def allow_dhcp_broadcast(self):
#Open DHCP port if iptables is enabled.
# We supress error logging on error.
shellutil.run("iptables -D INPUT -p udp --dport 68 -j ACCEPT",
chk_err=False)
shellutil.run("iptables -I INPUT -p udp --dport 68 -j ACCEPT",
chk_err=False)
def refresh_repos(self):
logger.info("RDMA: refreshing yum repos")
if shellutil.run('yum clean all') != 0:
raise Exception('Cleaning yum repositories failed')
if shellutil.run('yum updateinfo') != 0:
raise Exception('Failed to act on yum repo update information')
logger.info("RDMA: repositories refreshed")
def del_account(self, username):
if self.is_sys_user(username):
logger.error("{0} is a system user. Will not delete it.",
username)
shellutil.run("> /var/run/utmp")
shellutil.run("userdel -r " + username)
self.conf_sudoer(username, remove=True)
def mkfile(self, filename, nbytes):
"""
Create a non-sparse file of that size. Deletes and replaces existing file.
To allow efficient execution, fallocate will be tried first. This includes
``os.posix_fallocate`` on Python 3.3+ (unix) and the ``fallocate`` command
in the popular ``util-linux{,-ng}`` package.
A dd fallback will be tried too. When size < 64M, perform single-pass dd.
Otherwise do two-pass dd.
"""
if not isinstance(nbytes, int):
nbytes = int(nbytes)
if nbytes < 0:
raise ValueError(nbytes)
if os.path.isfile(filename):
os.remove(filename)
# os.posix_fallocate
if sys.version_info >= (3, 3):
# Probable errors:
# - OSError: Seen on Cygwin, libc notimpl?
# - AttributeError: What if someone runs this under...
with open(filename, 'w') as f:
try:
os.posix_fallocate(f.fileno(), 0, nbytes)
return 0
except:
# Not confident with this thing, just keep trying...
pass
# fallocate command
fn_sh = shellutil.quote((filename,))
ret = shellutil.run(u"umask 0077 && fallocate -l {0} {1}".format(nbytes, fn_sh))
if ret == 0:
return ret
logger.info("fallocate unsuccessful, falling back to dd")
# dd fallback
dd_maxbs = 64 * 1024 ** 2
dd_cmd = "umask 0077 && dd if=/dev/zero bs={0} count={1} conv=notrunc of={2}"
blocks = int(nbytes / dd_maxbs)
if blocks > 0:
ret = shellutil.run(dd_cmd.format(dd_maxbs, blocks, fn_sh)) << 8
remains = int(nbytes % dd_maxbs)
if remains > 0:
ret += shellutil.run(dd_cmd.format(remains, 1, fn_sh))
if ret == 0:
logger.info("dd successful")
else:
logger.error("dd unsuccessful")
return ret
def reg_ssh_host_key(self):
keypair_type = conf.get_ssh_host_keypair_type()
if conf.get_regenerate_ssh_host_key():
fileutil.rm_files(conf.get_ssh_key_glob())
keygen_cmd = "ssh-keygen -N '' -t {0} -f {1}"
shellutil.run(keygen_cmd.format(keypair_type,
conf.get_ssh_key_private_path()))
return self.get_ssh_host_key_thumbprint()
def reg_ssh_host_key(self):
keypair_type = conf.get_ssh_host_keypair_type()
if conf.get_regenerate_ssh_host_key():
shellutil.run("rm -f /etc/ssh/ssh_host_*key*")
keygen_cmd = "ssh-keygen -N '' -t {0} -f /etc/ssh/ssh_host_{1}_key"
shellutil.run(keygen_cmd.format(keypair_type, keypair_type))
thumbprint = self.get_ssh_host_key_thumbprint(keypair_type)
return thumbprint
def gen_transport_cert(self, prv_file, crt_file):
"""
Create ssl certificate for https communication with endpoint server.
