def update(conduit):
""" update entitlement certificates """
if os.getuid() != 0:
conduit.info(3, 'Not root, Subscription Management repositories not updated')
return
conduit.info(3, 'Updating Subscription Management repositories.')
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.certlib import ConsumerIdentity
cert_file = ConsumerIdentity.certpath()
key_file = ConsumerIdentity.keypath()
# if we have a RHIC, it's ok to call RepoLib without a ConsumerId or UEP
if RhicCertificate.existsAndValid():
rl = RepoLib()
rl.update()
return
try:
ConsumerIdentity.read().getConsumerId()
except Exception:
conduit.info(3, "Unable to read consumer identity")
return
try:
uep = connection.UEPConnection(cert_file=cert_file, key_file=key_file)
#FIXME: catchall exception
except Exception:
# log
conduit.info(2, "Unable to connect to Subscription Management Service")
return
rl = RepoLib(uep=uep)
rl.update()
def update(conduit):
""" update entitlement certificates """
if os.getuid() != 0:
conduit.info(3, "Not root, Subscription Management repositories not updated")
return
conduit.info(3, "Updating Subscription Management repositories.")
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.certlib import ConsumerIdentity
cert_file = ConsumerIdentity.certpath()
key_file = ConsumerIdentity.keypath()
try:
ConsumerIdentity.read().getConsumerId()
except Exception:
conduit.info(3, "Unable to read consumer identity")
return
try:
uep = connection.UEPConnection(cert_file=cert_file, key_file=key_file)
# FIXME: catchall exception
except Exception:
# log
conduit.info(2, "Unable to connect to Subscription Management Service")
return
rl = RepoLib(uep=uep)
rl.update()
def update(conduit):
""" update entitlement certificates """
if os.getuid() != 0:
conduit.info(
3, 'Not root, Subscription Management repositories not updated')
return
conduit.info(3, 'Updating Subscription Management repositories.')
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.certlib import ConsumerIdentity
cert_file = ConsumerIdentity.certpath()
key_file = ConsumerIdentity.keypath()
try:
ConsumerIdentity.read().getConsumerId()
except Exception:
conduit.info(3, "Unable to read consumer identity")
return
try:
uep = connection.UEPConnection(cert_file=cert_file, key_file=key_file)
#FIXME: catchall exception
except Exception:
# log
conduit.info(2, "Unable to connect to Subscription Management Service")
return
rl = RepoLib(uep=uep)
rl.update()
def reload(self):
"""
Check for consumer certificate on disk and update our info accordingly.
"""
log.debug("Loading consumer info from identity certificates.")
if not ConsumerIdentity.existsAndValid():
self.name = None
self.uuid = None
else:
consumer = ConsumerIdentity.read()
self.name = consumer.getConsumerName()
self.uuid = consumer.getConsumerId()
def reload(self):
"""
Check for consumer certificate on disk and update our info accordingly.
"""
log.debug("Loading consumer info from identity certificates.")
if not ConsumerIdentity.existsAndValid():
self.name = None
self.uuid = None
else:
consumer = ConsumerIdentity.read()
self.name = consumer.getConsumerName()
self.uuid = consumer.getConsumerId()
def setup_plugin():
"""
Setup the plugin based on registration status using the RHSM configuration.
"""
if not ConsumerIdentity.existsAndValid():
# not registered
return
cfg = plugin.cfg()
rhsm_conf = Config(RHSM_CONFIG_PATH)
certificate = ConsumerIdentity.read()
cfg.messaging.url = 'ssl://%s:5671' % rhsm_conf['server']['hostname']
cfg.messaging.uuid = 'pulp.agent.%s' % certificate.getConsumerId()
bundle(certificate)
def check_status(force_signal):
if force_signal is not None:
debug("forcing status signal from cli arg")
return force_signal
if ClassicCheck().is_registered_with_classic():
debug("System is already registered to another entitlement system")
return RHN_CLASSIC
if not ConsumerIdentity.existsAndValid():
debug("The system is not currently registered.")
return RHSM_REGISTRATION_REQUIRED
facts = Facts()
sorter = CertSorter(certdirectory.ProductDirectory(),
certdirectory.EntitlementDirectory(), facts.get_facts())
if len(sorter.unentitled_products.keys()) > 0 or len(sorter.expired_products.keys()) > 0:
debug("System has one or more certificates that are not valid")
debug(sorter.unentitled_products.keys())
debug(sorter.expired_products.keys())
return RHSM_EXPIRED
elif len(sorter.partially_valid_products) > 0:
debug("System has one or more partially entitled products")
return RHSM_PARTIALLY_VALID
elif in_warning_period(sorter):
debug("System has one or more entitlements in their warning period")
return RHSM_WARNING
else:
debug("System entitlements appear valid")
return RHSM_VALID
def shouldAppear(self):
"""
Indicates to firstboot whether to show this screen. In this case
we want to skip over this screen if there is already an identity
certificate on the machine (most likely laid down in a kickstart).
