def suspendBitlocker(self): # pylint: disable=no-self-use
logger.notice("Suspending bitlocker for one reboot if active")
try:
System.execute(
"powershell.exe -ExecutionPolicy Bypass -Command \""
"foreach($v in Get-BitLockerVolume)"
"{if ($v.EncryptionPercentage -gt 0)"
"{$v | Suspend-BitLocker -RebootCount 1}}\"",
captureStderr=True,
waitForEnding=True,
timeout=20)
except Exception as err: # pylint: disable=broad-except
logger.error("Failed to suspend bitlocker: %s", err, exc_info=True)
def content(self):
try:
if not os.path.exists(self._filename):
raise IOError(u"Archive file not found: '%s'" % self._filename)
cat = System.which('cat')
if self._compression == 'gzip':
if self.pigz_detected:
cat = u'{pigz} --stdout --decompress'.format(
pigz=System.which('pigz'))
else:
cat = System.which('zcat')
elif self._compression == 'bzip2':
cat = System.which('bzcat')
return [
unicode(line) for line in System.execute(
u'{cat} "{filename}" | {cpio} --quiet --extract --list'.
format(cat=cat,
filename=self._filename,
cpio=System.which('cpio'))) if line
]
except Exception as e:
raise RuntimeError(u"Failed to get archive content '%s': %s" %
(self._filename, e))
def is_correct_pigz_version():
ver = System.execute('pigz --version')[0][5:]
logger.debug('Detected pigz version: %s' % (ver, ))
versionMatches = compareVersions(ver, '>=', '2.2.3')
logger.debug('pigz version is compatible? %s' % (versionMatches))
return versionMatches
def run(self):
self._reloadEvent.clear()
self._reloadEvent.wait(2)
with self._reloadLock:
try:
result = System.execute(self._reloadConfigCommand)
for line in result:
if 'error' in line:
raise RuntimeError(u'\n'.join(result))
except Exception as error:
logger.critical(
u"Failed to restart dhcpd: {0}".format(error))
self._reloadEvent.set()
def content(self):
try:
if not os.path.exists(self._filename):
raise IOError(u"Archive file not found: '%s'" % self._filename)
names = []
options = u''
if self._compression == 'gzip':
if self.pigz_detected:
options += u'--use-compress-program=pigz'
else:
options += u'--gunzip'
elif self._compression == 'bzip2':
options += u'--bzip2'
for line in System.execute(
u'%s %s --list --file "%s"' %
(System.which('tar'), options, self._filename)):
if line:
names.append(unicode(line))
return names
except Exception as e:
raise RuntimeError(u"Failed to get archive content '%s': %s" %
(self._filename, e))
def main(): # pylint: disable=too-many-locals,too-many-branches,too-many-statements
if len(sys.argv) != 17:
print(
f"Usage: {os.path.basename(sys.argv[0])} <hostId> <hostKey> <controlServerPort>"
" <logFile> <logLevel> <depotRemoteUrl> <depotDrive> <depotServerUsername> <depotServerPassword>"
" <sessionId> <actionProcessorDesktop> <actionProcessorCommand> <actionProcessorTimeout>"
" <runAsUser> <runAsPassword> <createEnvironment>")
sys.exit(1)
( # pylint: disable=unbalanced-tuple-unpacking
hostId, hostKey, controlServerPort, logFile, logLevel, depotRemoteUrl,
depotDrive, depotServerUsername, depotServerPassword, sessionId,
actionProcessorDesktop, actionProcessorCommand, actionProcessorTimeout,
runAsUser, runAsPassword, createEnvironment) = sys.argv[1:]
if hostKey:
secret_filter.add_secrets(hostKey)
if depotServerPassword:
secret_filter.add_secrets(depotServerPassword)
if runAsPassword:
secret_filter.add_secrets(runAsPassword)
init_logging(stderr_level=LOG_NONE,
stderr_format=DEFAULT_STDERR_LOG_FORMAT,
log_file=logFile,
file_level=int(logLevel),
file_format=DEFAULT_FILE_LOG_FORMAT)