"""
cmd = (
"{0} req -x509 -nodes -subj /CN=LinuxTransport -days 32768 " "-newkey rsa:2048 -keyout {1} " "-out {2}"
).format(self.openssl_cmd, prv_file, crt_file)
shellutil.run(cmd)
def set_hostname(self, hostname):
"""
Set /etc/sysconfig/network
"""
fileutil.update_conf_file('/etc/sysconfig/network',
'HOSTNAME',
'HOSTNAME={0}'.format(hostname))
shellutil.run("hostname {0}".format(hostname), chk_err=False)
def enable_firewall(self, dst_ip=None, uid=None):
# If a previous attempt failed, do not retry
global _enable_firewall
if not _enable_firewall:
return False
try:
if dst_ip is None or uid is None:
msg = "Missing arguments to enable_firewall"
logger.warn(msg)
raise Exception(msg)
wait = self.get_firewall_will_wait()
# If the DROP rule exists, make no changes
drop_rule = FIREWALL_DROP.format(wait, "C", dst_ip)
rc = shellutil.run(drop_rule, chk_err=False)
if rc == 0:
logger.verbose("Firewall appears established")
return True
elif rc == 2:
self.remove_firewall(dst_ip, uid)
msg = "please upgrade iptables to a version that supports the -C option"
logger.warn(msg)
raise Exception(msg)
# Otherwise, append both rules
accept_rule = FIREWALL_ACCEPT.format(wait, "A", dst_ip, uid)
drop_rule = FIREWALL_DROP.format(wait, "A", dst_ip)
if shellutil.run(accept_rule) != 0:
msg = "Unable to add ACCEPT firewall rule '{0}'".format(
accept_rule)
logger.warn(msg)
raise Exception(msg)
if shellutil.run(drop_rule) != 0:
msg = "Unable to add DROP firewall rule '{0}'".format(
drop_rule)
logger.warn(msg)
raise Exception(msg)
logger.info("Successfully added Azure fabric firewall rules")
rc, output = shellutil.run_get_output(FIREWALL_LIST.format(wait))
if rc == 0:
logger.info("Firewall rules:\n{0}".format(output))
else:
logger.warn("Listing firewall rules failed: {0}".format(output))
return True
except Exception as e:
_enable_firewall = False
logger.info("Unable to establish firewall -- "
"no further attempts will be made: "
"{0}".format(ustr(e)))
return False
def chpasswd(self, username, password, crypt_id=6, salt_len=10):
cmd = "/usr/Firewall/sbin/fwpasswd -p {0}".format(password)
ret, output = shellutil.run_get_output(cmd, log_cmd=False)
if ret != 0:
raise OSUtilError(("Failed to set password for admin: {0}"
"").format(output))
# password set, activate webadmin and ssh access
shellutil.run('setconf /usr/Firewall/ConfigFiles/webadmin ACL any && ensl',
chk_err=False)
def download(self):
self.logger.info("Download extension package")
self.set_operation(WALAEventOperation.Download)
if self.pkg is None:
raise ExtensionError("No package uri found")
package = None
for uri in self.pkg.uris:
try:
package = self.protocol.download_ext_handler_pkg(uri.uri)
except ProtocolError as e:
logger.warn("Failed download extension: {0}", e)
if package is None:
raise ExtensionError("Failed to download extension")
self.logger.info("Unpack extension package")
pkg_file = os.path.join(conf.get_lib_dir(),
os.path.basename(uri.uri) + ".zip")
try:
fileutil.write_file(pkg_file, bytearray(package), asbin=True)
zipfile.ZipFile(pkg_file).extractall(self.get_base_dir())
except IOError as e:
raise ExtensionError(u"Failed to write and unzip plugin", e)
chmod = "find {0} -type f | xargs chmod u+x".format(self.get_base_dir())
shellutil.run(chmod)
self.report_event(message="Download succeeded")
self.logger.info("Initialize extension directory")
#Save HandlerManifest.json
man_file = fileutil.search_file(self.get_base_dir(),
'HandlerManifest.json')
if man_file is None:
raise ExtensionError("HandlerManifest.json not found")
try:
man = fileutil.read_file(man_file, remove_bom=True)
fileutil.write_file(self.get_manifest_file(), man)
except IOError as e:
raise ExtensionError(u"Failed to save HandlerManifest.json", e)
#Create status and config dir
try:
