Esempio n. 1
0
    def qc_sec_5(self, **kwargs):
        """World Writable Files check.
            (kwargs) known_worldwritable_filelist: list with
            the known world writable files.
        """
        qc_step = QCStep("QC_SEC_5", "World Writable Files",
                         os.path.join(CFG["log_path"], "qc_sec_5"))

        r = qc_step.runcmd(("find / -not \\( -path \"/proc\" -prune \\) "
                            "-type f -perm -002 -exec ls -l {} \;"),
                           fail_check=False)
        if r:
            ww_filelist = sec_utils.get_filelist_from_find(r)
            try:
                known_ww_filelist = kwargs["known_worldwritable_filelist"]
            except KeyError:
                known_ww_filelist = []
            if set(ww_filelist).difference(set(known_ww_filelist)):
                qc_step.print_result("FAIL",
                                     "Found %s world-writable file/s." %
                                     len(ww_filelist),
                                     do_abort=True)
            else:
                qc_step.print_result("WARNING", ("Found world-writable file/s "
                                                 "required for operation."))
        else:
            qc_step.print_result("OK", "Found no world-writable file.")
Esempio n. 2
0
    def qc_func_1(self, config):
        """Basic Funcionality Test."""
        qc_step = QCStep("QC_FUNC_1", "Basic Funcionality Test.",
                         os.path.join(CFG["log_path"], "qc_func_1"))

        if config:
            failed_checks = self._run_checks(qc_step, config)
            if failed_checks:
                qc_step.print_result("FAIL",
                                     "Commands failed: %s" % failed_checks,
                                     do_abort=False)
            else:
                qc_step.print_result("OK", ("Basic functionality probes ran "
                                            "successfully."))
        else:
            qc_step.print_result("OK", "No definition found for QC_FUNC_1.")
Esempio n. 3
0
    def qc_func_2(self, config):
        """New features/bug fixes testing."""
        qc_step = QCStep("QC_FUNC_2", "New features/bug fixes testing.",
                         os.path.join(CFG["log_path"], "qc_func_2"))

        if config:
            failed_checks = self._run_checks(qc_step, config)
            if failed_checks:
                qc_step.print_result("FAIL",
                                     "Commands failed: %s" % failed_checks,
                                     do_abort=False)
            else:
                qc_step.print_result("OK",
                                     "Fix/features probes ran successfully.")
        else:
            qc_step.print_result("OK", "No definition found for QC_FUNC_2.")
Esempio n. 4
0
 def qc_info_3(self):
     """Middleware Version Information."""
     qc_step = QCStep("QC_INFO_3",
                      "Middleware Version Information",
                      os.path.join(CFG["log_path"], "qc_info_3"))
     r, msg = self._run_version_check(qc_step)
     if r:
         qc_step.print_result("OK", msg)
     else:
         qc_step.print_result("WARNING", msg)
Esempio n. 5
0
    def qc_sec_2(self):
        """SHA-2 Certificates Support."""
        qc_step = QCStep("QC_SEC_2", "SHA-2 Certificates Support", "qc_sec_2")

        if self.need_cert:
            config.CFG["cert"] = self.ca.issue_cert(
                hash="2048", key_prv="/etc/grid-security/hostkey.pem", key_pub="/etc/grid-security/hostcert.pem"
            )

            r = self.cfgtool.run()
            if r and r.failed:
                qc_step.print_result("FAIL", "YAIM configuration failed with SHA-2 " "certs.", do_abort=True)
            else:
                qc_step.print_result("OK", "Product services can manage SHA-2 " "certs.")
        else:
            qc_step.print_result("NA", "Product does not need certificates.")
Esempio n. 6
0
    def qc_sec_2(self, **kwargs):
        """SHA-2 Certificates Support."""
        qc_step = QCStep("QC_SEC_2", "SHA-2 Certificates Support",
                         os.path.join(CFG["log_path"], "qc_sec_2"))

        if self.need_cert:
            self.ca.issue_cert(hash="2048",
                               key_prv="/etc/grid-security/hostkey.pem",
                               key_pub="/etc/grid-security/hostcert.pem")

            r = self.cfgtool.run(qc_step)
            if r and r.failed:
                qc_step.print_result(
                    "FAIL",
                    "YAIM configuration failed with SHA-2 certs.",
                    do_abort=True)
            else:
                qc_step.print_result(
                    "OK", "Product services can manage SHA-2 certs.")
        else:
            qc_step.print_result("NA", "Product does not need certificates.")
Esempio n. 7
0
    def qc_sec_5(self):
        """World Writable Files check."""
        qc_step = QCStep("QC_SEC_5", "World Writable Files", "qc_sec_5")

