def updateProductVersion(): """ Update product version in vdc options table from rpm version """ try: # Get rpm version rpmVersion = utils.getRpmVersion(basedefs.ENGINE_RPM_NAME) # Update new version in vdc_option utils.updateVDCOption("ProductRPMVersion", rpmVersion) except: logging.error(traceback.format_exc()) logging.error(MSG_ERR_UPDATE_PRODUCT_VERSION)
def updateProductVersion(): """ Update product version in vdc options table from rpm version """ try: # Get rpm version rpmVersion = utils.getRpmVersion('ovirt-engine') # Update new version in vdc_option utils.updateVDCOption("ProductRPMVersion", rpmVersion) except: logging.error(traceback.format_exc()) logging.error(MSG_ERR_UPDATE_PRODUCT_VERSION)
def prepare(self): if os.path.exists(self.JKSKEYSTORE): logging.debug("PKI: convert JKS to PKCS#12") cmd = [ basedefs.EXEC_KEYTOOL, "-importkeystore", "-noprompt", "-srckeystore", self.JKSKEYSTORE, "-srcstoretype", "JKS", "-srcstorepass", basedefs.CONST_KEY_PASS, "-srcalias", "engine", "-srckeypass", basedefs.CONST_KEY_PASS, "-destkeystore", basedefs.FILE_ENGINE_KEYSTORE, "-deststoretype", "PKCS12", "-deststorepass", basedefs.CONST_KEY_PASS, "-destalias", "1", "-destkeypass", basedefs.CONST_KEY_PASS ] output, rc = utils. execCmd(cmdList=cmd, failOnError=True, msg=MSG_ERROR_FAILED_CONVERT_ENGINE_KEY) utils.chownToEngine(basedefs.FILE_ENGINE_KEYSTORE) os.chmod(basedefs.FILE_ENGINE_KEYSTORE, 0640) for src, dst in ( (basedefs.FILE_ENGINE_KEYSTORE, basedefs.FILE_APACHE_KEYSTORE), (basedefs.FILE_ENGINE_CERT, basedefs.FILE_APACHE_CERT), (basedefs.FILE_SSH_PRIVATE_KEY, basedefs.FILE_APACHE_PRIVATE_KEY) ): logging.debug("PKI: dup cert for apache") try: utils.copyFile( src, dst, utils.getUsernameId("apache"), utils.getGroupId("apache"), 0640 ) except OSError: logging.error("PKI: Cannot dup cert for apache") raise if not os.path.exists(basedefs.FILE_APACHE_CA_CRT_SRC): logging.debug("PKI: dup ca for apache") try: os.symlink( os.path.basename(basedefs.FILE_CA_CRT_SRC), basedefs.FILE_APACHE_CA_CRT_SRC ) except OSError: logging.error("PKI: Cannot dup ca for apache") raise shutil.copyfile( basedefs.FILE_HTTPD_SSL_CONFIG, self.TMPAPACHECONF ) handler = utils.TextConfigFileHandler(self.TMPAPACHECONF, " ") handler.open() if handler.getParam("SSLCertificateFile") == '/etc/pki/ovirt-engine/certs/engine.cer': handler.editParam("SSLCertificateFile", basedefs.FILE_APACHE_CERT) if handler.getParam("SSLCertificateKeyFile") == '/etc/pki/ovirt-engine/keys/engine_id_rsa': handler.editParam("SSLCertificateKeyFile", basedefs.FILE_APACHE_PRIVATE_KEY) if handler.getParam("SSLCertificateChainFile") == '/etc/pki/ovirt-engine/ca.pem': handler.editParam("SSLCertificateChainFile", basedefs.FILE_APACHE_CA_CRT_SRC) handler.close() utils.updateVDCOption("keystoreUrl", basedefs.FILE_ENGINE_KEYSTORE, (), "text") utils.updateVDCOption("TruststoreUrl", basedefs.FILE_TRUSTSTORE, (), "text") utils.updateVDCOption("CertAlias", "1", (), "text")
def prepare(self): if os.path.exists(self.JKSKEYSTORE): logging.debug("PKI: convert JKS to PKCS#12") cmd = [ basedefs.EXEC_KEYTOOL, "-importkeystore", "-noprompt", "-srckeystore", self.JKSKEYSTORE, "-srcstoretype", "JKS", "-srcstorepass", basedefs.CONST_KEY_PASS, "-srcalias", "engine", "-srckeypass", basedefs.CONST_KEY_PASS, "-destkeystore", basedefs.FILE_ENGINE_KEYSTORE, "-deststoretype", "PKCS12", "-deststorepass", basedefs.CONST_KEY_PASS, "-destalias", "1", "-destkeypass", basedefs.CONST_KEY_PASS ] output, rc = utils.execCmd(cmdList=cmd, failOnError=True, msg=MSG_ERROR_FAILED_CONVERT_ENGINE_KEY) utils.chownToEngine(basedefs.FILE_ENGINE_KEYSTORE) os.chmod(basedefs.FILE_ENGINE_KEYSTORE, 0640) for src, dst in ((basedefs.FILE_ENGINE_KEYSTORE, basedefs.FILE_APACHE_KEYSTORE), (basedefs.FILE_ENGINE_CERT, basedefs.FILE_APACHE_CERT), (basedefs.FILE_SSH_PRIVATE_KEY, basedefs.FILE_APACHE_PRIVATE_KEY)): logging.debug("PKI: dup cert for apache") try: utils.copyFile(src, dst, utils.getUsernameId("apache"), utils.getGroupId("apache"), 0640) except OSError: logging.error("PKI: Cannot dup cert for apache") raise if not os.path.exists(basedefs.FILE_APACHE_CA_CRT_SRC): logging.debug("PKI: dup ca for apache") try: os.symlink(os.path.basename(basedefs.FILE_CA_CRT_SRC), basedefs.FILE_APACHE_CA_CRT_SRC) except OSError: logging.error("PKI: Cannot dup ca for apache") raise shutil.copyfile(basedefs.FILE_HTTPD_SSL_CONFIG, self.TMPAPACHECONF) handler = utils.TextConfigFileHandler(self.TMPAPACHECONF, " ") handler.open() if handler.getParam("SSLCertificateFile" ) == '/etc/pki/ovirt-engine/certs/engine.cer': handler.editParam("SSLCertificateFile", basedefs.FILE_APACHE_CERT) if handler.getParam("SSLCertificateKeyFile" ) == '/etc/pki/ovirt-engine/keys/engine_id_rsa': handler.editParam("SSLCertificateKeyFile", basedefs.FILE_APACHE_PRIVATE_KEY) if handler.getParam( "SSLCertificateChainFile") == '/etc/pki/ovirt-engine/ca.pem': handler.editParam("SSLCertificateChainFile", basedefs.FILE_APACHE_CA_CRT_SRC) handler.close() utils.updateVDCOption("keystoreUrl", basedefs.FILE_ENGINE_KEYSTORE, (), "text") utils.updateVDCOption("TruststoreUrl", basedefs.FILE_TRUSTSTORE, (), "text") utils.updateVDCOption("CertAlias", "1", (), "text")