status_dir = self.get_status_dir()
fileutil.mkdir(status_dir, mode=0o700)
conf_dir = self.get_conf_dir()
fileutil.mkdir(conf_dir, mode=0o700)
except IOError as e:
raise ExtensionError(u"Failed to create status or config dir", e)
#Save HandlerEnvironment.json
self.create_handler_env()
def _set_drop_admin_access_to_ip(self, dest_ip):
"""Sets the "drop" IP Tables rules
I broke this out to a separate function so that I could more easily
test it in the tests/common/osutil/test_default.py code
:param dest_ip:
:return:
"""
# This blocks all other users to access dest_ip
rm_old = "iptables -D OUTPUT -d {0} -j DROP"
rule = "iptables -A OUTPUT -d {0} -j DROP"
shellutil.run(rm_old.format(dest_ip), chk_err=False)
shellutil.run(rule.format(dest_ip))
def uninstall_kvp_driver_package_if_exists(self):
kvp_pkgs = [self.hyper_v_package_name,
self.hyper_v_package_name_new]
for kvp_pkg in kvp_pkgs:
if shellutil.run("rpm -q %s" % kvp_pkg, chk_err=False) != 0:
logger.info(
"RDMA: kvp package %s does not exist, skipping" % kvp_pkg)
else:
logger.info('RDMA: erasing kvp package "%s"' % kvp_pkg)
if shellutil.run("yum erase -q -y %s" % kvp_pkg, chk_err=False) == 0:
logger.info("RDMA: successfully erased package")
else:
logger.error("RDMA: failed to erase package")
def del_account(self, username):
"""Deletes a user account.
Note that the default method also checks for a "system level" of the
user; based on the value of UID_MIN in /etc/login.defs. In our env,
all user accounts have the UID 0. So we can't rely on this value.
We also don't use sudo, so we remove that method call as well.
:param username:
:return:
"""
shellutil.run("> /var/run/utmp")
shellutil.run("/usr/bin/tmsh delete auth user " + username)
def decrypt_p7m(self, p7m_file, trans_prv_file, trans_cert_file, pem_file):
if not os.path.exists(p7m_file):
raise IOError(errno.ENOENT, "File not found", p7m_file)
elif not os.path.exists(trans_prv_file):
raise IOError(errno.ENOENT, "File not found", trans_prv_file)
else:
cmd = ("{0} cms -decrypt -in {1} -inkey {2} -recip {3} "
"| {4} pkcs12 -nodes -password pass: -out {5}"
"").format(self.openssl_cmd, p7m_file, trans_prv_file,
trans_cert_file, self.openssl_cmd, pem_file)
shellutil.run(cmd)
rc = shellutil.run(cmd)
if rc != 0:
logger.error("Failed to decrypt {0}".format(p7m_file))
def reg_ssh_host_key(self):
keypair_type = conf.get_ssh_host_keypair_type()
if conf.get_regenerate_ssh_host_key():
fileutil.rm_files(conf.get_ssh_key_glob())
if conf.get_ssh_host_keypair_mode() == "auto":
'''
The -A option generates all supported key types.
This is supported since OpenSSH 5.9 (2011).
'''
shellutil.run("ssh-keygen -A")
else:
keygen_cmd = "ssh-keygen -N '' -t {0} -f {1}"
shellutil.run(keygen_cmd.
format(keypair_type,
conf.get_ssh_key_private_path()))
return self.get_ssh_host_key_thumbprint()
def _wait_until_mcpd_is_initialized(self):
"""Wait for mcpd to become available
All configuration happens in mcpd so we need to wait that this is
available before we go provisioning the system. I call this method
at the first opportunity I have (during the DVD mounting call).
This ensures that the rest of the provisioning does not need to wait
for mcpd to be available unless it absolutely wants to.
:return bool: Returns True upon success
:raises OSUtilError: Raises exception if mcpd does not come up within
roughly 50 minutes (100 * 30 seconds)
"""
for retries in range(1, 100):
# Retry until mcpd completes startup:
logger.info("Checking to see if mcpd is up")
rc = shellutil.run("/usr/bin/tmsh -a show sys mcp-state field-fmt 2>/dev/null | grep phase | grep running", chk_err=False)
if rc == 0:
logger.info("mcpd is up!")
break
time.sleep(30)
if rc is 0:
return True
raise OSUtilError(
"mcpd hasn't completed initialization! Cannot proceed!"
