def process_rules(self): """ Process string from firewall-cmd application output on EL7, matches ANY source/dest address rule specifications Note: the expected input is line separated <port>/<proto> pairs, this will give any explicitly allowed rules added by IML and other applications to the default zone but will not list named services enabled in firewalld Empty string is a valid input indicating no explicitly added port/proto rules :return: None on success/valid input, error string otherwise """ result = self.remote_access_func(self.address, self.firewall_list_cmd) if result.rc != 0: from iml_common.lib.shell import Shell raise RuntimeError( """process_rules(): remote shell command failed unexpectedly (%s), is firewall-cmd running? (%s) (%s) systemctl status firewalld: %s systemctl status polkit: %s journalctl -n 100: %s""" % ( result.rc, result.stdout, result.stderr, Shell.run(["systemctl", "status", "firewalld"]).stdout, Shell.run(["systemctl", "status", "polkit"]).stdout, Shell.run(["journalctl", "-n", "100"]).stdout, ) ) if result.stdout.strip() == "": return None # handle output separated by either new-line chars, spaces, or both tokens = [token for token in result.stdout.replace("\n", " ").split() if token] # as we are reading in a new firewall table content, reset 'rules' member list self.rules = [] index = 0 while index < len(tokens): match = re.search("(?P<port>\d+)\/(?P<proto>\w+)", tokens[index]) if match: # Note: because we are uncertain about the command used to obtain the input string, assume persist=False self.rules.append(self.firewall_rule(match.group("port"), match.group("proto"))) else: raise RuntimeError( 'process_rules(): "%s" command output contains unexpected firewall-cmd output' % self.firewall_list_cmd ) index += 1 return None
def host_test(address, issue_num): def print_result(r): return "rc: %s\n\nstdout:\n%s\n\nstderr:\n%s" % \ (r.rc, r.stdout, r.stderr) ping_result1 = Shell.run(['ping', '-c', '1', '-W', '1', address]) ping_result2_report = "" ip_addr_result = Shell.run(['ip', 'addr', 'ls']) ip_route_ls_result = Shell.run(['ip', 'route', 'ls']) try: gw = [ l for l in ip_route_ls_result.stdout.split('\n') if l.startswith("default ") ][0].split()[2] ping_gw_result = Shell.run(['ping', '-c', '1', '-W', '1', gw]) ping_gw_report = "\nping gateway (%s): %s" % \ (gw, print_result(ping_gw_result)) except: ping_gw_report = "\nUnable to ping gatewy. " \ "No gateway could be found in:\n" % \ ip_route_ls_result.stdout if ping_result1.rc != 0: time.sleep(30) ping_result2 = Shell.run( ['ping', '-c', '1', '-W', '1', address]) ping_result2_report = "\n30s later ping: %s" % \ print_result(ping_result2) msg = "Error connecting to %s: %s.\n" \ "Please add the following to " \ "https://github.com/intel-hpdd/intel-manager-for-lustre/issues/%s\n" \ "Performing some diagnostics...\n" \ "ping: %s\n" \ "ifconfig -a: %s\n" \ "ip route ls: %s" \ "%s" \ "%s" % \ (address, e, issue_num, print_result(ping_result1), print_result(ip_addr_result), print_result(ip_route_ls_result), ping_gw_report, ping_result2_report) logger.error(msg) DEVNULL = open(os.devnull, 'wb') p = subprocess.Popen(['sendmail', '-t'], stdin=subprocess.PIPE, stdout=DEVNULL, stderr=DEVNULL) p.communicate(input=b'To: [email protected]\n' 'Subject: GH#%s\n\n' % issue_num + msg) p.wait() DEVNULL.close()
def host_test(address, issue_num): def print_result(r): return "rc: %s\n\nstdout:\n%s\n\nstderr:\n%s" % (r.rc, r.stdout, r.stderr) ping_result1 = Shell.run(["ping", "-c", "1", "-W", "1", address]) ping_result2_report = "" ip_addr_result = Shell.run(["ip", "addr", "ls"]) ip_route_ls_result = Shell.run(["ip", "route", "ls"]) try: gw = [l for l in ip_route_ls_result.stdout.split("\n") if l.startswith("default ")][0].split()[2] ping_gw_result = Shell.run(["ping", "-c", "1", "-W", "1", gw]) ping_gw_report = "\nping gateway (%s): %s" % (gw, print_result(ping_gw_result)) except: ping_gw_report = ( "\nUnable to ping gatewy. " "No gateway could be found in:\n" % ip_route_ls_result.stdout ) if ping_result1.rc != 0: time.sleep(30) ping_result2 = Shell.run(["ping", "-c", "1", "-W", "1", address]) ping_result2_report = "\n30s later ping: %s" % print_result(ping_result2) msg = ( "Error connecting to %s: %s.