(fd) http_user = "******" if utils.check_dist() in ["debian", "ubuntu"]: http_user = "******" utils.os_system("chown %s /var/lib/cobbler/web.ss" % http_user) else: fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0600) os.write(fd, binascii.hexlify(data)) os.close(fd) return 1
def regen_ss_file(): # this is only used for Kerberos auth at the moment. # it identifies XMLRPC requests from Apache that have already # been cleared by Kerberos. ssfile = "/var/lib/cobbler/web.ss" fd = open("/dev/urandom") data = fd.read(512) fd.close() if not os.path.isfile(ssfile): fd = os.open(ssfile,os.O_CREAT|os.O_RDWR,0600) os.write(fd,binascii.hexlify(data)) os.close(fd) http_user = "******" if utils.check_dist() in [ "debian", "ubuntu" ]: http_user = "******" utils.os_system("chown %s /var/lib/cobbler/web.ss"%http_user ) else: fd = os.open(ssfile,os.O_CREAT|os.O_RDWR,0600) os.write(fd,binascii.hexlify(data)) os.close(fd) return 1
def __init__(self, config): """Constructor. Requires json config object.""" self.config = json.JSONDecoder().decode(config) self.stats = {} self.dist = utils.check_dist()