)
def route_add(self, net, mask, gateway):
"""
Add specified route using /sbin/route add -net.
"""
cmd = ("/sbin/route add -net "
"{0} netmask {1} gw {2}").format(net, mask, gateway)
return shellutil.run(cmd, chk_err=False)
def reboot_system(self):
"""Reboot the system. This is required as the kernel module for
the rdma driver cannot be unloaded with rmmod"""
logger.info('RDMA: Rebooting system.')
ret = shellutil.run('shutdown -r now')
if ret != 0:
logger.error('RDMA: Failed to reboot the system')
def update_network_interface(mac_addr, ipv4_addr):
netmask=16
logger.info("RDMA: will update the network interface with IPv4/MAC")
if_name=RDMADeviceHandler.get_interface_by_mac(mac_addr)
logger.info("RDMA: network interface found: {0}", if_name)
logger.info("RDMA: bringing network interface up")
if shellutil.run("ifconfig {0} up".format(if_name)) != 0:
raise Exception("Could not bring up RMDA interface: {0}".format(if_name))
logger.info("RDMA: configuring IPv4 addr and netmask on interface")
addr = '{0}/{1}'.format(ipv4_addr, netmask)
if shellutil.run("ifconfig {0} {1}".format(if_name, addr)) != 0:
raise Exception("Could set addr to {1} on {0}".format(if_name, addr))
logger.info("RDMA: network address and netmask configured on interface")
def save_customdata(self, ovfenv):
customdata = ovfenv.customdata
if customdata is None:
return
logger.info("Save custom data")
lib_dir = conf.get_lib_dir()
if conf.get_decode_customdata():
customdata = self.osutil.decode_customdata(customdata)
customdata_file = os.path.join(lib_dir, CUSTOM_DATA_FILE)
fileutil.write_file(customdata_file, customdata)
if conf.get_execute_customdata():
logger.info("Execute custom data")
os.chmod(customdata_file, 0o700)
shellutil.run(customdata_file)
def set_selinux_enforce(self, state):
"""
Calls shell command 'setenforce' with 'state'
and returns resulting exit code.
"""
if self.is_selinux_system():
if state: s = '1'
else: s='0'
return shellutil.run("setenforce "+s)
def is_atapiix_mod_loaded(self, max_retry=1):
for retry in range(0, max_retry):
ret = shellutil.run("lsmod | grep ata_piix", chk_err=False)
if ret == 0:
logger.info("Module driver for ATAPI CD-ROM is already present.")
return True
if retry < max_retry - 1:
time.sleep(1)
return False
def set_selinux_context(self, path, con):
"""
Calls shell 'chcon' with 'path' and 'con' context.
Returns exit result.
"""
if self.is_selinux_system():
if not os.path.exists(path):
logger.error("Path does not exist: {0}".format(path))
return 1
return shellutil.run('chcon ' + con + ' ' + path)
def is_selinux_system(self):
"""
Checks and sets self.selinux = True if SELinux is available on system.
"""
if self.selinux == None:
if shellutil.run("which getenforce", chk_err=False) == 0:
self.selinux = True
else:
self.selinux = False
return self.selinux
def set_admin_access_to_ip(self, dest_ip):
#This allows root to access dest_ip
rm_old= "iptables -D OUTPUT -d {0} -j ACCEPT -m owner --uid-owner 0"
rule = "iptables -A OUTPUT -d {0} -j ACCEPT -m owner --uid-owner 0"
shellutil.run(rm_old.format(dest_ip), chk_err=False)
shellutil.run(rule.format(dest_ip))
#This blocks all other users to access dest_ip
rm_old = "iptables -D OUTPUT -d {0} -j DROP"
rule = "iptables -A OUTPUT -d {0} -j DROP"
shellutil.run(rm_old.format(dest_ip), chk_err=False)
shellutil.run(rule.format(dest_ip))
def set_hostname(self, hostname):
"""
Unlike redhat 6.x, redhat 7.x will set hostname via hostnamectl
Due to a bug in systemd in Centos-7.0, if this call fails, fallback
to hostname.