\n" "Please add the following to " "https://github.com/whamcloud/integrated-manager-for-lustre/issues/%s\n" "Performing some diagnostics...\n" "ping: %s\n" "ifconfig -a: %s\n" "ip route ls: %s" "%s" "%s" % ( address, e, issue_num, print_result(ping_result1), print_result(ip_addr_result), print_result(ip_route_ls_result), ping_gw_report, ping_result2_report, ) ) logger.error(msg) DEVNULL = open(os.devnull, "wb") p = subprocess.Popen(["sendmail", "-t"], stdin=subprocess.PIPE, stdout=DEVNULL, stderr=DEVNULL) p.communicate(input=b"To: [email protected]\n" b"Subject: GH#%s\n\n" % issue_num + msg) p.wait() DEVNULL.close()
def test_create_neither_present(self): values = { "which %s" % RemoteFirewallControlFirewallCmd.firewall_app_name: Shell.RunResult(1, "", "", False), "which %s" % RemoteFirewallControlIpTables.firewall_app_name: Shell.RunResult(1, "", "", False), } def side_effect(address, cmd): return values[cmd] self.mock_ssh.side_effect = side_effect with self.assertRaises(RuntimeError): RemoteFirewallControl.create("0.0.0.0", RRO(None)._ssh_address)
def _fake_run(self, arg_list, logger=None, monitor_func=None, timeout=Shell.SHELLTIMEOUT, shell=False): assert type(arg_list) in [ list, str, unicode ], 'arg list must be list or str :%s' % type(arg_list) # Allow simple commands to just be presented as a string. However do not start formatting the string this # will be rejected in a code review. If it has args present them as a list. if type(arg_list) in [str, unicode]: arg_list = arg_list.split() args = tuple(arg_list) self._commands_history.append(args) try: result = self._get_executable_command(args) result.executions_remaining -= 1 if result.rc == self.CommandNotFound: raise OSError(errno.ENOENT, result.stderr) return Shell.RunResult(result.rc, result.stdout, result.stderr, False) except KeyError: raise OSError(errno.ENOENT, self._missing_command_err_msg % ' '.join(arg_list))
def test_create(self): values = { "which %s" % RemoteFirewallControlFirewallCmd.firewall_app_name: Shell.RunResult(1, "", "", False), "which %s" % RemoteFirewallControlIpTables.firewall_app_name: Shell.RunResult(0, "", "", False), } def side_effect(address, cmd): return values[cmd] self.mock_ssh.side_effect = side_effect new_controller = RemoteFirewallControl.create("0.0.0.0", RRO(None)._ssh_address) self.assertEquals(type(new_controller), RemoteFirewallControlIpTables)
def run(arg_list): values = { ("rpm", "-q", "--whatprovides", "kmod-lustre"): "kmod-lustre-1.2.3-1.el6.x86_64\n", ("uname", "-r"): "2.6.32-358.2.1.el6.x86_64\n", ("rpm", "-q", "kernel"): "kernel-2.6.32-358.2.1.el6.x86_64\n" "kernel-2.6.32-358.18.1.el6_lustre.x86_64\n" } return Shell.RunResult(0, values[tuple(arg_list)], "", False)
def example_func_1(address, command, expected_return_code=None): # example output from 'iptables -L' or 'service iptables status' if firewall not configured not_configured_output = """Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination """ return Shell.RunResult(0, not_configured_output, "", False)
def example_func_3(address, command, expected_return_code=None): # example output from 'iptables -L' or 'service iptables status' chain_output = """Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123 5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443 8 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) num target prot opt source destination """ return Shell.RunResult(0, chain_output, "", False)
def run(arg_list): values = {("getenforce", ): "Enforcing\n"} return Shell.RunResult(0, values[tuple(arg_list)], "", False)
def example_func_2(address, command, expected_return_code=None): return Shell.RunResult(0, "", "", False)
