def suspendBitlocker(self): # pylint: disable=no-self-use logger.notice("Suspending bitlocker for one reboot if active") try: System.execute( "powershell.exe -ExecutionPolicy Bypass -Command \"" "foreach($v in Get-BitLockerVolume)" "{if ($v.EncryptionPercentage -gt 0)" "{$v | Suspend-BitLocker -RebootCount 1}}\"", captureStderr=True, waitForEnding=True, timeout=20) except Exception as err: # pylint: disable=broad-except logger.error("Failed to suspend bitlocker: %s", err, exc_info=True)
def content(self): try: if not os.path.exists(self._filename): raise IOError(u"Archive file not found: '%s'" % self._filename) cat = System.which('cat') if self._compression == 'gzip': if self.pigz_detected: cat = u'{pigz} --stdout --decompress'.format( pigz=System.which('pigz')) else: cat = System.which('zcat') elif self._compression == 'bzip2': cat = System.which('bzcat') return [ unicode(line) for line in System.execute( u'{cat} "{filename}" | {cpio} --quiet --extract --list'. format(cat=cat, filename=self._filename, cpio=System.which('cpio'))) if line ] except Exception as e: raise RuntimeError(u"Failed to get archive content '%s': %s" % (self._filename, e))
def is_correct_pigz_version(): ver = System.execute('pigz --version')[0][5:] logger.debug('Detected pigz version: %s' % (ver, )) versionMatches = compareVersions(ver, '>=', '2.2.3') logger.debug('pigz version is compatible? %s' % (versionMatches)) return versionMatches
def run(self): self._reloadEvent.clear() self._reloadEvent.wait(2) with self._reloadLock: try: result = System.execute(self._reloadConfigCommand) for line in result: if 'error' in line: raise RuntimeError(u'\n'.join(result)) except Exception as error: logger.critical( u"Failed to restart dhcpd: {0}".format(error)) self._reloadEvent.set()
def content(self): try: if not os.path.exists(self._filename): raise IOError(u"Archive file not found: '%s'" % self._filename) names = [] options = u'' if self._compression == 'gzip': if self.pigz_detected: options += u'--use-compress-program=pigz' else: options += u'--gunzip' elif self._compression == 'bzip2': options += u'--bzip2' for line in System.execute( u'%s %s --list --file "%s"' % (System.which('tar'), options, self._filename)): if line: names.append(unicode(line)) return names except Exception as e: raise RuntimeError(u"Failed to get archive content '%s': %s" % (self._filename, e))
def main(): # pylint: disable=too-many-locals,too-many-branches,too-many-statements if len(sys.argv) != 17: print( f"Usage: {os.path.basename(sys.argv[0])} <hostId> <hostKey> <controlServerPort>" " <logFile> <logLevel> <depotRemoteUrl> <depotDrive> <depotServerUsername> <depotServerPassword>" " <sessionId> <actionProcessorDesktop> <actionProcessorCommand> <actionProcessorTimeout>" " <runAsUser> <runAsPassword> <createEnvironment>") sys.exit(1) ( # pylint: disable=unbalanced-tuple-unpacking hostId, hostKey, controlServerPort, logFile, logLevel, depotRemoteUrl, depotDrive, depotServerUsername, depotServerPassword, sessionId, actionProcessorDesktop, actionProcessorCommand, actionProcessorTimeout, runAsUser, runAsPassword, createEnvironment) = sys.argv[1:] if hostKey: secret_filter.add_secrets(hostKey) if depotServerPassword: secret_filter.add_secrets(depotServerPassword) if runAsPassword: secret_filter.add_secrets(runAsPassword) init_logging(stderr_level=LOG_NONE, stderr_format=DEFAULT_STDERR_LOG_FORMAT, log_file=logFile, file_level=int(logLevel), file_format=DEFAULT_FILE_LOG_FORMAT) log_instance = f'{os.path.basename(sys.argv[0]).rsplit(".", 1)[0]}_s{sessionId}' with log_context({'instance': log_instance}): logger.debug( "Called with arguments: %s", ', '.join( (hostId, hostKey, controlServerPort, logFile, logLevel, depotRemoteUrl, depotDrive, depotServerUsername, depotServerPassword, sessionId, actionProcessorDesktop, actionProcessorCommand, actionProcessorTimeout, runAsUser, runAsPassword, createEnvironment))) language = "en" try: language = locale.getdefaultlocale()[0].split('_')[0] except Exception as err: # pylint: disable=broad-except logger.debug("Failed to find default language: %s", err) def _(string): """ Fallback function """ return string sp = None try: logger.debug("Loading translation for language '%s'", language) sp = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) if os.path.exists(os.path.join(sp, "site-packages")): sp = os.path.join(sp, "site-packages") sp = os.path.join(sp, 'opsiclientd_data', 'locale') translation = gettext.translation('opsiclientd', sp, [language]) _ = translation.gettext except Exception as err: # pylint: disable=broad-except logger.debug("Failed to load locale for %s from %s: %s", language, sp, err) createEnvironment = bool( runAsUser and createEnvironment.lower() in ('yes', 'true', '1')) actionProcessorTimeout = int(actionProcessorTimeout) imp = None depotShareMounted = False be = None depot_url = urlparse(depotRemoteUrl) try: be = JSONRPCBackend( username=hostId, password=hostKey, address=f"https://127.0.0.1:{controlServerPort}/opsiclientd") if runAsUser: if getpass.getuser().lower() != runAsUser.lower(): logger.info("Impersonating user '%s'", runAsUser) imp = System.Impersonate(username=runAsUser, password=runAsPassword, desktop=actionProcessorDesktop) imp.start(logonType="INTERACTIVE", newDesktop=False, createEnvironment=createEnvironment) elif depot_url.scheme in ("smb", "cifs"): logger.info("Impersonating network account '%s'", depotServerUsername) imp = System.Impersonate(username=depotServerUsername, password=depotServerPassword, desktop=actionProcessorDesktop) imp.start(logonType="NEW_CREDENTIALS") if depot_url.hostname.lower() not in ("127.0.0.1", "localhost", "::1"): logger.notice("Mounting depot share %s", depotRemoteUrl) set_status_message(be, sessionId, _("Mounting depot share %s") % depotRemoteUrl) # pylint: disable=no-member if runAsUser or depot_url.scheme not in ("smb", "cifs"): System.mount(depotRemoteUrl, depotDrive, username=depotServerUsername, password=depotServerPassword) else: System.mount(depotRemoteUrl, depotDrive) depotShareMounted = True logger.notice("Starting action processor") set_status_message(be, sessionId, _("Action processor is running")) # pylint: disable=no-member if imp: imp.runCommand(actionProcessorCommand, timeoutSeconds=actionProcessorTimeout) else: System.execute(actionProcessorCommand, waitForEnding=True, timeout=actionProcessorTimeout) logger.notice("Action processor ended") set_status_message(be, sessionId, _("Action processor ended")) # pylint: disable=no-member except Exception as err: # pylint: disable=broad-except logger.error(err, exc_info=True) error = f"Failed to process action requests: {err}" logger.error(error) if be: set_status_message(be, sessionId, error) if depotShareMounted: try: logger.notice("Unmounting depot share") System.umount(depotDrive) except Exception: # pylint: disable=broad-except pass if imp: try: imp.end() except Exception: # pylint: disable=broad-except pass if be: try: be.backend_exit() except Exception: # pylint: disable=broad-except pass