"""
hostnamectl_cmd = "hostnamectl set-hostname {0} --static".format(hostname)
if shellutil.run(hostnamectl_cmd, chk_err=False) != 0:
logger.warn("[{0}] failed, attempting fallback".format(hostnamectl_cmd))
DefaultOSUtil.set_hostname(self, hostname)
def gen_transport_cert(self, prv_file, crt_file):
"""
Create ssl certificate for https communication with endpoint server.
"""
cmd = ("{0} req -x509 -nodes -subj /CN=LinuxTransport -days 730 "
"-newkey rsa:2048 -keyout {1} "
"-out {2}").format(self.openssl_cmd, prv_file, crt_file)
rc = shellutil.run(cmd)
if rc != 0:
logger.error("Failed to create {0} and {1} certificates".format(
prv_file, crt_file))
def _delete_rule(self, rule):
"""
Continually execute the delete operation until the return
code is non-zero or the limit has been reached.
"""
for i in range(1, 100):
rc = shellutil.run(rule, chk_err=False)
if rc == 1:
return
elif rc == 2:
raise Exception("invalid firewall deletion rule '{0}'".format(rule))
def route_add(self, net, mask, gateway):
"""Add specified route using tmsh.
:param net:
:param mask:
:param gateway:
:return:
"""
cmd = ("/usr/bin/tmsh create net route "
"{0}/{1} gw {2}").format(net, mask, gateway)
return shellutil.run(cmd, chk_err=False)
def mkfile(self, filename, nbytes):
"""
Create a non-sparse file of that size. Deletes and replaces existing
file.
To allow efficient execution, fallocate will be tried first. This
includes
``os.posix_fallocate`` on Python 3.3+ (unix) and the ``fallocate``
command
in the popular ``util-linux{,-ng}`` package.
A dd fallback will be tried too. When size < 64M, perform
single-pass dd.
Otherwise do two-pass dd.
"""
if not isinstance(nbytes, int):
nbytes = int(nbytes)
if nbytes <= 0:
raise ResourceDiskError("Invalid swap size [{0}]".format(nbytes))
if os.path.isfile(filename):
os.remove(filename)
# If file system is xfs, use dd right away as we have been reported that
# swap enabling fails in xfs fs when disk space is allocated with fallocate
ret = 0
fn_sh = shellutil.quote((filename, ))
if self.fs != 'xfs':
# os.posix_fallocate
if sys.version_info >= (3, 3):
# Probable errors:
# - OSError: Seen on Cygwin, libc notimpl?
# - AttributeError: What if someone runs this under...
with open(filename, 'w') as f:
try:
os.posix_fallocate(f.fileno(), 0, nbytes)
return 0
except:
# Not confident with this thing, just keep trying...
pass
# fallocate command
ret = shellutil.run(u"umask 0077 && fallocate -l {0} {1}".format(
nbytes, fn_sh))
if ret == 0:
return ret
logger.info("fallocate unsuccessful, falling back to dd")
# dd fallback
dd_maxbs = 64 * 1024**2
dd_cmd = "umask 0077 && dd if=/dev/zero bs={0} count={1} " \
"conv=notrunc of={2}"
blocks = int(nbytes / dd_maxbs)
if blocks > 0:
ret = shellutil.run(dd_cmd.format(dd_maxbs, blocks, fn_sh)) << 8
remains = int(nbytes % dd_maxbs)
if remains > 0:
ret += shellutil.run(dd_cmd.format(remains, 1, fn_sh))
if ret == 0:
logger.info("dd successful")
else:
logger.error("dd unsuccessful")
return ret
def unregister_agent_service(self):
return shellutil.run("chkconfig --del waagent", chk_err=False)
def remove_route_for_dhcp_broadcast(self, ifname):
shellutil.run("route del 255.255.255.255 dev {0}".format(ifname),
chk_err=False)
def mount_resource_disk(self, mount_point):
fs = self.fs
if fs != 'ffs':
raise ResourceDiskError("Unsupported filesystem type: {0}, only "
"ufs/ffs is supported.".format(fs))
# 1. Get device
device = self.osutil.device_for_ide_port(1)
if not device:
raise ResourceDiskError("Unable to detect resource disk device.")
