コード例 #1
0
 def test_02_gen_local_certs_keys(self):
     pfx = '%s.%s: ' % (self.name, f_name())
     print 'Starting %s...' % f_name()
     # If temporary admin user home does not exist, create it:
     if not exists(prop.ADMIN_HOME):
         os.makedirs(prop.ADMIN_HOME, 0777)
     # Put TGZ file in proper place:
     shutil.copy2(join(PRESERVE_DIR, SRNA_UPDATE_TGZ), prop.SRNA_UPDATE_TGZ)
     try:
         from tools.srna.update_srna_local import update_srna
         update_srna()
         # Check created items:
         msg = '%s: Failed to create %s'
         for tgt in LOCAL_TGT_FILES:
             if not os.path.exists(tgt):
                 self.fail(msg % (f_name(), tgt))
                 return
         # Save created items for use in mpx.lib._test_case_rna and
         # mpx.service.network._test_case_rna:
         shutil.copytree(prop.SRNA_DATA, join(PRESERVE_DIR, 'srna'))
         print '%s: OK' % pfx
     except Exception, e:
         print str(e)
コード例 #2
0
 def test_02_gen_local_certs_keys(self):
     pfx = '%s.%s: ' % (self.name, f_name())
     print 'Starting %s...' % f_name()
     # If temporary admin user home does not exist, create it:
     if not exists(prop.ADMIN_HOME):
         os.makedirs(prop.ADMIN_HOME, 0777)
     # Put TGZ file in proper place:
     shutil.copy2(join(PRESERVE_DIR, SRNA_UPDATE_TGZ), 
                  prop.SRNA_UPDATE_TGZ)
     try:
         from tools.srna.update_srna_local import update_srna
         update_srna()
         # Check created items:
         msg = '%s: Failed to create %s'
         for tgt in LOCAL_TGT_FILES:
             if not os.path.exists(tgt):
                 self.fail(msg % (f_name(), tgt))
                 return
         # Save created items for use in mpx.lib._test_case_rna and
         # mpx.service.network._test_case_rna:
         shutil.copytree(prop.SRNA_DATA, join(PRESERVE_DIR, 'srna'))
         print '%s: OK' % pfx
     except Exception, e:
         print str(e)
コード例 #3
0
ファイル: rc.mfw.py プロジェクト: mcruse/monotone
def MAIN(argv):
    interactive_debug = 0
    config_file = None

    # Parse the command line to modify the default behavior.
    # THIS IS DONE BEFORE MOST IMPORTS TO HELP PSYCO (I think).
    # @fixme cleanup, maybe move to part of mpx.system.run(argv)
    state = 'seek'
    for i in range(1,len(argv)):
        arg = argv[i]
        if state == 'seek':
            if arg == '-i':
                interactive_debug = 1
            elif arg == '-p':
                import psyco
                psyco.full()
            elif arg == '-x':
                state = 'config'
            else:
                print_help()
                raise SystemExit
        elif state == 'config':
            config_file = arg
            state = 'seek'
        else:
            print_help()
            raise SystemExit

    import os
    from mpx import properties
    from mpx.system import run
    from mpx.lib import msglog

    try:
        init_config = load_config(properties.MPXINIT_CONF_FILE)
        if 'proxyserver' in dict(init_config.items('host')).keys():
            proxy = str(dict(init_config.items('host'))['proxyserver']).strip()
            if len(proxy) and proxy != '0.0.0.0':
                if not proxy.startswith('http://'):
                    proxy = 'http://' + proxy
                import urllib2
                os.environ['http_proxy'] = proxy
                urllib2.ProxyHandler()
    except:
        pass

    # Technically, these should be properties, but it's not imperative.
    # Why? For one, these files are very specialized and not referenced outside
    # of here and Mpxconfig. Secondly, this script only checks for the exitance
    # of the files, and does nothing if they don't exist, so there should be
    # no impact if run outside of a genuine mediator environment.  It's another
    # matter, however, if the framework is ported to another operating system.
    HOST_NAME_CHANGED_FILE = '/etc/mpx_hostnamechanged.tmp'
    TIME_CHANGED_FILE = '/etc/mpx_timechanged.tmp'
    CERTIFICATE_FILE = '/usr/lib/broadway/http/certificate.pem'

