def get_shared_secret_txn():
# Load secret from database, if it exists.
secret_in_db_hex = Config.objects.get_config("rpc_shared_secret")
if secret_in_db_hex is None:
secret_in_db = None
else:
secret_in_db = to_bin(secret_in_db_hex)
# Load secret from the filesystem, if it exists.
secret_on_fs = get_shared_secret_from_filesystem()
if secret_in_db is None and secret_on_fs is None:
secret = os.urandom(16) # 16-bytes of crypto-standard noise.
Config.objects.set_config("rpc_shared_secret", to_hex(secret))
set_shared_secret_on_filesystem(secret)
elif secret_in_db is None:
secret = secret_on_fs
Config.objects.set_config("rpc_shared_secret", to_hex(secret))
elif secret_on_fs is None:
secret = secret_in_db
set_shared_secret_on_filesystem(secret)
elif secret_in_db == secret_on_fs:
secret = secret_in_db # or secret_on_fs.
else:
raise AssertionError(
"The secret stored in the database does not match the secret "
"stored on the filesystem at %s. Please investigate." %
get_shared_secret_filesystem_path())
return secret
def run(args):
"""Register the rack controller with a region controller."""
# If stdin supplied to program URL must be passed as argument.
if not stdin.isatty() and args.url is None:
print(
"MAAS region controller URL must be given when supplying the "
"shared secret via stdin with a non-interactive shell."
)
raise SystemExit(1)
try:
call_and_check(["systemctl", "stop", "maas-rackd"])
except ExternalProcessError as e:
print("Unable to stop maas-rackd service.", file=stderr)
print("Failed with error: %s." % e.output_as_unicode, file=stderr)
raise SystemExit(1)
# maas_id could be stale so remove it
set_maas_id(None)
if args.url is not None:
with ClusterConfiguration.open_for_update() as config:
config.maas_url = args.url
else:
try:
url = input("MAAS region controller URL: ")
except EOFError:
print() # So that the shell prompt appears on the next line.
raise SystemExit(1)
except KeyboardInterrupt:
print() # So that the shell prompt appears on the next line.
raise
with ClusterConfiguration.open_for_update() as config:
config.maas_url = url
print("MAAS region controller URL saved as %s." % url)
if args.secret is not None:
set_shared_secret_on_filesystem(to_bin(args.secret))
else:
InstallSharedSecretScript.run(args)
try:
call_and_check(["systemctl", "enable", "maas-rackd"])
call_and_check(["systemctl", "start", "maas-rackd"])
except ExternalProcessError as e:
print(
"Unable to enable and start the maas-rackd service.", file=stderr
)
print("Failed with error: %s." % e.output_as_unicode, file=stderr)
raise SystemExit(1)
def read_secret(self):
secret_path = security.get_shared_secret_filesystem_path()
secret_hex = read_text_file(secret_path)
return security.to_bin(secret_hex)