logger.info('Resource disk device {0} found.', device)
# 2. Get partition
partition = "/dev/{0}a".format(device)
# 3. Mount partition
mount_list = shellutil.run_get_output("mount")[1]
existing = self.osutil.get_mount_point(mount_list, partition)
if existing:
logger.info("Resource disk {0} is already mounted", partition)
return existing
fileutil.mkdir(mount_point, mode=0o755)
mount_cmd = 'mount -t {0} {1} {2}'.format(self.fs,
partition, mount_point)
err = shellutil.run(mount_cmd, chk_err=False)
if err:
logger.info('Creating {0} filesystem on {1}'.format(fs, device))
fdisk_cmd = "/sbin/fdisk -yi {0}".format(device)
err, output = shellutil.run_get_output(fdisk_cmd, chk_err=False)
if err:
raise ResourceDiskError("Failed to create new MBR on {0}, "
"error: {1}".format(device, output))
size_mb = conf.get_resourcedisk_swap_size_mb()
if size_mb:
if size_mb > 512 * 1024:
size_mb = 512 * 1024
disklabel_cmd = ("echo -e '{0} 1G-* 50%\nswap 1-{1}M 50%' "
"| disklabel -w -A -T /dev/stdin "
"{2}").format(mount_point, size_mb, device)
ret, output = shellutil.run_get_output(
disklabel_cmd, chk_err=False)
if ret:
raise ResourceDiskError("Failed to create new disklabel "
"on {0}, error "
"{1}".format(device, output))
err, output = shellutil.run_get_output("newfs -O2 {0}a"
"".format(device))
if err:
raise ResourceDiskError("Failed to create new filesystem on "
"partition {0}, error "
"{1}".format(partition, output))
err, output = shellutil.run_get_output(mount_cmd, chk_err=False)
if err:
raise ResourceDiskError("Failed to mount partition {0}, "
"error {1}".format(partition, output))
logger.info("Resource disk partition {0} is mounted at {1} with fstype "
"{2}", partition, mount_point, fs)
return mount_point
def start_agent_service(self):
return shellutil.run("service {0} start".format(self.service_name), chk_err=False)
def start_agent_service(self):
return shellutil.run("/sbin/service waagent start", chk_err=False)
def umount(self, mount_point, chk_err=True):
return shellutil.run("umount {0}".format(mount_point), chk_err=chk_err)
def restart_if(self, ifname=None, retries=None, wait=None):
shellutil.run("systemctl restart systemd-networkd")
def set_hostname(self, hostname):
fileutil.write_file('/etc/hostname', hostname)
shellutil.run("hostname {0}".format(hostname), chk_err=False)
def start_agent_service(self):
return shellutil.run("service walinuxagent start", chk_err=False)
def start_network(self):
return shellutil.run("service networking start", chk_err=False)
def stop_agent_service(self):
return shellutil.run("systemctl stop walinuxagent", chk_err=False)
def stop_network(self):
return shellutil.run("systemctl stop systemd-networkd", chk_err=False)
def stop_agent_service(self):
return shellutil.run("systemctl stop {0}".format(self.service_name), chk_err=False)
def unregister_agent_service(self):
return shellutil.run("systemctl mask {0}".format(self.service_name), chk_err=False)
def mount_resource_disk(self, mount_point, fs):
device = self.osutil.device_for_ide_port(1)
if device is None:
raise ResourceDiskError("unable to detect disk topology")
device = "/dev/{0}".format(device)
partition = device + "1"
mount_list = shellutil.run_get_output("mount")[1]
existing = self.osutil.get_mount_point(mount_list, device)
if existing:
logger.info("Resource disk [{0}] is already mounted [{1}]",
partition, existing)
return existing
fileutil.mkdir(mount_point, mode=0o755)
logger.info("Examining partition table")
ret = shellutil.run_get_output("parted {0} print".format(device))
if ret[0]:
raise ResourceDiskError("Could not determine partition info for "
"{0}: {1}".format(device, ret[1]))
force_option = 'F'
if fs == 'xfs':
force_option = 'f'
mkfs_string = "mkfs.{0} {1} -{2}".format(fs, partition, force_option)
if "gpt" in ret[1]:
logger.info("GPT detected, finding partitions")
parts = [
x for x in ret[1].split("\n") if re.match("^\s*[0-9]+", x)
]
logger.info("Found {0} GPT partition(s).", len(parts))