"""
return not ConsumerIdentity.existsAndValid()
def send_enabled_report(path=REPOSITORY_PATH):
"""
Send the enabled repository report.
:param path: The path to a repository file.
:type path: str
"""
if not ConsumerIdentity.existsAndValid():
# not registered
return
try:
uep = UEP()
certificate = ConsumerIdentity.read()
report = EnabledReport(path)
uep.report_enabled(certificate.getConsumerId(), report.content)
except Exception, e:
log.error('send enabled report failed: %s', str(e))
def shouldAppear(self):
"""
Indicates to firstboot whether to show this screen. In this case
we want to skip over this screen if there is already an identity
certificate on the machine (most likely laid down in a kickstart).
"""
return not ConsumerIdentity.existsAndValid()
def check_status(force_signal):
if force_signal is not None:
debug("forcing status signal from cli arg")
return force_signal
if ClassicCheck().is_registered_with_classic():
debug("System is already registered to another entitlement system")
return RHN_CLASSIC
if not ConsumerIdentity.existsAndValid():
debug("The system is not currently registered.")
return RHSM_REGISTRATION_REQUIRED
facts = Facts()
sorter = CertSorter(certdirectory.ProductDirectory(),
certdirectory.EntitlementDirectory(),
facts.get_facts())
if len(sorter.unentitled_products.keys()) > 0 or len(
sorter.expired_products.keys()) > 0:
debug("System has one or more certificates that are not valid")
debug(sorter.unentitled_products.keys())
debug(sorter.expired_products.keys())
return RHSM_EXPIRED
elif len(sorter.partially_valid_products) > 0:
debug("System has one or more partially entitled products")
return RHSM_PARTIALLY_VALID
elif in_warning_period(sorter):
debug("System has one or more entitlements in their warning period")
return RHSM_WARNING
else:
debug("System entitlements appear valid")
return RHSM_VALID
def changed(cls, path):
"""
A change in the rhsm certificate has been detected.
When deleted: disconnect from qpid.
When added/updated: reconnect to qpid.
@param path: The changed file (ignored).
@type path: str
"""
log.info('changed: %s', path)
if ConsumerIdentity.existsAndValid():
cert = ConsumerIdentity.read()
cls.bundle(cert)
uuid = cert.getConsumerId()
plugin.setuuid(uuid)
else:
plugin.setuuid(None)
def _do_update(self):
mgr = InstalledProductsManager()
try:
consumer = ConsumerIdentity.read()
except IOError:
return 0
consumer_uuid = consumer.getConsumerId()
return mgr.update_check(self.uep, consumer_uuid)
def _do_update(self):
profile_mgr = ProfileManager()
try:
consumer = ConsumerIdentity.read()
except IOError:
return 0
consumer_uuid = consumer.getConsumerId()
return profile_mgr.update_check(self.uep, consumer_uuid)
def init(cls):
"""
Start path monitor to track changes in the
rhsm identity certificate.
"""
path = ConsumerIdentity.certpath()
cls.pmon.add(path, cls.changed)
cls.pmon.start()
def __init__(self):
self.create_uep(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
self.create_content_connection()
# we don't know the user/pass yet, so no point in
# creating an admin uep till we need it
self.admin_uep = None
self.product_dir = ProductDirectory()
self.entitlement_dir = EntitlementDirectory()
self.certlib = CertLib(uep=self.uep)
self.product_monitor = file_monitor.Monitor(self.product_dir.path)
self.entitlement_monitor = file_monitor.Monitor(
self.entitlement_dir.path)
self.identity_monitor = file_monitor.Monitor(ConsumerIdentity.PATH)
def consumer_id(self):
"""
Get the current consumer ID
:return: The unique consumer ID of the currently running agent
:rtype: str
"""
certificate = ConsumerIdentity.read()
return certificate.getConsumerId()
def __init__(self):
self.create_uep(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
self.create_content_connection()
# we don't know the user/pass yet, so no point in
# creating an admin uep till we need it
self.admin_uep = None
self.product_dir = ProductDirectory()
self.entitlement_dir = EntitlementDirectory()
self.certlib = CertLib(uep=self.uep)
self.product_monitor = file_monitor.Monitor(self.product_dir.path)
self.entitlement_monitor = file_monitor.Monitor(
self.entitlement_dir.path)
self.identity_monitor = file_monitor.Monitor(ConsumerIdentity.PATH)
def main(options, log):
if not ConsumerIdentity.existsAndValid():
log.error('Either the consumer is not registered or the certificates' +
' are corrupted. Certificate update using daemon failed.')
