def test_sbin(self):
argv = ["/sbin/subscription-manager", "list"]
self.assertEqual("subscription-manager", cmd_name(argv))
def test_subscription_manager_gui(self):
argv = ["/sbin/subscription-manager-gui"]
self.assertEqual("subscription-manager-gui", cmd_name(argv))
def test_rhsmd(self):
argv = ['/usr/libexec/rhsmd', '-i', '-f', 'valid']
self.assertEquals("rhsmd", cmd_name(argv))
def test_bin(self):
argv = ["bin/subscription-manager", "subscribe", "--auto"]
self.assertEqual("subscription-manager", cmd_name(argv))
def user_agent(self):
return "RHSM-content/1.0 (cmd=%s)" % utils.cmd_name(sys.argv)
def test_virt_who(self):
argv = ['/usr/share/virt-who/virtwho.py']
self.assertEquals("virtwho.py", cmd_name(argv))
def test_yum(self):
argv = ['/bin/yum', 'install', 'zsh']
self.assertEquals("yum", cmd_name(argv))
def test_rhsm_debug(self):
argv = ["/bin/rhsm-debug"]
self.assertEqual("rhsm-debug", cmd_name(argv))
def test_subscription_manager_gui(self):
argv = ['/sbin/subscription-manager-gui']
self.assertEquals("subscription-manager-gui", cmd_name(argv))
def test_initial_setup(self):
argv = ['/usr/lib/python2.7/site-packages/initial_setup/__main__.py']
self.assertEquals("initial-setup", cmd_name(argv))
def test_sbin(self):
argv = ['/sbin/subscription-manager', 'list']
self.assertEquals("subscription-manager", cmd_name(argv))
def test_bin(self):
argv = ['bin/subscription-manager', 'subscribe', '--auto']
self.assertEquals("subscription-manager", cmd_name(argv))
def __init__(self,
host=None,
ssl_port=None,
handler=None,
proxy_hostname=None,
proxy_port=None,
proxy_user=None,
proxy_password=None,
username=None, password=None,
cert_file=None, key_file=None,
insecure=None):
"""
Two ways to authenticate:
- username/password for HTTP basic authentication. (owner admin role)
- uuid/key_file/cert_file for identity cert authentication.
(consumer role)
Must specify one method of authentication or the other, not both.
"""
self.host = host or config.get('server', 'hostname')
self.ssl_port = ssl_port or safe_int(config.get('server', 'port'))
self.handler = handler or config.get('server', 'prefix')
# remove trailing "/" from the prefix if it is there
# BZ848836
self.handler = self.handler.rstrip("/")
# get the proxy information from the environment variable
# if available and host is not in no_proxy
if urllib.proxy_bypass_environment(self.host):
info = {'proxy_username': '',
'proxy_hostname': '',
'proxy_port': '',
'proxy_password': ''}
else:
info = utils.get_env_proxy_info()
self.proxy_hostname = proxy_hostname or config.get('server', 'proxy_hostname') or info['proxy_hostname']
self.proxy_port = proxy_port or config.get('server', 'proxy_port') or info['proxy_port']
self.proxy_user = proxy_user or config.get('server', 'proxy_user') or info['proxy_username']
self.proxy_password = proxy_password or config.get('server', 'proxy_password') or info['proxy_password']
self.cert_file = cert_file
self.key_file = key_file
self.username = username
self.password = password
self.ca_cert_dir = config.get('rhsm', 'ca_cert_dir')
self.ssl_verify_depth = safe_int(config.get('server', 'ssl_verify_depth'))
self.insecure = insecure
if insecure is None:
self.insecure = False
config_insecure = safe_int(config.get('server', 'insecure'))
if config_insecure:
self.insecure = True
using_basic_auth = False
using_id_cert_auth = False
if username and password:
using_basic_auth = True
elif cert_file and key_file:
using_id_cert_auth = True
if using_basic_auth and using_id_cert_auth:
raise Exception("Cannot specify both username/password and "
"cert_file/key_file")
#if not (using_basic_auth or using_id_cert_auth):
# raise Exception("Must specify either username/password or "
# "cert_file/key_file")
proxy_description = None
if self.proxy_hostname and self.proxy_port:
proxy_description = "http_proxy=%s:%s " % (self.proxy_hostname, self.proxy_port)