# the stdout will wait until the command finishes, so its not necessary to have # recv_exit_status to block on it first. Closing the channel must come last, # or else reading from stdout/stderr will return an empty string. stdout = channel.makefile('rb').read() stderr = channel.makefile_stderr('rb').read() rc = channel.recv_exit_status() channel.close() # Verify we recieved the correct exit status if one was specified. if expected_return_code is not None: self._test_case.assertEqual( rc, expected_return_code, "rc (%s) != expected_return_code (%s), stdout: '%s', stderr: '%s'" % (rc, expected_return_code, stdout, stderr)) return Shell.RunResult(rc, stdout, stderr, timeout=False) def _ssh_fqdn(self, fqdn, command, expected_return_code=0, timeout=TEST_TIMEOUT, buffer=None): address = None for host in config['lustre_servers']: if host['fqdn'] == fqdn: address = host['address'] if address is None: raise KeyError(fqdn) return self._ssh_address(address, command, expected_return_code,
def example_func_4(address, command, expected_return_code=None): list_ports_output = """123/udp 22/tcp 80/tcp 443/tcp """ return Shell.RunResult(0, list_ports_output, "", False)
def example_func_2(address, command, expected_return_code=None): return Shell.RunResult(0, "Chain INPUT (policy ACCEPT)", "", False)
class RealRemoteOperations(RemoteOperations): def __init__(self, test_case): self._test_case = test_case def fail_connections(self, fail): # Ways to implement this outside simulation: # * Insert a firewall rule to drop packages between agent and manager # * Stop the management network interface on the storage server # * Switch off the management switch port that the storage server is connected to raise NotImplementedError() def drop_responses(self, fail): # Ways to implement this outside simulation: # * Insert a transparent HTTP proxy between agent and manager, which drops responses # * Use a firewall rule to drop manager->agent TCP streams after N bytes to cause responses # to be mangled. raise NotImplementedError() def _ssh_address_no_check(self, address, command_string): """ pass _ssh_address expected_return_code=None, so exception not raised on nonzero return code """ return self._ssh_address(address, command_string, expected_return_code=None) # TODO: reconcile this with the one in UtilityTestCase, ideally all remote # operations would flow through here to avoid rogue SSH calls def _ssh_address(self, address, command, expected_return_code=0, timeout=TEST_TIMEOUT, buffer=None, as_root=True): """ Executes a command on a remote server over ssh. Sends a command over ssh to a remote machine and returns the stdout, stderr, and exit status. It will verify that the exit status of the command matches expected_return_code unless expected_return_code=None. """ def host_test(address, issue_num): def print_result(r): return "rc: %s\n\nstdout:\n%s\n\nstderr:\n%s" % \ (r.rc, r.stdout, r.stderr) ping_result1 = Shell.run(['ping', '-c', '1', '-W', '1', address]) ping_result2_report = "" ip_addr_result = Shell.run(['ip', 'addr', 'ls']) ip_route_ls_result = Shell.run(['ip', 'route', 'ls']) try: gw = [ l for l in ip_route_ls_result.stdout.split('\n') if l.startswith("default ") ][0].split()[2] ping_gw_result = Shell.run(['ping', '-c', '1', '-W', '1', gw]) ping_gw_report = "\nping gateway (%s): %s" % \ (gw, print_result(ping_gw_result)) except: ping_gw_report = "\nUnable to ping gatewy. " \ "No gateway could be found in:\n" % \ ip_route_ls_result.stdout if ping_result1.rc != 0: time.sleep(30) ping_result2 = Shell.run( ['ping', '-c', '1', '-W', '1', address]) ping_result2_report = "\n30s later ping: %s" % \ print_result(ping_result2) msg = "Error connecting to %s: %s.\n" \ "Please add the following to " \ "https://github.com/intel-hpdd/intel-manager-for-lustre/issues/%s\n" \ "Performing some diagnostics...