def __init__(self, lockdir): #self.gid = 250 self.lockfile = os.path.join(lockdir, '.gkeys_lock') ensure_dirs(lockdir) fileutils.touch(self.lockfile, mode=0o664) #os.chown(self.lockfile, -1, self.gid) self.lock = osutils.FsLock(self.lockfile)
def set_logger(namespace=None, logpath='', level=None, dirmode=0o775, filemask=0o002): global logger, NAMESPACE, Console_handler, logname if not namespace: namespace = NAMESPACE else: NAMESPACE = namespace logger = logging.getLogger(namespace) logger.setLevel(log_levels['DEBUG']) # create formatter and add it to the handlers log_format = '%(asctime)s %(name)-12s %(levelname)-8s %(message)s' formatter = logging.Formatter(log_format) # add the handlers to logger if logpath: ensure_dirs(logpath, mode=dirmode, fatal=True) os.umask(filemask) logname = os.path.join(logpath, '%s-%s.log' % (namespace, time.strftime('%Y%m%d-%H'))) file_handler = logging.FileHandler(logname) if level: file_handler.setLevel(log_levels[level]) else: file_handler.setLevel(log_levels['DEBUG']) file_handler.setFormatter(formatter) logger.addHandler(file_handler) # create console handler with a higher log level Console_handler = logging.StreamHandler() Console_handler.setLevel(logging.ERROR) #Console_handler.setFormatter(formatter) logger.addHandler(Console_handler) #print "File logger suppose to be initialized", logger, Console_handler logger.debug("==== Loggers initialized ==== time: %s", time.strftime('%Y%m%d-%H:%M:%S') ) return logger
def genkey(self, args): '''Generate a gpg key using a spec file''' messages = [] if not args.destination: gpghome = self.config.get_key('gkeys-gen', 'gpg-home') else: if os.path.exists(args.destination): gpghome = os.path.join(args.destination, 'gpghome') else: messages.extend(['', "Aborting... %s path does not exist." % args.destination]) return (False, messages) self.logger.debug("MAIN: _action_genkey; setting gpghome destination: %s" % gpghome) self.logger.debug("MAIN: _action_genkey; args= %s" % str(args)) if not args.spec: args.spec = self.config.get_key('spec', 'default-spec') key_params = self.get_input(args) ack = None while ack not in ["y", "yes", "n", "no"]: ack = py_input("Continue?[y/n]: ").lower() if ack in ["n", "no"]: messages.extend(['', "\nKey generation aborted."]) return (False, messages) elif ack in ["y", "yes"]: # Set the environment to custom gpg directory os.environ['GNUPGHOME'] = gpghome gpghome_full_path = os.path.abspath(gpghome) self.logger.info("MAIN: _action_genkey; create custom gpg directory: %s" % gpghome_full_path) self.output(["\n* Creating gpg folder at %s" % gpghome_full_path]) ensure_dirs(gpghome) # Copy default gpg-conf.skel and append glep63 requirements self.configure_config_file(args, gpghome) # Key generation ctx = gpgme.Context() self.logger.info("MAIN: _action_genkey: Generating GPG key...") self.output([LARRY]) self.output(["* Give the password for the key. (Pick a strong one)", " Please surf the internet, type on your keyboard, etc. ", " This helps the random number generator work effectively"]) try: result = ctx.genkey(key_params) except gpgme.GpgmeError as e: self.logger.debug("MAIN: _action_genkey: GpgmeError: %s" % str(e)) self.logger.debug("MAIN: _action_genkey: Aborting... Gpgme errored out.") messages.extend(['', "Aborting... Gpgme reported an error.\n", " GpgmeError: %s\n" % str(e), " See the log file for details: %s" % log.logname]) return (False, messages) key = ctx.get_key(result.fpr, True) self.logger.debug("MAIN: _action_genkey: Generated key: %s - %s" % (key.uids[0].uid, key.subkeys[0].fpr)) self.output(["Your new GLEP 63 based OpenPGP key has been created in %s" % gpghome_full_path]) self.output([GPG_INFO_STRING % (key.uids[0].name, key.uids[0].email, key.subkeys[0].fpr)]) self.output(["In order to use your new key, place the new gpghome to your ~/.gnupg folder by running the following command:", " mv %s ~/.gnupg" % gpghome_full_path, "Important: If you have another old key in ~/.gnupg please make sure you backup it up first.\n", "Please read the FAQ for post-generation steps that are available in:", "https://wiki.gentoo.org/wiki/Project:Gentoo-keys/Generating_GLEP_63_based_OpenPGP_keys"]) return (True, messages)