    # Delete the web certificate if the host name has changed, as indicated by
    # tmp file left behind by Mpxconfig.
    if os.path.exists(HOST_NAME_CHANGED_FILE):
        os.remove(HOST_NAME_CHANGED_FILE)
        if os.path.exists(CERTIFICATE_FILE):
            os.remove(CERTIFICATE_FILE)
        
    # Delete the web certificate if the time has changed, as indicated by
    # tmp file left behind by Mpxconfig.
    if os.path.exists(TIME_CHANGED_FILE):
        os.remove(TIME_CHANGED_FILE)
        if os.path.exists(CERTIFICATE_FILE):
            os.remove(CERTIFICATE_FILE)
    
    if config_file is None:
        config_file = properties.CONFIGURATION_FILE
    
    # Perform any indicated SRNA CA/certs/keys updates:
    from tools.srna.update_srna_local import update_srna
    update_srna()

    #check if root user exists, and if so, delete that user
    flag=0
    x=open("/etc/passwd")
    for line in x.readlines():
        if line[:5]=="root:":
            flag=1
    x.close()

    # Removing root entry from /etc/passwd and /etc/shadow breaks system utilities
    # like cron that expect the entry to exist.
    # So this code is disabled by forcing flag to be zero for now.
    # Making the Framework run as a non root user might help clean this up too.
    # @fixme mpxadmin user is effectively root user anyway so there is not much point in removing root
    flag = 0

    if(flag==1):
        msglog.log('rc.mfw', msglog.types.WARN,
                   'Root account detected. Deleting root account')
        from tempfile import mkstemp
        fd,temp_path_pass=mkstemp(dir='/etc/')
        o=open('/etc/passwd','r')
        for line in o.readlines():
            if line[:5] != 'root:':
                os.write(fd,line)
        o.close()
        os.close(fd)
        
        fd,temp_path_sh=mkstemp(dir='/etc/')
        o=open('/etc/shadow','r')
        for line in o.readlines():
            if line[:5] != 'root:':
                os.write(fd,line)
        o.close()
        os.close(fd)
        
        #the following two commands should ideally be one atomic operation
        #os.rename is guaranteed atomic on linux. If context switch happens 
        #after one rename, all is not lost. shadow file must contain a line 
        #for every user in passwd, but extra lines will not affect operation
        os.rename(temp_path_pass,'/etc/passwd')
        os.rename(temp_path_sh,'/etc/shadow')
        
        
    # 'Bootstrap' the Mediator framework.
    # @fixme move a bunch of this into the Framework.
    msglog.log('rc.mfw', msglog.types.INFO,
               'Loading Broadway, the Mediator Framework from %s.' %
               config_file)
    if interactive_debug:
        msglog.log('rc.mfw', msglog.types.WARN,
                   'Framework is starting in interactive debug mode.')
        run(config_file, interactive_debug)
    else:
        try:
            run(config_file, interactive_debug)
        except SystemExit, e:
            if e.args:
                args = (e.code,) + e.args
            else:
                args = "(%s)" % e.code
            log_message('rc.mfw', msglog.types.WARN,
                        'Framework is exiting due to a SystemExit%s.' % args)
            raise e
        except Exception, e:
            msglog.exception()
            raise e
コード例 #4
0
ファイル: rc.mfw.py プロジェクト: ed-aicradle/monotone
def MAIN(argv):
    interactive_debug = 0
    config_file = None

    # Parse the command line to modify the default behavior.
    # THIS IS DONE BEFORE MOST IMPORTS TO HELP PSYCO (I think).
    # @fixme cleanup, maybe move to part of mpx.system.run(argv)
    state = 'seek'
    for i in range(1, len(argv)):
        arg = argv[i]
        if state == 'seek':
            if arg == '-i':
                interactive_debug = 1
            elif arg == '-p':
                import psyco
                psyco.full()
            elif arg == '-x':
                state = 'config'
            else:
                print_help()
                raise SystemExit
        elif state == 'config':
            config_file = arg
            state = 'seek'
        else:
            print_help()
            raise SystemExit

    import os
    from mpx import properties
    from mpx.system import run
    from mpx.lib import msglog

    try:
        init_config = load_config(properties.MPXINIT_CONF_FILE)
        if 'proxyserver' in dict(init_config.items('host')).keys():
            proxy = str(dict(init_config.items('host'))['proxyserver']).strip()
            if len(proxy) and proxy != '0.0.0.0':
                if not proxy.startswith('http://'):
                    proxy = 'http://' + proxy
                import urllib2
                os.environ['http_proxy'] = proxy
                urllib2.ProxyHandler()
    except:
        pass

