def is_installed_oscap_ok(): """Check whether expected openscap rpms are installed.""" class GetCmdStdout(): def __init__(self): self.stdout_lines = [] def __call__(self, line): if line.strip(): self.stdout_lines.append(line.strip()) if not os.path.exists(settings.openscap_binary): log_message("Oscap with SCE enabled is not installed") return False if not os.access(settings.openscap_binary, os.X_OK): log_message("Oscap with SCE %s is not executable" % settings.openscap_binary) return False # that's generic problem that could be on various rpm-based systems url = "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html-single/6.10_release_notes/index#BZ1804691" for pkg in settings.openscap_rpms: cmd = ["rpm", "-q", pkg, "--qf", "%{ARCH}\n"] cmdout = GetCmdStdout() ProcessHelper.run_subprocess(cmd, function=cmdout) if SystemIdentification.get_arch() not in cmdout.stdout_lines: log_message("The %s rpm is not installed for the" " %s architecture. This usually ends in a broken" " state in which all the Preupgrade Assistant modules" " are skipped (notchecked state). Please, install" " packages related for your architecture. See %s" " for more info." % (pkg, SystemIdentification.get_arch(), url)) return False return True
def common_results(self): """run common scripts""" log_message("Gathering logs used by the Preupgrade Assistant:") self.switch_dir() try: max_length = max( max([len(x.split("=", 4)[3]) for x in self.lines]), len(settings.assessment_text)) # Log files which will not be updated # when RPM database is not changed for counter, line in enumerate(self.lines): line = line.strip() if line.startswith("#"): continue cmd, log_file, dummy_bash_value, name, values = line.split( "=", 4) log_message( "%s : %.2d/%d ...running" % (name.ljust(max_length), counter + 1, len(self.lines)), new_line=False) start_time = datetime.datetime.now() common_file_path = self.common_logfiles(log_file) ProcessHelper.run_subprocess(cmd, output=common_file_path, shell=True) end_time = datetime.datetime.now() diff = end_time - start_time log_message(" %sfinished (time %.2d:%.2ds)" % ('\b' * 8, diff.seconds / 60, diff.seconds % 60)) # os.chmod(common_file_path, 0640) self.switch_back_dir() except IOError: return 0 else: return 1
def common_results(self): """run common scripts""" log_message("Gathering logs used by the Preupgrade Assistant:") self.switch_dir() try: max_length = max(max([len(x.split("=", 4)[3]) for x in self.lines]), len(settings.assessment_text)) # Log files which will not be updated # when RPM database is not changed for counter, line in enumerate(self.lines): line = line.strip() if line.startswith("#"): continue cmd, log_file, dummy_bash_value, name, values = line.split("=", 4) log_message("%s : %.2d/%d ...running" % (name.ljust(max_length), counter+1, len(self.lines)), new_line=False) start_time = datetime.datetime.now() common_file_path = self.common_logfiles(log_file) ProcessHelper.run_subprocess(cmd, output=common_file_path, shell=True) end_time = datetime.datetime.now() diff = end_time - start_time log_message(" %sfinished (time %.2d:%.2ds)" % ('\b' * 8, diff.seconds / 60, diff.seconds % 60)) # os.chmod(common_file_path, 0640) self.switch_back_dir() except IOError: return 0 else: return 1
def check_rpm_to(check_rpm="", check_bin=""): """ Function checks if relevant package is installed and if relevant binary exists on the system. Function is needed from module point of view. :param check_rpm: list of RPMs separated by comma :param check_bin: list of binaries separated by comma :return: """ not_applicable = 0 if check_rpm != "": rpms = check_rpm.split(',') lines = FileHelper.get_file_content(VALUE_RPM_QA, "rb", True) for rpm in rpms: lst = [x for x in lines if rpm == x.split('\t')[0]] if not lst: log_high_risk("Package %s is not installed." % rpm) not_applicable = 1 if check_bin != "": binaries = check_bin.split(',') lines = FileHelper.get_file_content(VALUE_EXECUTABLES, "rb", True) for binary in binaries: cmd = "which %s" % binary if ProcessHelper.run_subprocess(cmd, print_output=False, shell=True) != 0: log_high_risk("Binary %s is not installed." % binary) not_applicable = 1 if not_applicable: log_high_risk("Please, install all required packages (and binaries)" " and run preupg again to process check properly.") exit_fail() return not_applicable