def setup(self, args, configs): '''Set up the args and configs passed in @param args: list or argparse.Namespace object @param configs: list ''' message = None if not args: message = "Main: run; invalid args argument passed in" if isinstance(args, list): args = self.parse_args(args) if args.config: self.config.defaults['config'] = args.config self.config.defaults['configdir'] = os.path.dirname(args.config) if getattr(args, 'email', False): configs = [self.config.defaults['config'], os.path.abspath(os.path.join(self.config.defaults['configdir'], "email.conf"))] self.config.read_config(configs) else: self.config.read_config() else: self.config.read_config(configs) # check for permissions and adjust configs accordngly if not self.config.defaults['homedir']: self.config.defaults['homedir'] = os.path.expanduser('~') if not os.access(self.config['logdir'], os.W_OK): self.config.options['logdir'] = os.path.join(self.config['userconfigdir'], 'logs') ensure_dirs(self.config.options['logdir']) # establish our logger and update it in the imported files self.logger = set_logger(self.cli_config['prog'], self.config['logdir'], args.debug, dirmode=int(self.config.get_key('permissions', 'directories'),0), filemask=int(self.config.get_key('permissions', 'files'),0)) self.config.logger = self.logger if message: self.logger.error(message) # now that we have a logger, record the alternate config setting if args.config: self.logger.debug("Main: run; Found alternate config request: %s" % args.config) self.logger.debug("Main: run; Using config: %s" % self.config['config']) # check if a -C, --category was input # if it was, check if the category is listed in the [seeds] cat = None if 'category' in args: cat = args.category if not self._check_category(cat): return False return True
def setup(self, args, configs): '''Set up the args and configs passed in @param args: list or argparse.Namespace object @param configs: list ''' message = None if not args: message = "Main: run; invalid args argument passed in" if isinstance(args, list): args = self.parse_args(args) if args.config: self.config.defaults['config'] = args.config self.config.read_config() else: self.config.read_config(configs) # check for permissions and adjust configs accordngly if not self.config.defaults['homedir']: self.config.defaults['homedir'] = os.path.expanduser('~') if not os.access(self.config['logdir'], os.W_OK): self.config.options['logdir'] = os.path.join( self.config['userconfigdir'], 'logs') ensure_dirs(self.config.options['logdir']) # establish our logger and update it in the imported files self.logger = set_logger( self.cli_config['prog'], self.config['logdir'], args.debug, dirmode=int(self.config.get_key('permissions', 'directories'), 0), filemask=int(self.config.get_key('permissions', 'files'), 0)) self.config.logger = self.logger if message: self.logger.error(message) # now that we have a logger, record the alternate config setting if args.config: self.logger.debug("Main: run; Found alternate config request: %s" % args.config) self.logger.debug("Main: run; Using config: %s" % self.config['config']) # check if a -C, --category was input # if it was, check if the category is listed in the [seeds] cat = None if 'category' in args: cat = args.category if not self._check_category(cat): return False return True
def set_keyring(self, keyring, task, importkey=False, reset=True): '''Sets the keyring to use as well as related task options ''' self.logger.debug("keydir: %s, keyring: %s" % (self.keydir, keyring)) if reset: self.config.options['tasks'][task] = self.config.defaults['tasks'][task][:] # --keyring file | Note that this adds a keyring to the current list. # If the intent is to use the specified keyring alone, # use --keyring along with --no-default-keyring. if importkey: task_value = ['--import-options', 'import-clean'] self.config.options['tasks'][task].extend(task_value) parent_dir = abspath(pjoin(keyring, pardir)) ensure_dirs(parent_dir, mode=int(self.config.get_key('permissions', 'directories'),0)) task_value = ['--no-default-keyring', '--keyring', keyring] self.config.options['tasks'][task].extend(task_value) self.logger.debug("set_keyring: New task options: %s" %str(self.config.options['tasks'][task])) return