auth_description = None
# initialize connection
if using_basic_auth:
self.conn = Restlib(self.host, self.ssl_port, self.handler,
username=self.username, password=self.password,
proxy_hostname=self.proxy_hostname, proxy_port=self.proxy_port,
proxy_user=self.proxy_user, proxy_password=self.proxy_password,
ca_dir=self.ca_cert_dir, insecure=self.insecure,
ssl_verify_depth=self.ssl_verify_depth)
auth_description = "auth=basic username=%s" % username
elif using_id_cert_auth:
self.conn = Restlib(self.host, self.ssl_port, self.handler,
cert_file=self.cert_file, key_file=self.key_file,
proxy_hostname=self.proxy_hostname, proxy_port=self.proxy_port,
proxy_user=self.proxy_user, proxy_password=self.proxy_password,
ca_dir=self.ca_cert_dir, insecure=self.insecure,
ssl_verify_depth=self.ssl_verify_depth)
auth_description = "auth=identity_cert ca_dir=%s verify=%s" % (self.ca_cert_dir, self.insecure)
else:
self.conn = Restlib(self.host, self.ssl_port, self.handler,
proxy_hostname=self.proxy_hostname, proxy_port=self.proxy_port,
proxy_user=self.proxy_user, proxy_password=self.proxy_password,
ca_dir=self.ca_cert_dir, insecure=self.insecure,
ssl_verify_depth=self.ssl_verify_depth)
auth_description = "auth=none"
self.conn.user_agent = "RHSM/1.0 (cmd=%s)" % utils.cmd_name(sys.argv)
self.resources = None
self.capabilities = None
connection_description = ""
if proxy_description:
connection_description += proxy_description
connection_description += "host=%s port=%s handler=%s %s" % (self.host, self.ssl_port,
self.handler, auth_description)
log.info("Connection built: %s", connection_description)
def test_yum(self):
argv = ["/bin/yum", "install", "zsh"]
self.assertEqual("yum", cmd_name(argv))
def test_rhsmcertd_worker(self):
argv = ['/usr/libexec/rhsmcertd-worker']
self.assertEquals("rhsmcertd-worker", cmd_name(argv))
def test_rhsmcertd_worker(self):
argv = ["/usr/libexec/rhsmcertd-worker"]
self.assertEqual("rhsmcertd-worker", cmd_name(argv))
def test_rhsm_debug(self):
argv = ['/bin/rhsm-debug']
self.assertEquals("rhsm-debug", cmd_name(argv))
def test_virt_who(self):
argv = ["/usr/share/virt-who/virtwho.py"]
self.assertEqual("virtwho.py", cmd_name(argv))
def main(self, args=None):
# TODO: For now, we disable the CLI entirely. We may want to allow some commands in the future.
if rhsm.config.in_container():
system_exit(
os.EX_CONFIG,
_("subscription-manager is disabled when running inside a container. Please refer to your host system for subscription management.\n"
),
)
config_changed = False
# In testing we sometimes specify args, otherwise use the default:
if args is None:
args = sys.argv[2:]
(self.options, unknown_args) = self.parser.parse_known_args(args)
# check for unparsed arguments
if unknown_args:
message: str = _("{prog}: error: no such option: {args}").format(
prog=cmd_name(sys.argv),
args=" ".join(unknown_args),
)
system_exit(os.EX_USAGE, message)
if hasattr(self.options, "insecure") and self.options.insecure:
conf["server"]["insecure"] = "1"
config_changed = True
if hasattr(self.options, "server_url") and self.options.server_url:
try:
(self.server_hostname, self.server_port,
self.server_prefix) = parse_server_info(
self.options.server_url, conf)
except ServerUrlParseError as e:
print(_("Error parsing serverurl:"))
handle_exception("Error parsing serverurl:", e)
conf["server"]["hostname"] = self.server_hostname
conf["server"]["port"] = self.server_port
conf["server"]["prefix"] = self.server_prefix
if self.server_port:
self.server_port = int(self.server_port)
config_changed = True
if hasattr(self.options, "base_url") and self.options.base_url:
try:
(baseurl_server_hostname, baseurl_server_port,
baseurl_server_prefix) = parse_baseurl_info(
self.options.base_url)
except ServerUrlParseError as e:
print(_("Error parsing baseurl:"))
handle_exception("Error parsing baseurl:", e)