def check_rpm_to(check_rpm="", check_bin=""): """ Function checks if relevant package is installed and if relevant binary exists on the system. Function is needed from module point of view. :param check_rpm: list of RPMs separated by comma :param check_bin: list of binaries separated by comma :return: """ not_applicable = 0 if check_rpm != "": rpms = check_rpm.split(',') lines = FileHelper.get_file_content(VALUE_RPM_QA, "rb", True) for rpm in rpms: lst = [x for x in lines if rpm == x.split('\t')[0]] if not lst: log_high_risk("Package %s is not installed." % rpm) not_applicable = 1 if check_bin != "": binaries = check_bin.split(',') for binary in binaries: cmd = "which %s" % binary if ProcessHelper.run_subprocess( cmd, print_output=False, shell=True) != 0: log_high_risk("Binary %s is not installed." % binary) not_applicable = 1 if not_applicable: log_high_risk("Please, install all required packages (and binaries)" " and run preupg again to process check properly.") exit_fail() return not_applicable
def kickstart_scripts(): ks_scripts_file = os.path.join(settings.data_dir, "preassessment", settings.KS_SCRIPTS) try: lines = FileHelper.get_file_content(ks_scripts_file, "rb", True) for line in lines: line = line.strip() if line.startswith("#"): continue if 'is not installed' in line: continue cmd, name = line.split("=", 2) kickstart_file = os.path.join(settings.KS_DIR, name) ProcessHelper.run_subprocess(cmd, output=kickstart_file, shell=True) except IOError: pass
def run_scan(self, function=None): """ The function is used for either scanning system or for applying changes on the target system """ cmd = self.openscap_helper.build_command() logger_debug.debug('running_command: %s', cmd) return ProcessHelper.run_subprocess(cmd, print_output=False, function=function)
def prepare_xml_for_html(self): """The function prepares a XML file for HTML creation""" # Reload XML file self.report_parser.reload_xml(self.openscap_helper.get_default_xml_result_path()) # Replace fail in case of slight and medium risks with needs_inspection self.report_parser.replace_inplace_risk(scanning_results=self.scanning_progress) if not self.conf.debug: self.report_parser.remove_debug_info() self.report_parser.reload_xml(self.openscap_helper.get_default_xml_result_path()) self.report_parser.update_check_description() self.prepare_for_generation() if not self.conf.verbose: self.xml_mgr.remove_html_information() # This function finalize XML operations self.finalize_xml_files() if self.conf.text: ProcessHelper.run_subprocess(self.get_cmd_convertor(), print_output=False, shell=True)
def prepare_xml_for_html(self): """The function prepares a XML file for HTML creation""" # Reload XML file self.report_parser.reload_xml( self.openscap_helper.get_default_xml_result_path()) # Replace fail in case of slight and medium risks with needs_inspection self.report_parser.replace_inplace_risk( scanning_results=self.scanning_progress) if not self.conf.debug: self.report_parser.remove_debug_info() self.report_parser.reload_xml( self.openscap_helper.get_default_xml_result_path()) self.report_parser.update_check_description() self.prepare_for_generation() if not self.conf.verbose: self.xml_mgr.remove_html_information() # This function finalize XML operations self.finalize_xml_files() if self.conf.text: ProcessHelper.run_subprocess(self.get_cmd_convertor(), print_output=False, shell=True)
def generate_html(): if not os.path.exists(diff_report_name_xml): sys.exit("Error: HTML generation failed: source {0} not found." .format(diff_report_name_xml)) cmd = OpenSCAPHelper.build_generate_command(diff_report_name_xml, diff_report_name_html, parsed_opts.simple_html) log = "html.log" # log for text printed during html generation ret_val = ProcessHelper.run_subprocess(cmd, print_output=True, output=log) if ret_val != 0: sys.exit("Error: HTML generation failed. See {0} for details." .format(log)) else: # no error when generating html - safe to remove the log os.remove(log)
def generate_html_or_text(self): self.generate_html() if self.conf.text: ProcessHelper.run_subprocess(self.get_cmd_convertor(), print_output=False, shell=True)