def add_key(self, gkey): '''Add the specified key to the specified keydir @param gkey: GKEY namedtuple with (name, nick, keydir, fingerprint) ''' self.config.defaults['gpg_defaults'].append('--no-permission-warning') self.set_keyserver() self.set_keydir(gkey.keydir, 'recv-keys', reset=True) self.set_keyring('pubring.gpg', 'recv-keys', reset=False) logger.debug("LIB: add_key; ensure dirs: " + self.keydir) mode = int(self.config.get_key('permissions', 'directories'),0) ensure_dirs(str(self.keydir), mode=mode) self.set_keyseedfile(trap_errors=False) results = [] for fingerprint in gkey.fingerprint: logger.debug("LIB: add_key; adding fingerprint " + fingerprint) logger.debug("** Calling runGPG with Running 'gpg %s --recv-keys %s' for: %s" % (' '.join(self.config.get_key('tasks', 'recv-keys')), fingerprint, gkey.name)) result = self.runGPG(task='recv-keys', inputfile=fingerprint) logger.info('GPG return code: ' + str(result.returncode)) if result.fingerprint in gkey.fingerprint: result.failed = False message = "Fingerprints match... Import successful: " message += "%s, fingerprint: %s" % (gkey.nick, fingerprint) message += "\n result len: %s, %s" % (len(result.fingerprint), result.fingerprint) message += "\n gkey len: %s, %s" % (len(gkey.fingerprint[0]), gkey.fingerprint[0]) logger.info(message) else: result.failed = True message = "Fingerprints do not match... Import failed for " message += "%s, fingerprint: %s" % (gkey.nick, fingerprint) message += "\n result: %s" % (result.fingerprint) message += "\n gkey..: %s" % (str(gkey.fingerprint)) logger.error(message) # Save the gkey seed to the installed db self.seedfile.update(gkey) if not self.seedfile.save(): logger.error("GkeysGPG.add_key(); failed to save seed: " + gkey.nick) return [] results.append(result) return results
def add_key(self, gkey): '''Add the specified key to the specified keydir @param gkey: GKEY namedtuple with (name, nick, keydir, fingerprint) ''' self.config.defaults['gpg_defaults'].append('--no-permission-warning') self.set_keyserver() self.set_keydir(gkey.keydir, 'recv-keys', reset=True) self.set_keyring('pubring.gpg', 'recv-keys', reset=False) self.logger.debug("LIB: add_key; ensure dirs: " + self.keydir) mode = int(self.config.get_key('permissions', 'directories'),0) ensure_dirs(str(self.keydir), mode=mode) self.set_keyseedfile(trap_errors=True) results = [] for fingerprint in gkey.keys: self.logger.debug("LIB: add_key; adding fingerprint " + fingerprint) self.logger.debug("** Calling runGPG with Running 'gpg %s --recv-keys %s' for: %s" % (' '.join(self.config.get_key('tasks', 'recv-keys')), fingerprint, gkey.name)) result = self.runGPG(task='recv-keys', inputfile=fingerprint) self.logger.info('GPG return code: ' + str(result.returncode)) if result.fingerprint in gkey.keys: result.failed = False message = "Fingerprints match... Import successful: " message += "%s, fingerprint: %s" % (gkey.nick, fingerprint) message += "\n result len: %s, %s" % (len(result.fingerprint), result.fingerprint) message += "\n gkey len: %s, %s" % (len(gkey.fingerprint[0]), gkey.fingerprint[0]) self.logger.info(message) else: result.failed = True message = "Fingerprints do not match... Import failed for " message += "%s, fingerprint: %s" % (gkey.nick, fingerprint) message += "\n result: %s" % (result.fingerprint) message += "\n gkey..: %s" % (str(gkey.fingerprint)) self.logger.error(message) # Save the gkey seed to the installed db success = self.update_gkey(gkey, save=True) if not success: return [] results.append(result) return results
def save(self, filename=None): '''Save the seeds to the file''' if filename: self.filename = filename if not self.filename: logger.debug("Seed: save; Not a valid filename: '%s'" % str(self.filename)) return False logger.debug("Seed: save; Begin saving seed file %s" % self.filename) ensure_dirs(os.path.split(self.filename)[0], mode=int(self.config.get_key('permissions', "directories"),0), fatal=True) os.umask(int(self.config.get_key("permissions", "files"),0)) try: with open(self.filename, 'w') as seedfile: seedfile.write(self._seeds2json(self.seeds)) seedfile.write("\n") except IOError as err: self._error(err) return False return True