\n" \ "ping: %s\n" \ "ifconfig -a: %s\n" \ "ip route ls: %s" \ "%s" \ "%s" % \ (address, e, issue_num, print_result(ping_result1), print_result(ip_addr_result), print_result(ip_route_ls_result), ping_gw_report, ping_result2_report) logger.error(msg) DEVNULL = open(os.devnull, 'wb') p = subprocess.Popen(['sendmail', '-t'], stdin=subprocess.PIPE, stdout=DEVNULL, stderr=DEVNULL) p.communicate(input=b'To: [email protected]\n' 'Subject: GH#%s\n\n' % issue_num + msg) p.wait() DEVNULL.close() logger.debug("remote_command[%s]: %s" % (address, command)) ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # the set -e just sets up a fail-safe execution environment where # any shell commands in command that fail and are not error checked # cause the shell to fail, alerting the caller that one of their # commands failed unexpectedly command = "set -e; %s" % command # exec 0<&- being prefixed to the shell command string below closes # the shell's stdin as we don't expect any uses of remote_command() # to read from stdin if not buffer: command = "exec 0<&-; %s" % command args = {'username': '******'} # If given an ssh_config file, require that it defines # a private key and username for accessing this host config_path = config.get('ssh_config', None) if config_path: ssh_config = paramiko.SSHConfig() ssh_config.parse(open(config_path)) host_config = ssh_config.lookup(address) address = host_config['hostname'] if 'user' in host_config: args['username'] = host_config['user'] if args['username'] != 'root' and as_root: command = "sudo sh -c \"{}\"".format( command.replace('"', '\\"')) if 'identityfile' in host_config: args['key_filename'] = host_config['identityfile'][0] # Work around paramiko issue 157, failure to parse quoted values # (vagrant always quotes IdentityFile) args['key_filename'] = args['key_filename'].strip("\"") logger.info("SSH address = %s, args = %s" % (address, args)) # Create ssh connection try: ssh.connect(address, **args) except paramiko.ssh_exception.SSHException, e: host_test(address, "29") return Shell.RunResult(1, "", "", timeout=False) transport = ssh.get_transport() transport.set_keepalive(20) channel = transport.open_session() channel.settimeout(timeout) # Actually execute the command try: channel.exec_command(command) except paramiko.transport.Socket, e: host_test(address, "72") return Shell.RunResult(1, "", "", timeout=False)
def run(arg_list): values = { ("rpm", "-q", "kernel"): { "rc": 0, "stdout": "kernel-2.6.32-358.2.1.el6.x86_64\n" "kernel-2.6.32-358.18.1.el6_lustre.x86_64\n", }, ("rpm", "-q", "--whatprovides", "kmod-lustre"): { "rc": 0, "stdout": "kmod-lustre-1.2.3-1.el6.x86_64\n", }, ("rpm", "-ql", "--whatprovides", "lustre-osd", "kmod-lustre"): { "rc": 0, "stdout": "/lib/modules/2.6.32-358.18.1.el7_lustre.x86_64/extra/lustre/fs/lustre.ko\n" "/lib/modules/2.6.32-358.18.1.el7_lustre.x86_64/extra/lustre-osd-ldiskfs/fs/osd_ldiskfs.ko\n", }, ( "modinfo", "-n", "-k", "2.6.32-358.2.1.el6.x86_64", "lustre", "osd_ldiskfs", ): { "rc": 1, "stdout": "" }, ( "modinfo", "-n", "-k", "2.6.32-358.18.1.el6_lustre.x86_64", "lustre", "osd_ldiskfs", ): { "rc": 0, "stdout": "/lib/modules/2.6.32-358.18.1.el7_lustre.x86_64/extra/lustre/fs/lustre.ko\n" "/lib/modules/2.6.32-358.18.1.el7_lustre.x86_64/extra/lustre-osd-ldiskfs/fs/osd_ldiskfs.ko\n", }, ("uname", "-m"): { "rc": 0, "stdout": "x86_64\n" }, ("uname", "-r"): { "rc": 0, "stdout": "2.6.32-358.2.1.el6.x86_64\n" }, } return Shell.RunResult( values[tuple(arg_list)]["rc"], values[tuple(arg_list)]["stdout"], "", False, )
def _ssh_address(self, address, command, expected_return_code=0, timeout=TEST_TIMEOUT, buffer=None, as_root=True): """ Executes a command on a remote server over ssh. Sends a command over ssh to a remote machine and returns the stdout, stderr, and exit status. It will verify that the exit status of the command matches expected_return_code unless expected_return_code=None. """ def host_test(address, issue_num): def print_result(r): return "rc: %s\n\nstdout:\n%s\n\nstderr:\n%s" % \ (r.rc, r.stdout, r.stderr) ping_result1 = Shell.run(['ping', '-c', '1', '-W', '1', address]) ping_result2_report = "" ip_addr_result = Shell.run(['ip', 'addr', 'ls']) ip_route_ls_result = Shell.run(['ip', 'route', 'ls']) try: gw = [ l for l in ip_route_ls_result.stdout.split('\n') if l.startswith("default ") ][0].split()[2] ping_gw_result = Shell.run(['ping', '-c', '1', '-W', '1', gw]) ping_gw_report = "\nping gateway (%s): %s" % \ (gw, print_result(ping_gw_result)) except: ping_gw_report = "\nUnable to ping gatewy. " \ "No gateway could be found in:\n" % \ ip_route_ls_result.stdout if ping_result1.rc != 0: time.sleep(30) ping_result2 = Shell.run( ['ping', '-c', '1', '-W', '1', address]) ping_result2_report = "\n30s later ping: %s" % \ print_result(ping_result2) msg = "Error connecting to %s: %s.\n" \ "Please add the following to " \ "https://github.com/intel-hpdd/intel-manager-for-lustre/issues/%s\n" \ "Performing some diagnostics...\n" \ "ping: %s\n" \ "ifconfig -a: %s\n" \ "ip route ls: %s" \ "%s" \ "%s" % \ (address, e, issue_num, print_result(ping_result1), print_result(ip_addr_result), print_result(ip_route_ls_result), ping_gw_report, ping_result2_report) logger.error(msg) DEVNULL = open(os.devnull, 'wb') p = subprocess.Popen(['sendmail', '-t'], stdin=subprocess.PIPE, stdout=DEVNULL, stderr=DEVNULL) p.communicate(input=b'To: [email protected]\n' 'Subject: GH#%s\n\n' % issue_num + msg) p.wait() DEVNULL.close() logger.debug("remote_command[%s]: %s" % (address, command)) ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # the set -e just sets up a fail-safe execution environment where # any shell commands in command that fail and are not error checked # cause the shell to fail, alerting the caller that one of their # commands failed unexpectedly command = "set -e; %s" % command # exec 0<&- being prefixed to the shell command string below closes # the shell's stdin as we don't expect any uses of remote_command() # to read from stdin if not buffer: command = "exec 0<&-; %s" % command args = {'username': '******'} # If given an ssh_config file, require that it defines # a private key and username for accessing this host config_path = config.get('ssh_config', None) if config_path: ssh_config = paramiko.SSHConfig() ssh_config.parse(open(config_path)) host_config = ssh_config.lookup(address) address = host_config['hostname'] if 'user' in host_config: args['username'] = host_config['user'] if args['username'] != 'root' and as_root: command = "sudo sh -c \"{}\"".format( command.replace('"', '\\"')) if 'identityfile' in host_config: args['key_filename'] = host_config['identityfile'][0] # Work around paramiko issue 157, failure to parse quoted values # (vagrant always quotes IdentityFile) args['key_filename'] = args['key_filename'].strip("\"") logger.info("SSH address = %s, args = %s" % (address, args)) # Create ssh connection try: ssh.connect(address, **args) except paramiko.ssh_exception.SSHException, e: host_test(address, "29") return Shell.RunResult(1, "", "", timeout=False)
def _ssh_address(self, address, command, expected_return_code=0, timeout=TEST_TIMEOUT, buffer=None, as_root=True): """ Executes a command on a remote server over ssh. Sends a command over ssh to a remote machine and returns the stdout, stderr, and exit status. It will verify that the exit status of the command matches expected_return_code unless expected_return_code=None. """ def host_test(address, issue_num): def print_result(r): return "rc: %s\n\nstdout:\n%s\n\nstderr:\n%s" % ( r.rc, r.stdout, r.stderr) ping_result1 = Shell.run(["ping", "-c", "1", "-W", "1", address]) ping_result2_report = "" ip_addr_result = Shell.run(["ip", "addr", "ls"]) ip_route_ls_result = Shell.run(["ip", "route", "ls"]) try: gw = [ l for l in ip_route_ls_result.stdout.split("\n") if l.startswith("default ") ][0].split()[2] ping_gw_result = Shell.run(["ping", "-c", "1", "-W", "1", gw]) ping_gw_report = "\nping gateway (%s): %s" % ( gw, print_result(ping_gw_result)) except: ping_gw_report = ("\nUnable to ping gatewy. " "No gateway could be found in:\n" % ip_route_ls_result.stdout) if ping_result1.rc != 0: time.sleep(30) ping_result2 = Shell.run( ["ping", "-c", "1", "-W", "1", address]) ping_result2_report = "\n30s later ping: %s" % print_result( ping_result2) msg = ( "Error connecting to %s: %s.