log_instance = f'{os.path.basename(sys.argv[0]).rsplit(".", 1)[0]}_s{sessionId}'
with log_context({'instance': log_instance}):
logger.debug(
"Called with arguments: %s", ', '.join(
(hostId, hostKey, controlServerPort, logFile, logLevel,
depotRemoteUrl, depotDrive, depotServerUsername,
depotServerPassword, sessionId, actionProcessorDesktop,
actionProcessorCommand, actionProcessorTimeout, runAsUser,
runAsPassword, createEnvironment)))
language = "en"
try:
language = locale.getdefaultlocale()[0].split('_')[0]
except Exception as err: # pylint: disable=broad-except
logger.debug("Failed to find default language: %s", err)
def _(string):
""" Fallback function """
return string
sp = None
try:
logger.debug("Loading translation for language '%s'", language)
sp = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
if os.path.exists(os.path.join(sp, "site-packages")):
sp = os.path.join(sp, "site-packages")
sp = os.path.join(sp, 'opsiclientd_data', 'locale')
translation = gettext.translation('opsiclientd', sp, [language])
_ = translation.gettext
except Exception as err: # pylint: disable=broad-except
logger.debug("Failed to load locale for %s from %s: %s", language,
sp, err)
createEnvironment = bool(
runAsUser and createEnvironment.lower() in ('yes', 'true', '1'))
actionProcessorTimeout = int(actionProcessorTimeout)
imp = None
depotShareMounted = False
be = None
depot_url = urlparse(depotRemoteUrl)
try:
be = JSONRPCBackend(
username=hostId,
password=hostKey,
address=f"https://127.0.0.1:{controlServerPort}/opsiclientd")
if runAsUser:
if getpass.getuser().lower() != runAsUser.lower():
logger.info("Impersonating user '%s'", runAsUser)
imp = System.Impersonate(username=runAsUser,
password=runAsPassword,
desktop=actionProcessorDesktop)
imp.start(logonType="INTERACTIVE",
newDesktop=False,
createEnvironment=createEnvironment)
elif depot_url.scheme in ("smb", "cifs"):
logger.info("Impersonating network account '%s'",
depotServerUsername)
imp = System.Impersonate(username=depotServerUsername,
password=depotServerPassword,
desktop=actionProcessorDesktop)
imp.start(logonType="NEW_CREDENTIALS")
if depot_url.hostname.lower() not in ("127.0.0.1", "localhost",
"::1"):
logger.notice("Mounting depot share %s", depotRemoteUrl)
set_status_message(be, sessionId,
_("Mounting depot share %s") %
depotRemoteUrl) # pylint: disable=no-member
if runAsUser or depot_url.scheme not in ("smb", "cifs"):
System.mount(depotRemoteUrl,
depotDrive,
username=depotServerUsername,
password=depotServerPassword)
else:
System.mount(depotRemoteUrl, depotDrive)
depotShareMounted = True
logger.notice("Starting action processor")
set_status_message(be, sessionId, _("Action processor is running")) # pylint: disable=no-member
if imp:
imp.runCommand(actionProcessorCommand,
timeoutSeconds=actionProcessorTimeout)
else:
System.execute(actionProcessorCommand,
waitForEnding=True,
timeout=actionProcessorTimeout)
logger.notice("Action processor ended")
set_status_message(be, sessionId, _("Action processor ended")) # pylint: disable=no-member
except Exception as err: # pylint: disable=broad-except
logger.error(err, exc_info=True)
error = f"Failed to process action requests: {err}"
logger.error(error)
if be:
set_status_message(be, sessionId, error)
if depotShareMounted:
try:
logger.notice("Unmounting depot share")
System.umount(depotDrive)
except Exception: # pylint: disable=broad-except
pass
if imp:
try:
imp.end()
except Exception: # pylint: disable=broad-except
pass
if be:
try:
be.backend_exit()
except Exception: # pylint: disable=broad-except
pass