sys.exit(-1)
print _('Updating entitlement certificates & repositories')
try:
uep = connection.UEPConnection(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
mgr = certmgr.CertManager(uep=uep)
updates = mgr.update(options.autoheal)
print _('%d updates required') % updates
print _('done')
except connection.ExpiredIdentityCertException, e:
log.critical(_("Your identity certificate has expired"))
raise e
def warnOrGiveUsageMessage(conduit):
""" either output a warning, or a usage message """
msg = ""
# TODO: refactor so there are not two checks for this
if os.getuid() != 0:
return
try:
try:
ConsumerIdentity.read().getConsumerId()
entdir = EntitlementDirectory()
if len(entdir.listValid()) == 0:
msg = no_subs_warning
else:
msg = repo_usage_message
except:
msg = not_registered_warning
finally:
conduit.info(2, msg)
def get_server_versions(cp, exception_on_timeout=False):
cp_version = _("Unknown")
server_type = _("This system is currently not registered.")
# check for Classic before doing anything else
if ClassicCheck().is_registered_with_classic():
if ConsumerIdentity.existsAndValid():
server_type = get_branding().REGISTERED_TO_BOTH_SUMMARY
else:
server_type = get_branding().REGISTERED_TO_OTHER_SUMMARY
else:
if ConsumerIdentity.existsAndValid():
server_type = get_branding(
).REGISTERED_TO_SUBSCRIPTION_MANAGEMENT_SUMMARY
if cp:
try:
if cp.supports_resource("status"):
status = cp.getStatus()
cp_version = '-'.join([status['version'], status['release']])
else:
cp_version = _("Unknown")
except socket.timeout, e:
log.error("Timeout error while checking server version")
log.exception(e)
# for cli, we can assume if we get a timeout here, the rest
# of the calls will timeout as well, so raise exception here
# instead of waiting for all the calls to timeout
if exception_on_timeout:
log.error("Timeout error while checking server version")
raise
# otherwise, ignore the timeout exception
except Exception, e:
if isinstance(e, GoneException):
log.info(
"Server Versions: Error: consumer has been deleted, unable to check server version"
)
else:
# a more useful error would be handy here
log.error(("Error while checking server version: %s") % e)
log.exception(e)
cp_version = _("Unknown")
def _read_rhn_proxy_settings(self):
# Read and store rhn-setup's proxy settings, as they have been set
# on the prior screen (which is owned by rhn-setup)
up2date_cfg = config.initUp2dateConfig()
cfg = rhsm.config.initConfig()
if up2date_cfg['enableProxy']:
proxy = up2date_cfg['httpProxy']
if proxy:
# Remove any URI scheme provided
proxy = remove_scheme(proxy)
try:
host, port = proxy.split(':')
cfg.set('server', 'proxy_hostname', host)
cfg.set('server', 'proxy_port', port)
except ValueError:
cfg.set('server', 'proxy_hostname', proxy)
cfg.set('server', 'proxy_port',
rhsm.config.DEFAULT_PROXY_PORT)
if up2date_cfg['enableProxyAuth']:
cfg.set('server', 'proxy_user', up2date_cfg['proxyUser'])
cfg.set('server', 'proxy_password',
up2date_cfg['proxyPassword'])
else:
cfg.set('server', 'proxy_hostname', '')
cfg.set('server', 'proxy_port', '')
cfg.set('server', 'proxy_user', '')
cfg.set('server', 'proxy_password', '')
cfg.save()
self.backend.uep = rhsm.connection.UEPConnection(
host=cfg.get('server', 'hostname'),
ssl_port=int(cfg.get('server', 'port')),
handler=cfg.get('server', 'prefix'),
proxy_hostname=cfg.get('server', 'proxy_hostname'),
proxy_port=cfg.get('server', 'proxy_port'),
proxy_user=cfg.get('server', 'proxy_user'),
proxy_password=cfg.get('server', 'proxy_password'),
username=None,
password=None,
cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
def __init__(self):
self.create_uep(cert_file=ConsumerIdentity.certpath(), key_file=ConsumerIdentity.keypath())
self.create_content_connection()
# we don't know the user/pass yet, so no point in
# creating an admin uep till we need it
self.admin_uep = None
self.product_dir = ProductDirectory()
self.entitlement_dir = EntitlementDirectory()
self.certlib = CertLib(uep=self.uep)
self.product_monitor = file_monitor.Monitor(self.product_dir.path)
self.entitlement_monitor = file_monitor.Monitor(self.entitlement_dir.path)
self.identity_monitor = file_monitor.Monitor(ConsumerIdentity.PATH)