def set_logger(namespace=None, logpath='', level=None, dirmode=0o775, filemask=0o002): global logger, NAMESPACE, Console_handler, logname if not namespace: namespace = NAMESPACE else: NAMESPACE = namespace logger = logging.getLogger(namespace) logger.setLevel(log_levels['DEBUG']) # create formatter and add it to the handlers log_format = '%(asctime)s %(name)-12s %(levelname)-8s %(message)s' formatter = logging.Formatter(log_format) # add the handlers to logger if logpath: ensure_dirs(logpath, mode=dirmode, fatal=True) os.umask(filemask) logname = os.path.join( logpath, '%s-%s.log' % (namespace, time.strftime('%Y%m%d-%H:%M'))) file_handler = logging.FileHandler(logname) if level: file_handler.setLevel(log_levels[level]) else: file_handler.setLevel(log_levels['DEBUG']) file_handler.setFormatter(formatter) logger.addHandler(file_handler) # create console handler with a higher log level Console_handler = logging.StreamHandler() Console_handler.setLevel(logging.ERROR) #Console_handler.setFormatter(formatter) logger.addHandler(Console_handler) #print "File logger suppose to be initialized", logger, Console_handler logger.debug("Loggers initialized") return logger
def fetch_seeds(self, seeds, args, verified_dl=None): '''Fetch new seed files @param seeds: list of seed nicks to download @param verified_dl: Function pointer to the Actions.verify() instance needed to do the download and verification ''' http_check = re.compile(r'^(http|https)://') urls = [] messages = [] try: for seed in [seeds]: seedurl = self.config.get_key('seedurls', seed) seedpath = self.config.get_key('seeds', seed) if http_check.match(seedurl): urls.extend([(seed, seedurl, seedpath)]) else: self.logger.info("Wrong seed file URLs... Skipping: %s" % seed) except KeyError: pass succeeded = [] seedsdir = self.config.get_key('seedsdir') mode = int(self.config.get_key('permissions', 'directories'),0) ensure_dirs(seedsdir, mode=mode) for (seed, url, filepath) in urls: verify_info = self.config.get_key('verify-seeds', seed).split() args.category = verify_info[0] args.nick = verify_info[1] args.filename = url args.signature = None args.timestamp = True args.destination = filepath verified, messages_ = verified_dl(args) succeeded.append(verified) messages.append(messages_) return (succeeded, messages)
def genkey(self, args): '''Key generation action''' if not args.homedir: gpghome = os.path.join(os.getcwd(), 'gpghome') else: if os.path.exists(args.homedir): gpghome = os.path.join(args.homedir, 'gpghome') else: self.output("Aborting... %s path does not exist." % args.homedir) return False self.logger.debug("MAIN: _action_genkey; setting gpghome destination: %s" % gpghome) self.logger.debug("MAIN: _action_genkey; args= %s" % str(args)) key_params = self.get_input() ack = None while ack not in ["y", "yes", "n", "no"]: ack = py_input("Continue?[y/n]: ").lower() if ack in ["n", "no"]: self.output("\nKey generation aborted.") return False elif ack in ["y", "yes"]: # Set the environment to custom gpg directory os.environ['GNUPGHOME'] = gpghome gpghome_full_path = os.path.abspath(gpghome) self.logger.info("MAIN: _action_genkey; create custom gpg directory: %s" % gpghome_full_path) self.output("\n* Creating gpg folder at %s" % gpghome_full_path) ensure_dirs(gpghome) # Copy default gpg-conf.skel and append glep63 requirements self.output("* Creating gpg.conf file at %s" % gpghome_full_path) newgpgconfpath = os.path.join(gpghome, 'gpg.conf') shutil.copy('/usr/share/gnupg/gpg-conf.skel', newgpgconfpath) with open(newgpgconfpath, 'a') as conf: for line in urlopen(GPG_CONF): conf.write(_unicode(line)) # Key generation ctx = gpgme.Context() self.logger.info("MAIN: _action_genkey: Generating GPG key...") self.output(""" ____________________ < Generating GPG key > -------------------- \ ^__^ \ (oo)\_______ (__)\ )\/ ||----w | || ||""") self.output("\n* Give