\n" "Please add the following to " "https://github.com/whamcloud/integrated-manager-for-lustre/issues/%s\n" "Performing some diagnostics...\n" "ping: %s\n" "ifconfig -a: %s\n" "ip route ls: %s" "%s" "%s" % ( address, e, issue_num, print_result(ping_result1), print_result(ip_addr_result), print_result(ip_route_ls_result), ping_gw_report, ping_result2_report, )) logger.error(msg) DEVNULL = open(os.devnull, "wb") p = subprocess.Popen(["sendmail", "-t"], stdin=subprocess.PIPE, stdout=DEVNULL, stderr=DEVNULL) p.communicate(input=b"To: [email protected]\n" b"Subject: GH#%s\n\n" % issue_num + msg) p.wait() DEVNULL.close() logger.debug("remote_command[%s]: %s" % (address, command)) ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # the set -e just sets up a fail-safe execution environment where # any shell commands in command that fail and are not error checked # cause the shell to fail, alerting the caller that one of their # commands failed unexpectedly command = "set -e; %s" % command # exec 0<&- being prefixed to the shell command string below closes # the shell's stdin as we don't expect any uses of remote_command() # to read from stdin if not buffer: command = "exec 0<&-; %s" % command args = {"username": "******"} # If given an ssh_config file, require that it defines # a private key and username for accessing this host config_path = config.get("ssh_config", None) if config_path: ssh_config = paramiko.SSHConfig() ssh_config.parse(open(config_path)) host_config = ssh_config.lookup(address) address = host_config["hostname"] if "user" in host_config: args["username"] = host_config["user"] if args["username"] != "root" and as_root: command = 'sudo sh -c "{}"'.format( command.replace('"', '\\"')) if "identityfile" in host_config: args["key_filename"] = host_config["identityfile"][0] # Work around paramiko issue 157, failure to parse quoted values # (vagrant always quotes IdentityFile) args["key_filename"] = args["key_filename"].strip('"') logger.info( "SSH address = %s, timeout = %d, write len = %d, args = %s" % (address, timeout, len(buffer or ""), args)) # Create ssh connection try: ssh.connect(address, **args) except paramiko.ssh_exception.SSHException as e: host_test(address, "29") return Shell.RunResult(1, "", "", timeout=False) transport = ssh.get_transport() transport.set_keepalive(20) channel = transport.open_session() channel.settimeout(timeout) # Actually execute the command try: channel.exec_command(command) except paramiko.transport.Socket as e: host_test(address, "72") return Shell.RunResult(1, "", "", timeout=False) if buffer: stdin = channel.makefile("wb") stdin.write(buffer) stdin.close() # Always shutdown write to ensure executable does not wait on input channel.shutdown_write() # Store results. This needs to happen in this order. If recv_exit_status is # read first, it can block indefinitely due to paramiko bug #448. The read on # the stdout will wait until the command finishes, so its not necessary to have # recv_exit_status to block on it first. Closing the channel must come last, # or else reading from stdout/stderr will return an empty string. stdout = channel.makefile("rb").read() stderr = channel.makefile_stderr("rb").read() rc = channel.recv_exit_status() channel.close() # Verify we recieved the correct exit status if one was specified. if expected_return_code is not None: self._test_case.assertEqual( rc, expected_return_code, "rc (%s) != expected_return_code (%s), stdout: '%s', stderr: '%s'" % (rc, expected_return_code, stdout, stderr), ) return Shell.RunResult(rc, stdout, stderr, timeout=False)
def run(arg_list): values = {("getenforce", ): ""} return Shell.RunResult(127, values[tuple(arg_list)], "getenforce: command not found", False)