# connect handlers to refresh the cached data when we notice a change.
# do this before any other handlers might connect
self.product_monitor.connect("changed", lambda monitor: self.product_dir.refresh())
self.entitlement_monitor.connect("changed", lambda monitor: self.entitlement_dir.refresh())
def _read_rhn_proxy_settings(self):
# Read and store rhn-setup's proxy settings, as they have been set
# on the prior screen (which is owned by rhn-setup)
up2date_cfg = config.initUp2dateConfig()
cfg = rhsm.config.initConfig()
if up2date_cfg['enableProxy']:
proxy = up2date_cfg['httpProxy']
if proxy:
# Remove any URI scheme provided
proxy = remove_scheme(proxy)
try:
host, port = proxy.split(':')
cfg.set('server', 'proxy_hostname', host)
cfg.set('server', 'proxy_port', port)
except ValueError:
cfg.set('server', 'proxy_hostname', proxy)
cfg.set('server', 'proxy_port',
rhsm.config.DEFAULT_PROXY_PORT)
if up2date_cfg['enableProxyAuth']:
cfg.set('server', 'proxy_user', up2date_cfg['proxyUser'])
cfg.set('server', 'proxy_password',
up2date_cfg['proxyPassword'])
else:
cfg.set('server', 'proxy_hostname', '')
cfg.set('server', 'proxy_port', '')
cfg.set('server', 'proxy_user', '')
cfg.set('server', 'proxy_password', '')
cfg.save()
self.backend.uep = rhsm.connection.UEPConnection(
host=cfg.get('server', 'hostname'),
ssl_port=int(cfg.get('server', 'port')),
handler=cfg.get('server', 'prefix'),
proxy_hostname=cfg.get('server', 'proxy_hostname'),
proxy_port=cfg.get('server', 'proxy_port'),
proxy_user=cfg.get('server', 'proxy_user'),
proxy_password=cfg.get('server', 'proxy_password'),
username=None, password=None,
cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
def warnOrGiveUsageMessage(conduit):
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.certlib import ConsumerIdentity
""" either output a warning, or a usage message """
msg = ""
# TODO: refactor so there are not two checks for this
if os.getuid() != 0:
return
try:
try:
ConsumerIdentity.read().getConsumerId()
entdir = EntitlementDirectory()
if len(entdir.listValid()) == 0:
msg = no_subs_warning
else:
msg = registered_message
except:
msg = not_registered_warning
finally:
conduit.info(2, msg)
def get_server_versions(cp, exception_on_timeout=False):
cp_version = _("Unknown")
server_type = _("This system is currently not registered.")