if len(parts) > 1:
logger.info("Removing old GPT partitions")
for i in range(1, len(parts) + 1):
logger.info("Remove partition {0}", i)
shellutil.run("parted {0} rm {1}".format(device, i))
logger.info("Creating new GPT partition")
shellutil.run(
"parted {0} mkpart primary 0% 100%".format(device))
logger.info("Format partition [{0}]", mkfs_string)
shellutil.run(mkfs_string)
else:
logger.info("GPT not detected, determining filesystem")
ret = shellutil.run_get_output("sfdisk -q -c {0} 1".format(device))
ptype = ret[1].rstrip()
if ptype == "7" and fs != "ntfs":
logger.info("The partition is formatted with ntfs, updating "
"partition type to 83")
shellutil.run("sfdisk -c {0} 1 83".format(device))
logger.info("Format partition [{0}]", mkfs_string)
shellutil.run(mkfs_string)
else:
logger.info("The partition type is {0}", ptype)
mount_options = conf.get_resourcedisk_mountoptions()
mount_string = self.get_mount_string(mount_options, partition,
mount_point)
logger.info("Mount resource disk [{0}]", mount_string)
ret = shellutil.run(mount_string, chk_err=False)
if ret:
# Some kernels seem to issue an async partition re-read after a
# 'parted' command invocation. This causes mount to fail if the
# partition re-read is not complete by the time mount is
# attempted. Seen in CentOS 7.2. Force a sequential re-read of
# the partition and try mounting.
logger.warn("Failed to mount resource disk. "
"Retry mounting after re-reading partition info.")
if shellutil.run("sfdisk -R {0}".format(device), chk_err=False):
shellutil.run("blockdev --rereadpt {0}".format(device),
chk_err=False)
ret = shellutil.run(mount_string, chk_err=False)
if ret:
logger.warn("Failed to mount resource disk. "
"Attempting to format and retry mount.")
shellutil.run(mkfs_string)
ret = shellutil.run(mount_string)
if ret:
raise ResourceDiskError("Could not mount {0} "
"after syncing partition table: "
"{1}".format(partition, ret))
logger.info("Resource disk {0} is mounted at {1} with {2}", device,
mount_point, fs)
return mount_point
def set_route_for_dhcp_broadcast(self, ifname):
return shellutil.run(
"route add 255.255.255.255 dev {0}".format(ifname), chk_err=False)
def restart_ssh_service(self):
return shellutil.run("systemctl --job-mode=ignore-dependencies try-reload-or-restart ssh", chk_err=False)
def unregister_agent_service(self):
return shellutil.run("systemctl disable waagent", chk_err=False)
def mount_resource_disk(self, mount_point):
device = self.osutil.device_for_ide_port(1)
if device is None:
raise ResourceDiskError("unable to detect disk topology")
device = "/dev/{0}".format(device)
partition = device + "1"
mount_list = shellutil.run_get_output("mount")[1]
existing = self.osutil.get_mount_point(mount_list, device)
if existing:
logger.info("Resource disk [{0}] is already mounted [{1}]",
partition, existing)
return existing
try:
fileutil.mkdir(mount_point, mode=0o755)
except OSError as ose:
msg = "Failed to create mount point " \
"directory [{0}]: {1}".format(mount_point, ose)
logger.error(msg)
raise ResourceDiskError(msg=msg, inner=ose)
logger.info("Examining partition table")
ret = shellutil.run_get_output("parted {0} print".format(device))
if ret[0]:
raise ResourceDiskError("Could not determine partition info for "
"{0}: {1}".format(device, ret[1]))
force_option = 'F'
if self.fs == 'xfs':
force_option = 'f'
mkfs_string = "mkfs.{0} {1} -{2}".format(self.fs, partition,
force_option)
if "gpt" in ret[1]:
logger.info("GPT detected, finding partitions")
parts = [
x for x in ret[1].split("\n") if re.match("^\s*[0-9]+", x)
]
logger.info("Found {0} GPT partition(s).", len(parts))
if len(parts) > 1:
logger.info("Removing old GPT partitions")
for i in range(1, len(parts) + 1):
logger.info("Remove partition {0}", i)
shellutil.run("parted {0} rm {1}".format(device, i))
logger.info("Creating new GPT partition")
shellutil.run(
"parted {0} mkpart primary 0% 100%".format(device))
