def qc_info_3(self): """Middleware Version Information.""" qc_step = QCStep("QC_INFO_3", "Middleware Version Information", os.path.join(CFG["log_path"], "qc_info_3")) r, msg = self._run_version_check(qc_step) if r: qc_step.print_result("OK", msg) else: qc_step.print_result("WARNING", msg)
def qc_sec_5(self, **kwargs): """World Writable Files check. (kwargs) known_worldwritable_filelist: list with the known world writable files. """ qc_step = QCStep("QC_SEC_5", "World Writable Files", os.path.join(CFG["log_path"], "qc_sec_5")) r = qc_step.runcmd(("find / -not \\( -path \"/proc\" -prune \\) " "-type f -perm -002 -exec ls -l {} \;"), fail_check=False) if r: ww_filelist = sec_utils.get_filelist_from_find(r) try: known_ww_filelist = kwargs["known_worldwritable_filelist"] except KeyError: known_ww_filelist = [] if set(ww_filelist).difference(set(known_ww_filelist)): qc_step.print_result("FAIL", "Found %s world-writable file/s." % len(ww_filelist), do_abort=True) else: qc_step.print_result("WARNING", ("Found world-writable file/s " "required for operation.")) else: qc_step.print_result("OK", "Found no world-writable file.")
def qc_func_1(self, config): """Basic Funcionality Test.""" qc_step = QCStep("QC_FUNC_1", "Basic Funcionality Test.", os.path.join(CFG["log_path"], "qc_func_1")) if config: failed_checks = self._run_checks(qc_step, config) if failed_checks: qc_step.print_result("FAIL", "Commands failed: %s" % failed_checks, do_abort=False) else: qc_step.print_result("OK", ("Basic functionality probes ran " "successfully.")) else: qc_step.print_result("OK", "No definition found for QC_FUNC_1.")
def qc_func_2(self, config): """New features/bug fixes testing.""" qc_step = QCStep("QC_FUNC_2", "New features/bug fixes testing.", os.path.join(CFG["log_path"], "qc_func_2")) if config: failed_checks = self._run_checks(qc_step, config) if failed_checks: qc_step.print_result("FAIL", "Commands failed: %s" % failed_checks, do_abort=False) else: qc_step.print_result("OK", "Fix/features probes ran successfully.") else: qc_step.print_result("OK", "No definition found for QC_FUNC_2.")
def qc_sec_2(self): """SHA-2 Certificates Support.""" qc_step = QCStep("QC_SEC_2", "SHA-2 Certificates Support", "qc_sec_2") if self.need_cert: config.CFG["cert"] = self.ca.issue_cert( hash="2048", key_prv="/etc/grid-security/hostkey.pem", key_pub="/etc/grid-security/hostcert.pem" ) r = self.cfgtool.run() if r and r.failed: qc_step.print_result("FAIL", "YAIM configuration failed with SHA-2 " "certs.", do_abort=True) else: qc_step.print_result("OK", "Product services can manage SHA-2 " "certs.") else: qc_step.print_result("NA", "Product does not need certificates.")
def qc_sec_2(self, **kwargs): """SHA-2 Certificates Support.""" qc_step = QCStep("QC_SEC_2", "SHA-2 Certificates Support", os.path.join(CFG["log_path"], "qc_sec_2")) if self.need_cert: self.ca.issue_cert(hash="2048", key_prv="/etc/grid-security/hostkey.pem", key_pub="/etc/grid-security/hostcert.pem") r = self.cfgtool.run(qc_step) if r and r.failed: qc_step.print_result( "FAIL", "YAIM configuration failed with SHA-2 certs.", do_abort=True) else: qc_step.print_result( "OK", "Product services can manage SHA-2 certs.") else: qc_step.print_result("NA", "Product does not need certificates.")
def qc_sec_5(self): """World Writable Files check.""" qc_step = QCStep("QC_SEC_5", "World Writable Files", "qc_sec_5") r = qc_step.runcmd( ( 'find / -not \\( -path "/proc" -prune \\) ' '-not \\( -path "/sys" -prune \\) ' "-type f -perm -002 -exec ls -l {} \;" ), fail_check=False, ) if r: ww_filelist = sec_utils.get_filelist_from_find(r) try: known_ww_filelist = self.exceptions["known_worldwritable_filelist"] except KeyError: known_ww_filelist = [] if set(ww_filelist).difference(set(known_ww_filelist)): qc_step.print_result("FAIL", "Found %s world-writable file/s." % len(ww_filelist), do_abort=True) else: qc_step.print_result("WARNING", ("Found world-writable file/s " "required for operation.")) else: qc_step.print_result("OK", "Found no world-writable file.")
def run(self, installation_type, epel_release_url, umd_release_url, repository_url=None, **kwargs): """Runs UMD installation. Arguments:: installation_type: install from scratch ('install') or update ('update') epel_release_url: EPEL release (URL). umd_release_url : UMD release (URL). repository_url: base repository URL (with the verification stuff). """ if installation_type == "update": qc_step = QCStep("QC_UPGRADE_1", "Upgrade", "/tmp/qc_upgrade_1") elif installation_type == "install": qc_step = QCStep("QC_INST_1", "Binary Distribution", "/tmp/qc_inst_1") r = self.pkgtool.remove(pkgs=["epel-release*", "umd-release*"]) if r.failed: info("Could not delete [epel/umd]-release packages.") if qc_step.runcmd(("/bin/rm -f /etc/yum.repos.d/UMD-* " "/etc/yum.repos.d/epel-*")): info(("Purged any previous EPEL or UMD repository file.")) for pkg in (("EPEL", epel_release_url), ("UMD", umd_release_url)): pkg_id, pkg_url = pkg pkg_base = os.path.basename(pkg_url) pkg_loc = os.path.join("/tmp", pkg_base) if qc_step.runcmd("wget %s -O %s" % (pkg_url, pkg_loc)): info("%s release RPM fetched from %s." % (pkg_id, pkg_url)) r = self.pkgtool.install(pkgs=[pkg_loc]) if r.failed: qc_step.print_result( "FAIL", "Error while installing %s release." % pkg_id) else: info("%s release package installed." % pkg_id) r = self.pkgtool.install(pkgs=["yum-priorities"]) if r.failed: info("Error while installing 'yum-priorities'.") else: info("'yum-priorities' (UMD) requirement installed.") if installation_type == "update": # 1) Install base (production) version r = self.pkgtool.install(pkgs=[self.metapkg]) if r.failed: qc_step.print_result("FAIL", "Error while installing '%s' packages" % self.metapkg, do_abort=True) else: info("UMD product/s '%s' installation finished." % self.metapkg) # 2) Enable verification repository if repository_url: info("Verification repository provided.") self._enable_verification_repo(qc_step, repository_url) # 3) Update r = self.pkgtool.update() if r.failed: qc_step.print_result("FAIL", ("Error updating from verification " "repository."), do_abort=True) else: qc_step.print_result("OK", msg="System successfully updated.") elif installation_type == "install": # 1) Enable verification repository if repository_url: info("Verification repository provided.") self._enable_verification_repo(qc_step, repository_url) # 2) Install verification version r = self.pkgtool.install(self.metapkg) # NOTE(orviz): missing WARNING case if r.failed: qc_step.print_result("FAIL", ("There was a failure installing " "metapackage '%s'." % self.metapkg), do_abort=True) else: qc_step.print_result("OK", ("Metapackage '%s' installed " "successfully.." % self.metapkg)) else: raise exception.InstallException( ("Installation type '%s' " "not implemented." % installation_type))