# check for Classic before doing anything else
if ClassicCheck().is_registered_with_classic():
if ConsumerIdentity.existsAndValid():
server_type = get_branding().REGISTERED_TO_BOTH_SUMMARY
else:
server_type = get_branding().REGISTERED_TO_OTHER_SUMMARY
else:
if ConsumerIdentity.existsAndValid():
server_type = get_branding().REGISTERED_TO_SUBSCRIPTION_MANAGEMENT_SUMMARY
if cp:
try:
if cp.supports_resource("status"):
status = cp.getStatus()
cp_version = '-'.join([status['version'], status['release']])
else:
cp_version = _("Unknown")
except socket.timeout, e:
log.error("Timeout error while checking server version")
log.exception(e)
# for cli, we can assume if we get a timeout here, the rest
# of the calls will timeout as well, so raise exception here
# instead of waiting for all the calls to timeout
if exception_on_timeout:
log.error("Timeout error while checking server version")
raise
# otherwise, ignore the timeout exception
except Exception, e:
if isinstance(e, GoneException):
log.info("Server Versions: Error: consumer has been deleted, unable to check server version")
else:
# a more useful error would be handy here
log.error(("Error while checking server version: %s") % e)
log.exception(e)
cp_version = _("Unknown")
def warnOrGiveUsageMessage(conduit):
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.certlib import ConsumerIdentity
""" either output a warning, or a usage message """
msg = ""
# TODO: refactor so there are not two checks for this
if os.getuid() != 0:
return
try:
try:
ConsumerIdentity.read().getConsumerId()
entdir = EntitlementDirectory()
if len(entdir.listValid()) == 0:
msg = no_subs_warning
else:
msg = registered_message
except:
msg = not_registered_warning
finally:
conduit.info(2, msg)
def pre_check_status(force_signal):
if force_signal is not None:
debug("forcing status signal from cli arg")
return force_signal
if ClassicCheck().is_registered_with_classic():
debug("System is already registered to another entitlement system")
return RHN_CLASSIC
if not ConsumerIdentity.existsAndValid():
debug("The system is not currently registered.")
return RHSM_REGISTRATION_REQUIRED
return None
def pre(self):
# Because the RHN client tools check if certs exist and bypass our
# firstboot module if so, we know that if we reach this point and
# identity certs exist, someone must have hit the back button.
# TODO: i'd like this call to be inside the async progress stuff,
# since it does take some time
if ConsumerIdentity.exists():
try:
managerlib.unregister(self._parent.backend.cp_provider.get_consumer_auth_cp(),
self._parent.identity.uuid)
except socket.error, e:
handle_gui_exception(e, e, self._parent.window)
self._parent._registration_finished = False
def pre_check_status(force_signal):
if force_signal is not None:
debug("forcing status signal from cli arg")
return force_signal
if ClassicCheck().is_registered_with_classic():
debug("System is already registered to another entitlement system")
return RHN_CLASSIC
if not ConsumerIdentity.existsAndValid():
debug("The system is not currently registered.")
return RHSM_REGISTRATION_REQUIRED
return None
def reload(self):
"""
Check for consumer certificate on disk and update our info accordingly.
"""
log.debug("Loading consumer info from identity certificates.")
try:
consumer = ConsumerIdentity.read()
self.name = consumer.getConsumerName()
self.uuid = consumer.getConsumerId()
# XXX shouldn't catch the global exception here, but that's what
# existsAndValid did, so this is better.
except Exception:
self.name = None
self.uuid = None
def init_plugin():
"""
Initialize the plugin.
Called (once) immediately after the plugin is loaded.
- setup plugin configuration.
- send an initial repository enabled report.
- setup path monitoring.
"""
setup_plugin()
send_enabled_report()
path = ConsumerIdentity.certpath()
path_monitor.add(path, registration_changed)
path_monitor.add(REPOSITORY_PATH, send_enabled_report)
path_monitor.start()
def reload(self):
"""
Check for consumer certificate on disk and update our info accordingly.
"""
log.debug("Loading consumer info from identity certificates.")
try:
consumer = ConsumerIdentity.read()
self.name = consumer.getConsumerName()
self.uuid = consumer.getConsumerId()
# XXX shouldn't catch the global exception here, but that's what
# existsAndValid did, so this is better.
except Exception:
self.name = None
self.uuid = None
def main(options, log):
if not ConsumerIdentity.existsAndValid():
log.error('Either the consumer is not registered or the certificates' +
' are corrupted. Certificate update using daemon failed.')
sys.exit(-1)
print _('Updating entitlement certificates & repositories')
try:
uep = connection.UEPConnection(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
mgr = certmgr.CertManager(uep=uep)
updates = mgr.update(options.autoheal)
print _('%d updates required') % updates
print _('done')
except connection.GoneException, ge:
uuid = ConsumerIdentity.read().getConsumerId()
if ge.deleted_id == uuid:
log.critical(_("This consumer's profile has been deleted from the server. It's local certificates will now be archived"))
managerlib.clean_all_data()
log.critical(_("Certificates archived to '/etc/pki/consumer.old'. Contact your system administrator if you need more information."))
else:
raise ge
def registration_changed(path):
"""
Notification that a change in registration has been detected.