logger.info("Format partition [{0}]", mkfs_string)
shellutil.run(mkfs_string)
else:
logger.info("GPT not detected, determining filesystem")
ret = self.change_partition_type(suppress_message=True,
option_str="{0} 1".format(device))
ptype = ret[1].strip()
if ptype == "7" and self.fs != "ntfs":
logger.info("The partition is formatted with ntfs, updating "
"partition type to 83")
self.change_partition_type(
suppress_message=False,
option_str="{0} 1 83".format(device))
logger.info("Format partition [{0}]", mkfs_string)
shellutil.run(mkfs_string)
else:
logger.info("The partition type is {0}", ptype)
mount_options = conf.get_resourcedisk_mountoptions()
mount_string = self.get_mount_string(mount_options, partition,
mount_point)
attempts = 5
while not os.path.exists(partition) and attempts > 0:
logger.info("Waiting for partition [{0}], {1} attempts remaining",
partition, attempts)
sleep(5)
attempts -= 1
if not os.path.exists(partition):
raise ResourceDiskError(
"Partition was not created [{0}]".format(partition))
logger.info("Mount resource disk [{0}]", mount_string)
ret, output = shellutil.run_get_output(mount_string, chk_err=False)
# if the exit code is 32, then the resource disk is already mounted
if ret == 32:
logger.warn("Could not mount resource disk: {0}", output)
elif ret != 0:
# Some kernels seem to issue an async partition re-read after a
# 'parted' command invocation. This causes mount to fail if the
# partition re-read is not complete by the time mount is
# attempted. Seen in CentOS 7.2. Force a sequential re-read of
# the partition and try mounting.
logger.warn("Failed to mount resource disk. "
"Retry mounting after re-reading partition info.")
if shellutil.run("sfdisk -R {0}".format(device), chk_err=False):
shellutil.run("blockdev --rereadpt {0}".format(device),
chk_err=False)
ret, output = shellutil.run_get_output(mount_string)
if ret:
logger.warn(
"Failed to mount resource disk. "
"Attempting to format and retry mount. [{0}]", output)
shellutil.run(mkfs_string)
ret, output = shellutil.run_get_output(mount_string)
if ret:
raise ResourceDiskError("Could not mount {0} "
"after syncing partition table: "
"[{1}] {2}".format(
partition, ret, output))
logger.info("Resource disk {0} is mounted at {1} with {2}", device,
mount_point, self.fs)
return mount_point
def eject_dvd(self, chk_err=True):
dvd = self.get_dvd_device()
retcode = shellutil.run("eject {0}".format(dvd))
if chk_err and retcode != 0:
raise OSUtilError("Failed to eject dvd: ret={0}".format(retcode))
def crt_to_ssh(self, input_file, output_file):
shellutil.run("ssh-keygen -i -m PKCS8 -f {0} >> {1}".format(
input_file, output_file))
def publish_hostname(self, hostname):
"""
Restart NetworkManager first before publishing hostname
"""
shellutil.run("service NetworkManager restart")
super(RedhatOSUtil, self).publish_hostname(hostname)
def del_account(self, username):
if self.is_sys_user(username):
logger.error("{0} is a system user. Will not delete it.", username)
shellutil.run('> /var/run/utx.active')
shellutil.run('rmuser -y ' + username)
self.conf_sudoer(username, remove=True)
def del_root_password(self):
err = shellutil.run('pw usermod root -h -')
if err:
raise OSUtilError(
"Failed to delete root password: Failed to update password database."
)
def start_dhcp_service(self):
return shellutil.run("systemctl start systemd-networkd", chk_err=False)
def stop_agent_service(self):
return shellutil.run("service azurelinuxagent stop", chk_err=False)
def del_account(self, username):
if self.is_sys_user(username):
logger.error("{0} is a system user. Will not delete it.", username)
shellutil.run("> /var/run/utmp")
shellutil.run("userdel -f -r " + username)
self.conf_sudoer(username, remove=True)
def restart_ssh_service(self):
return shellutil.run('/sbin/service sshd condrestart', chk_err=False)
def restart_if(self, iface):
shellutil.run("systemctl restart systemd-networkd")