conf["rhsm"]["baseurl"] = format_baseurl(baseurl_server_hostname,
baseurl_server_port,
baseurl_server_prefix)
config_changed = True
# support foo.example.com:3128 format
if hasattr(self.options, "proxy_url") and self.options.proxy_url:
parts = remove_scheme(self.options.proxy_url).split(":")
self.proxy_hostname = parts[0]
# no ':'
if len(parts) > 1:
self.proxy_port = int(parts[1])
else:
# if no port specified, use the one from the config, or fallback to the default
self.proxy_port = conf["server"].get_int(
"proxy_port") or rhsm.config.DEFAULT_PROXY_PORT
config_changed = True
if hasattr(self.options, "proxy_user") and self.options.proxy_user:
self.proxy_user = self.options.proxy_user
if hasattr(self.options,
"proxy_password") and self.options.proxy_password:
self.proxy_password = self.options.proxy_password
if hasattr(self.options, "no_proxy") and self.options.no_proxy:
self.no_proxy = self.options.no_proxy
# Proxy information isn't written to the config, so we have to make sure
# the sorter gets it
connection_info = {}
if self.proxy_hostname:
connection_info["proxy_hostname_arg"] = self.proxy_hostname
if self.proxy_port:
connection_info["proxy_port_arg"] = self.proxy_port
if self.proxy_user:
connection_info["proxy_user_arg"] = self.proxy_user
if self.proxy_password:
connection_info["proxy_password_arg"] = self.proxy_password
if self.server_hostname:
connection_info["host"] = self.server_hostname
if self.server_port:
connection_info["ssl_port"] = self.server_port
if self.server_prefix:
connection_info["handler"] = self.server_prefix
if self.no_proxy:
connection_info["no_proxy_arg"] = self.no_proxy
self.cp_provider = inj.require(inj.CP_PROVIDER)
self.cp_provider.set_connection_info(**connection_info)
self.log.debug("X-Correlation-ID: {id}".format(id=self.correlation_id))
self.cp_provider.set_correlation_id(self.correlation_id)
self.log_client_version()
if self.require_connection():
# make sure we pass in the new server info, otherwise we
# we use the defaults from connection module init
# we've set self.proxy* here, so we'll use them if they
# are set
self.cp = self.cp_provider.get_consumer_auth_cp()
# no auth cp for get / (resources) and
# get /status (status and versions)
self.no_auth_cp = self.cp_provider.get_no_auth_cp()
self.entcertlib = EntCertActionInvoker()
if config_changed:
try:
# this tries to actually connect to the server and ping it
if not is_valid_server_info(self.no_auth_cp):
system_exit(
os.EX_UNAVAILABLE,
_("Unable to reach the server at {host}:{port}{handler}"
).format(
host=self.no_auth_cp.host,
port=self.no_auth_cp.ssl_port,
handler=self.no_auth_cp.handler,
),
)
except MissingCaCertException:
system_exit(
os.EX_CONFIG,
_("Error: CA certificate for subscription service has not been installed."
),
)
except ProxyException:
system_exit(
os.EX_UNAVAILABLE,
_("Proxy connection failed, please check your settings."
))
else:
self.cp = None
# do the work, catch most common errors here:
try:
return_code = self._do_command()
# Only persist the config changes if there was no exception
if config_changed and self.persist_server_options():
conf.persist()
if return_code is not None:
return return_code
except (CertificateException, ssl.SSLError) as e:
log.error(e)
system_exit(os.EX_SOFTWARE,
_("System certificates corrupted. Please reregister."))
except connection.GoneException as ge:
if ge.deleted_id == self.identity.uuid:
log.critical(
'Consumer profile "{uuid}" has been deleted from the server.'
.format(uuid=self.identity.uuid))
system_exit(
os.EX_UNAVAILABLE,
_('Consumer profile "{uuid}" has been deleted from the server. You can use command clean or unregister to remove local profile.'
).format(uuid=self.identity.uuid),
)
else:
raise ge
except InvalidCLIOptionError as err:
# This exception is handled in cli module
raise err
except Exception as err:
handle_exception("exception caught in subscription-manager", err)