On registration: setup the plugin; attach to the message broker.
On un-registration: detach from the message broker.
:param path: The path to the file that changed.
:type path: str
"""
log.info('changed: %s', path)
if ConsumerIdentity.existsAndValid():
setup_plugin()
plugin.attach()
else:
plugin.detach()
def pre(self):
# Because the RHN client tools check if certs exist and bypass our
# firstboot module if so, we know that if we reach this point and
# identity certs exist, someone must have hit the back button.
# TODO: i'd like this call to be inside the async progress stuff,
# since it does take some time
if ConsumerIdentity.exists():
try:
managerlib.unregister(
self._parent.backend.cp_provider.get_consumer_auth_cp(),
self._parent.identity.uuid)
except socket.error, e:
handle_gui_exception(e, e, self._parent.window)
self._parent._registration_finished = False
def initializeUI(self):
# Need to make sure that each time the UI is initialized we reset back
# to the main register screen.
# if they've already registered during firstboot and have clicked
# back to register again, we must first unregister.
# XXX i'd like this call to be inside the async progress stuff,
# since it does take some time
if self._registration_finished and ConsumerIdentity.exists():
try:
managerlib.unregister(self.backend.uep, self.consumer.uuid)
except socket.error, e:
handle_gui_exception(e, e, self.registerWin)
self.consumer.reload()
self._registration_finished = False
def set_connection_info(self,
host=None,
ssl_port=None,
handler=None,
cert_file=None,
key_file=None,
proxy_hostname_arg=None,
proxy_port_arg=None,
proxy_user_arg=None,
proxy_password_arg=None):
cfg = rhsm.config.initConfig()
self.cert_file = ConsumerIdentity.certpath()
self.key_file = ConsumerIdentity.keypath()
self.server_hostname = host or cfg.get('server', 'hostname')
self.server_port = ssl_port or cfg.get_int('server', 'port')
self.server_prefix = handler or cfg.get('server', 'prefix')
self.proxy_hostname = proxy_hostname_arg or remove_scheme(cfg.get('server', 'proxy_hostname'))
self.proxy_port = proxy_port_arg or cfg.get_int('server', 'proxy_port')
self.proxy_user = proxy_user_arg or cfg.get('server', 'proxy_user')
self.proxy_password = proxy_password_arg or cfg.get('server', 'proxy_password')
self.clean()
def __init__(self):
self.create_uep(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
self.create_content_connection()
# we don't know the user/pass yet, so no point in
# creating an admin uep till we need it
self.admin_uep = None
self.product_dir = ProductDirectory()
self.entitlement_dir = EntitlementDirectory()
self.certlib = CertLib(uep=self.uep)
self.product_monitor = file_monitor.Monitor(self.product_dir.path)
self.entitlement_monitor = file_monitor.Monitor(
self.entitlement_dir.path)
self.identity_monitor = file_monitor.Monitor(ConsumerIdentity.PATH)
# connect handlers to refresh the cached data when we notice a change.
# do this before any other handlers might connect
self.product_monitor.connect(
"changed", lambda monitor: self.product_dir.refresh())
self.entitlement_monitor.connect(
"changed", lambda monitor: self.entitlement_dir.refresh())
def initializeUI(self):
# Need to make sure that each time the UI is initialized we reset back
# to the main register screen.
# if they've already registered during firstboot and have clicked
# back to register again, we must first unregister.
# XXX i'd like this call to be inside the async progress stuff,
# since it does take some time
if self._registration_finished and ConsumerIdentity.exists():
try:
managerlib.unregister(self.backend.uep, self.consumer.uuid)
except socket.error, e:
handle_gui_exception(e, e, self.registerWin)
self.consumer.reload()
self._registration_finished = False
def main(options, log):
if not ConsumerIdentity.existsAndValid():
log.error('Either the consumer is not registered or the certificates' +
' are corrupted. Certificate update using daemon failed.')