the password for the key. (Pick a strong one)\n") try: result = ctx.genkey(key_params) except gpgme.GpgmeError: self.logger.debug("MAIN: _action_genkey: Aborting... No given password.") self.output("Aborting... No given password.") return False key = ctx.get_key(result.fpr, True) self.logger.debug("MAIN: _action_genkey: Generated key: %s - %s" % (key.uids[0].uid, key.subkeys[0].fpr)) self.output("Your new GLEP 63 based OpenPGP key has been created in %s" % gpghome_full_path) self.output(""" GPG key info: Full Name: %s, Email: %s, Fingerprint: %s """ % (key.uids[0].name, key.uids[0].email, key.subkeys[0].fpr)) self.output("In order to use your new key, place the new gpghome to your ~/.gnupg folder by running the following command:\n" " mv %s ~/.gnupg\n" "Important: If you have another old key in ~/.gnupg please make sure you backup it up first.\n\n" "Please read the FAQ for post-generation steps that are available in: \n" "https://wiki.gentoo.org/wiki/Project:Gentoo-keys/Generating_GLEP_63_based_OpenPGP_keys\n" % gpghome_full_path) return True
def genkey(self, args): '''Generate a gpg key using a spec file''' messages = [] if not args.destination: gpghome = self.config.get_key('gkeys-gen', 'gpg-home') else: if os.path.exists(args.destination): gpghome = os.path.join(args.destination, 'gpghome') else: messages.extend(['', "Aborting... %s path does not exist." % args.destination]) return (False, messages) self.logger.debug("MAIN: _action_genkey; setting gpghome destination: %s" % gpghome) self.logger.debug("MAIN: _action_genkey; args= %s" % str(args)) if not args.spec: args.spec = self.config.get_key('spec', 'default-spec') key_params = self.get_input(args) ack = None while ack not in ["y", "yes", "n", "no"]: ack = py_input("Continue?[y/n]: ").lower() if ack in ["n", "no"]: messages.extend(['', "\nKey generation aborted."]) return (False, messages) elif ack in ["y", "yes"]: # Set the environment to custom gpg directory os.environ['GNUPGHOME'] = gpghome gpghome_full_path = os.path.abspath(gpghome) self.logger.info("MAIN: _action_genkey; create custom gpg directory: %s" % gpghome_full_path) self.output(["\n* Creating gpg folder at %s" % gpghome_full_path]) ensure_dirs(gpghome) # Copy default gpg-conf.skel and append glep63 requirements self.output(["* Creating gpg.conf file at %s" % gpghome_full_path]) newgpgconfpath = os.path.join(gpghome, 'gpg.conf') shutil.copy('/usr/share/gnupg/gpg-conf.skel', newgpgconfpath) with open(newgpgconfpath, 'a') as conf: for line in urlopen(self.config.get_key('gpg-urls', args.spec)): conf.write(_unicode(line.decode('utf-8'))) # Key generation ctx = gpgme.Context() self.logger.info("MAIN: _action_genkey: Generating GPG key...") self.output([LARRY]) self.output(["* Give the password for the key. (Pick a strong one)", " Please surf the internet, type on your keyboard, etc. ", " This helps the random number generator work effectively"]) try: result = ctx.genkey(key_params) except gpgme.GpgmeError as e: self.logger.debug("MAIN: _action_genkey: GpgmeError: %s" % str(e)) self.logger.debug("MAIN: _action_genkey: Aborting... Gpgme errored out.") messages.extend(['', "Aborting... Gpgme reported an error.\n", " GpgmeError: %s\n" % str(e), " See the log file for details: %s" % log.logname]) return (False, messages) key = ctx.get_key(result.fpr, True) self.logger.debug("MAIN: _action_genkey: Generated key: %s - %s" % (key.uids[0].uid, key.subkeys[0].fpr)) self.output(["Your new GLEP 63 based OpenPGP key has been created in %s" % gpghome_full_path]) self.output([GPG_INFO_STRING % (key.uids[0].name, key.uids[0].email, key.subkeys[0].fpr)]) self.output(["In order to use your new key, place the new gpghome to your ~/.gnupg folder by running the following command:", " mv %s ~/.gnupg" % gpghome_full_path, "Important: If you have another old key in ~/.gnupg please make sure you backup it up first.\n", "Please read the FAQ for post-generation steps that are available in:", "https://wiki.gentoo.org/wiki/Project:Gentoo-keys/Generating_GLEP_63_based_OpenPGP_keys"]) return (True, messages)
def ensure_docdir(self): ensure_dirs(self.path)