        r = qc_step.runcmd(
            (
                'find / -not \\( -path "/proc" -prune \\) '
                '-not \\( -path "/sys" -prune \\) '
                "-type f -perm -002 -exec ls -l {} \;"
            ),
            fail_check=False,
        )
        if r:
            ww_filelist = sec_utils.get_filelist_from_find(r)
            try:
                known_ww_filelist = self.exceptions["known_worldwritable_filelist"]
            except KeyError:
                known_ww_filelist = []
            if set(ww_filelist).difference(set(known_ww_filelist)):
                qc_step.print_result("FAIL", "Found %s world-writable file/s." % len(ww_filelist), do_abort=True)
            else:
                qc_step.print_result("WARNING", ("Found world-writable file/s " "required for operation."))
        else:
            qc_step.print_result("OK", "Found no world-writable file.")
Esempio n. 8
0
 def qc_info_2(self):
     """GlueSchema 2.0 Support."""
     qc_step = QCStep("QC_INFO_2",
                      "GlueSchema 2.0 Support",
                      os.path.join(CFG["log_path"], "qc_info_2"))
     self._run_validator(qc_step, "glue2")
Esempio n. 9
0
    def run(self,
            installation_type,
            epel_release_url,
            umd_release_url,
            repository_url=None,
            **kwargs):
        """Runs UMD installation.

           Arguments::
                installation_type: install from scratch ('install') or
                                   update ('update')
                epel_release_url: EPEL release (URL).
                umd_release_url : UMD release (URL).
                repository_url: base repository URL
                                (with the verification stuff).
        """
        if installation_type == "update":
            qc_step = QCStep("QC_UPGRADE_1", "Upgrade", "/tmp/qc_upgrade_1")
        elif installation_type == "install":
            qc_step = QCStep("QC_INST_1", "Binary Distribution",
                             "/tmp/qc_inst_1")

        r = self.pkgtool.remove(pkgs=["epel-release*", "umd-release*"])
        if r.failed:
            info("Could not delete [epel/umd]-release packages.")

        if qc_step.runcmd(("/bin/rm -f /etc/yum.repos.d/UMD-* "
                           "/etc/yum.repos.d/epel-*")):
            info(("Purged any previous EPEL or UMD repository file."))

        for pkg in (("EPEL", epel_release_url), ("UMD", umd_release_url)):
            pkg_id, pkg_url = pkg
            pkg_base = os.path.basename(pkg_url)
            pkg_loc = os.path.join("/tmp", pkg_base)
            if qc_step.runcmd("wget %s -O %s" % (pkg_url, pkg_loc)):
                info("%s release RPM fetched from %s." % (pkg_id, pkg_url))

            r = self.pkgtool.install(pkgs=[pkg_loc])
            if r.failed:
                qc_step.print_result(
                    "FAIL", "Error while installing %s release." % pkg_id)
            else:
                info("%s release package installed." % pkg_id)

        r = self.pkgtool.install(pkgs=["yum-priorities"])
        if r.failed:
            info("Error while installing 'yum-priorities'.")
        else:
            info("'yum-priorities' (UMD) requirement installed.")

        if installation_type == "update":
            # 1) Install base (production) version
            r = self.pkgtool.install(pkgs=[self.metapkg])
            if r.failed:
                qc_step.print_result("FAIL",
                                     "Error while installing '%s' packages" %
                                     self.metapkg,
                                     do_abort=True)
            else:
                info("UMD product/s '%s' installation finished." %
                     self.metapkg)

            # 2) Enable verification repository
            if repository_url:
                info("Verification repository provided.")
                self._enable_verification_repo(qc_step, repository_url)

            # 3) Update
            r = self.pkgtool.update()
            if r.failed:
                qc_step.print_result("FAIL",
                                     ("Error updating from verification "
                                      "repository."),
                                     do_abort=True)
            else:
                qc_step.print_result("OK", msg="System successfully updated.")
        elif installation_type == "install":
            # 1) Enable verification repository
            if repository_url:
                info("Verification repository provided.")
                self._enable_verification_repo(qc_step, repository_url)

            # 2) Install verification version
            r = self.pkgtool.install(self.metapkg)
            # NOTE(orviz): missing WARNING case
            if r.failed:
                qc_step.print_result("FAIL",
                                     ("There was a failure installing "
                                      "metapackage '%s'." % self.metapkg),
                                     do_abort=True)
            else:
                qc_step.print_result("OK", ("Metapackage '%s' installed "
                                            "successfully.." % self.metapkg))
        else:
            raise exception.InstallException(
                ("Installation type '%s' "
                 "not implemented." % installation_type))