    # Technically, these should be properties, but it's not imperative.
    # Why? For one, these files are very specialized and not referenced outside
    # of here and Mpxconfig. Secondly, this script only checks for the exitance
    # of the files, and does nothing if they don't exist, so there should be
    # no impact if run outside of a genuine mediator environment.  It's another
    # matter, however, if the framework is ported to another operating system.
    HOST_NAME_CHANGED_FILE = '/etc/mpx_hostnamechanged.tmp'
    TIME_CHANGED_FILE = '/etc/mpx_timechanged.tmp'
    CERTIFICATE_FILE = '/usr/lib/broadway/http/certificate.pem'

    # Delete the web certificate if the host name has changed, as indicated by
    # tmp file left behind by Mpxconfig.
    if os.path.exists(HOST_NAME_CHANGED_FILE):
        os.remove(HOST_NAME_CHANGED_FILE)
        if os.path.exists(CERTIFICATE_FILE):
            os.remove(CERTIFICATE_FILE)

    # Delete the web certificate if the time has changed, as indicated by
    # tmp file left behind by Mpxconfig.
    if os.path.exists(TIME_CHANGED_FILE):
        os.remove(TIME_CHANGED_FILE)
        if os.path.exists(CERTIFICATE_FILE):
            os.remove(CERTIFICATE_FILE)

    if config_file is None:
        config_file = properties.CONFIGURATION_FILE

    # Perform any indicated SRNA CA/certs/keys updates:
    from tools.srna.update_srna_local import update_srna
    update_srna()

    #check if root user exists, and if so, delete that user
    flag = 0
    x = open("/etc/passwd")
    for line in x.readlines():
        if line[:5] == "root:":
            flag = 1
    x.close()

    # Removing root entry from /etc/passwd and /etc/shadow breaks system utilities
    # like cron that expect the entry to exist.
    # So this code is disabled by forcing flag to be zero for now.
    # Making the Framework run as a non root user might help clean this up too.
    # @fixme mpxadmin user is effectively root user anyway so there is not much point in removing root
    flag = 0

    if (flag == 1):
        msglog.log('rc.mfw', msglog.types.WARN,
                   'Root account detected. Deleting root account')
        from tempfile import mkstemp
        fd, temp_path_pass = mkstemp(dir='/etc/')
        o = open('/etc/passwd', 'r')
        for line in o.readlines():
            if line[:5] != 'root:':
                os.write(fd, line)
        o.close()
        os.close(fd)

        fd, temp_path_sh = mkstemp(dir='/etc/')
        o = open('/etc/shadow', 'r')
        for line in o.readlines():
            if line[:5] != 'root:':
                os.write(fd, line)
        o.close()
        os.close(fd)

        #the following two commands should ideally be one atomic operation
        #os.rename is guaranteed atomic on linux. If context switch happens
        #after one rename, all is not lost. shadow file must contain a line
        #for every user in passwd, but extra lines will not affect operation
        os.rename(temp_path_pass, '/etc/passwd')
        os.rename(temp_path_sh, '/etc/shadow')

    # 'Bootstrap' the Mediator framework.
    # @fixme move a bunch of this into the Framework.
    msglog.log(
        'rc.mfw', msglog.types.INFO,
        'Loading Broadway, the Mediator Framework from %s.' % config_file)
    if interactive_debug:
        msglog.log('rc.mfw', msglog.types.WARN,
                   'Framework is starting in interactive debug mode.')
        run(config_file, interactive_debug)
    else:
        try:
            run(config_file, interactive_debug)
        except SystemExit, e:
            if e.args:
                args = (e.code, ) + e.args
            else:
                args = "(%s)" % e.code
            log_message('rc.mfw', msglog.types.WARN,
                        'Framework is exiting due to a SystemExit%s.' % args)
            raise e
        except Exception, e:
            msglog.exception()
            raise e