sys.exit(-1)
print _('Updating entitlement certificates & repositories')
try:
if options.autoheal:
actionclient = action_client.HealingActionClient()
else:
actionclient = action_client.ActionCertClient()
update_reports = actionclient.update(options.autoheal)
for update_report in update_reports:
# FIXME: make sure we don't get None reports
if update_report:
print update_report
except connection.ExpiredIdentityCertException, e:
log.critical(_("Your identity certificate has expired"))
raise e
def registered(self):
return ConsumerIdentity.existsAndValid()
def is_registered(self):
if ConsumerIdentity.existsAndValid():
return True
return False
def upload_package_profile():
uep = connection.UEPConnection(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
mgr = certmgr.CertManager(uep=uep)
mgr.profilelib._do_update()
sys.exit(-1)
print _('Updating entitlement certificates & repositories')
try:
uep = connection.UEPConnection(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
mgr = certmgr.CertManager(uep=uep)
updates = mgr.update(options.autoheal)
print _('%d updates required') % updates
print _('done')
except connection.ExpiredIdentityCertException, e:
log.critical(_("Your identity certificate has expired"))
raise e
except connection.GoneException, ge:
uuid = ConsumerIdentity.read().getConsumerId()
if ge.deleted_id == uuid:
log.critical(_("This consumer's profile has been deleted from the server. Its local certificates will now be archived"))
managerlib.clean_all_data()
log.critical(_("Certificates archived to '/etc/pki/consumer.old'. Contact your system administrator if you need more information."))
raise ge
if __name__ == '__main__':
logutil.init_logger()
log = logging.getLogger('rhsm-app.' + __name__)
parser = OptionParser(usage=USAGE,
formatter=WrappedIndentedHelpFormatter())
def update(self):
self.create_uep(cert_file=ConsumerIdentity.certpath(),
key_file=ConsumerIdentity.keypath())
self.content_connection = self._create_content_connection()
def _set_validity_status(self):
""" Updates the entitlement validity status portion of the UI. """
if ClassicCheck().is_registered_with_classic():
self._set_status_icons(VALID)
self.subscription_status_label.set_text(
_("This system is registered to RHN Classic"))
return
is_registered = ConsumerIdentity.existsAndValid()
self.set_registered(is_registered)
# Look for products which have invalid entitlements
sorter = CertSorter(self.product_dir, self.entitlement_dir,
self.facts.get_facts())
warn_count = len(sorter.expired_products) + \
len(sorter.unentitled_products)
partial_count = len(sorter.partially_valid_products)
if warn_count > 0:
self._set_status_icons(INVALID)
# Change wording slightly for just one product
if warn_count > 1:
self.subscription_status_label.set_markup(
_("You have <b>%s</b> products with <i>invalid</i> entitlement certificates."
) % warn_count)
else:
self.subscription_status_label.set_markup(
_("You have <b>1</b> product with an <i>invalid</i> entitlement certificate."
))
elif partial_count > 0:
self._set_status_icons(PARTIAL)
# Change wording slightly for just one product
if partial_count > 1:
self.subscription_status_label.set_markup(
_("You have <b>%s</b> products in need of <i>additional</i> entitlement certificates."
) % partial_count)
else:
self.subscription_status_label.set_markup(
_("You have <b>1</b> product in need of <i>additional</i> entitlement certificates."
))
else:
first_invalid = find_first_invalid_date(self.entitlement_dir,
self.product_dir,
self.facts.get_facts())
self._set_status_icons(VALID)
if first_invalid:
self.subscription_status_label.set_markup(
_("Product entitlement certificates <i>valid</i> until %s") % \
managerlib.formatDate(first_invalid))
else:
# No product certs installed, no first invalid date, and
# the subscription assistant can't do anything, so we'll disable
# the button to launch it:
self.subscription_status_label.set_text(
_("No product certificates installed."))
if not is_registered:
self.subscription_status_label.set_text(
_("You must register this system before subscribing."))
import gettext
_ = lambda x: gettext.ldgettext("rhsm", x)
gettext.textdomain("rhsm")
gtk.glade.bindtextdomain("rhsm")
gtk.glade.textdomain("rhsm")
log = logging.getLogger('rhsm-app.' + __name__)
prefix = os.path.dirname(__file__)
VALID_IMG = os.path.join(prefix, "data/icons/valid.svg")
INVALID_IMG = os.path.join(prefix, "data/icons/invalid.svg")
# An implied Katello environment which we can't actual register to.
LIBRARY_ENV_NAME = "library"
cert_file = ConsumerIdentity.certpath()
key_file = ConsumerIdentity.keypath()
CFG = config.initConfig()
import threading
import Queue
import gobject
CREDENTIALS_PAGE = 0
PROGRESS_PAGE = 1
OWNER_SELECT_PAGE = 2
ENVIRONMENT_SELECT_PAGE = 3
CHOOSE_SERVER_PAGE = 4
