def summary_report(self, tarball_path): """Function prints a summary report""" command = settings.ui_command.format(tarball_path) if self.conf.text: path = self.get_default_txt_result_path() else: path = self.get_default_html_result_path() report_dict = { 0: settings.message.format(path), 1: settings.message.format(path), 2: 'We found some critical issues. In-place upgrade is not advised.\n' + "Read the file {0} for more details.". format(path) } return_value = xccdf.check_inplace_risk(self.get_default_xml_result_path(), 0) try: if report_dict[int(return_value)]: log_message('Summary information:') log_message(report_dict[int(return_value)]) for report_type in settings.REPORTS: file_name = settings.result_name + '-' + report_type + '.html' report_name = os.path.join(os.path.dirname(self.report_parser.get_path()), file_name) if os.path.exists(report_name): log_message("Read the %s report file %s for more details." % (report_type, report_name)) except KeyError: # We do not want to print anything in case of testing contents pass if self.report_data: log_message('Summary 3rd party providers:') for target, dummy_report in six.iteritems(self.report_data): self.third_party = target log_message("Read the 3rd party content {0} {1} for more details.". format(target, path)) log_message("Upload results to UI by command:\ne.g. {0} .".format(command))
def test_check_inplace_risk_slight(self): temp_file = self._copy_xccdf_file(b'INPLACERISK: SLIGHT: Test Slight Inplace risk') self._generate_result(temp_file) return_value = xccdf.check_inplace_risk(os.path.join(os.path.dirname(temp_file), 'result.xml'), 0) shutil.rmtree(os.path.dirname(temp_file)) self.assertEqual(return_value, 0)
def test_check_inplace_risk_unknown(self): temp_file = self._copy_xccdf_file(b'INPLACERISK: UNKNOWN: Test Extreme Inplace risk') self._generate_result(temp_file) return_value = xccdf.check_inplace_risk(os.path.join(os.path.dirname(temp_file), 'result.xml'), 0) shutil.rmtree(os.path.dirname(temp_file)) self.assertEqual(return_value, -1)
def run(self): """run analysis""" if self.conf.version: print ("Preupgrade Assistant version: %s" % VERSION) return 0 if not self.conf.scan and not self.conf.contents: cnt = 0 is_dir = lambda x: os.path.isdir(os.path.join(self.conf.source_dir, x)) dirs = os.listdir(self.conf.source_dir) for dir_name in filter(is_dir, dirs): if utils.get_assessment_version(dir_name): self.conf.scan = dir_name cnt += 1 if int(cnt) < 1: log_message("There were no contents found in directory %s. \ If you would like to use this tool, you have to install some." % settings.source_dir) return 1 if int(cnt) > 1: log_message("Preupgrade assistant detects more then 1 set of contents in directory%s. \ If you would like to use this tool, you have to specify correct upgrade path parameter like -s RHEL6_7." % settings.source_dir) return 1 if self.conf.list_contents_set: for dir_name, dummy_content in six.iteritems(list_contents(self.conf.source_dir)): log_message("{0}".format(dir_name)) return 0 if self.conf.list_rules: log_message(settings.list_rules % '\n'.join(utils.get_list_rules(self.conf.scan))) return 0 if self.conf.upload and self.conf.results: self.upload_results() return 0 if self.conf.mode and self.conf.select_rules: log_message(settings.options_not_allowed) return 1 if not self.conf.riskcheck and not self.conf.apply and not self.conf.cleanup and not self.conf.kickstart: # If force option is not mentioned and user select NO then exits if not self.conf.force and not show_message(settings.warning_text): # We do not want to continue return 0 if self.conf.text: # Test whether w3m, lynx and elinks packages are installed found = False for pkg in utils.get_convertors(): if xml_manager.get_package_version(pkg): self.text_convertor = pkg found = True break if not found: log_message(settings.converter_message.format(' '.join(utils.get_convertors()))) return 0 if os.geteuid() != 0: print("Need to be root", end="\n") if not self.conf.debug: return 2 if self.conf.cleanup: self.clean_preupgrade_environment() sys.exit(0) if self.conf.riskcheck: return_val = xccdf.check_inplace_risk(self.get_default_xml_result_path(), self.conf.verbose) return return_val if self.conf.kickstart: if not os.path.exists(self.get_default_xml_result_path()): log_message("'preupg' command was not run yet. Run them before kickstart generation.") return 1 kg = KickstartGenerator(settings.KS_DIR, self.get_preupgrade_kickstart()) KickstartGenerator.copy_kickstart_templates() dummy_ks = kg.generate() if dummy_ks: log_message(settings.kickstart_text % self.get_preupgrade_kickstart()) return 0 if self.conf.scan: self.content = os.path.join(self.conf.source_dir, self.conf.scan, settings.content_file) if self.conf.scan.startswith("/"): log_message('Specify correct upgrade path parameter like -s RHEL6_7') log_message('Upgrade path is provided by command preupg --list') return 1 if not os.path.isdir(os.path.join(self.conf.source_dir, self.conf.scan)): log_message('Specify correct upgrade path parameter like -s RHEL6_7') log_message('Upgrade path is provided by command preupg --list') return 1 if self.conf.contents: self.content = os.path.join(os.getcwd(), self.conf.contents) # From content path like content-users/RHEL6_7 we need # to get content-users dir content_dir = self.conf.contents[:self.conf.contents.find(self.get_scenario())] self.conf.source_dir = os.path.join(os.getcwd(), content_dir) self.common = Common(self.conf) if not self.conf.skip_common: if not self.common.common_results(): return 1 if self.conf.scan or self.conf.contents: if not os.path.exists(self.binary): log_message("Oscap with SCE enabled is not installed") return 1 if not os.access(self.binary, os.X_OK): log_message("Oscap with SCE %s is not executable" % self.binary) return 1 current_dir = os.getcwd() os.chdir("/tmp") tarball_path = self.scan_system() self.summary_report(tarball_path) self.common.copy_common_files() KickstartGenerator.kickstart_scripts() utils.remove_home_issues() if self.conf.upload: self.upload_results(tarball_path) os.chdir(current_dir) return 0 log_message('Nothing to do. Give me a task, please.') self.conf.settings[2].parser.print_help() return 0
def main(args): global major_upgrade if args.clean: do_cleanup(args) return if args.device or args.iso: device_setup(args) # Get our packages set up where we can use 'em print _("setting up repos...") f = setup_downloader(version=args.network, cacheonly=args.cacheonly, instrepo=args.instrepo, repos=args.repos, enable_plugins=args.enable_plugins, disable_plugins=args.disable_plugins) # Compare the first part of the version number in the treeinfo with the # first part of the version number of the system to determine if this is a # major version upgrade if f.treeinfo.get('general', 'version').split('.')[0] != \ platform.linux_distribution()[1].split('.')[0]: major_upgrade = True # Check if preupgrade-assistant has been run if args.force: log.info("Skipping check for preupgrade-assisant") if not args.force and preupgrade_available: # Run preupg --riskcheck returncode = xccdf.check_inplace_risk(get_preupgrade_result_name(), 0) if int(returncode) == 0: print _("Preupgrade assistant does not found any risks") print _("Upgrade will continue.") elif int(returncode) == 1: print _("Preupgrade assistant risk check found risks for this upgrade.") print _("You can run preupg --riskcheck --verbose to view these risks.") print _("Addressing high risk issues is required before the in-place upgrade") print _("and ignoring these risks may result in a broken upgrade and unsupported upgrade.") print _("Please backup your data.") print "" print _("List of issues:") xccdf.check_inplace_risk(get_preupgrade_result_name(), verbose=2) answer = raw_input(_("Continue with the upgrade [Y/N]? ")) # TRANSLATORS: y for yes if answer.lower() != _('y'): raise SystemExit(1) elif int(returncode) == 2: print _("preupgrade-assistant risk check found EXTREME risks for this upgrade.") print _("Run preupg --riskcheck --verbose to view these risks.") print _("Continuing with this upgrade is not recommended.") raise SystemExit(1) else: print _("preupgrade-assistant has not been run.") print _("To perform this upgrade, either run preupg or run redhat-upgrade-tool --force") raise SystemExit(1) # Check that we are upgrading to the same variant if not args.force: distro = platform.linux_distribution()[0] if not distro.startswith("Red Hat Enterprise Linux "): print _("Invalid distribution: %s") % distro raise SystemExit(1) from_variant = distro[len('Red Hat Enterprise Linux '):] try: to_variant = f.treeinfo.get('general', 'variant') except NoOptionError: print _("Upgrade repository is not a Red Hat Enterprise Linux repository") raise SystemExit(1) if from_variant != to_variant: print _("Upgrade requested from Red Hat Enterprise Linux %s to %s") % (from_variant, to_variant) print _("Upgrades between Red Hat Enterprise Linux variants is not supported.") raise SystemExit(1) else: log.info("Skipping variant check") if args.nogpgcheck: f._override_sigchecks = True elif not f.instrepo.gpgcheck: # If instrepo is a Red Hat repo, add the gpg key and reload the repos try: key = "product" if not f.treeinfo.has_section(key): key = "release" if f.treeinfo.get(key, 'name') == 'Red Hat Enterprise Linux': log.info("Reloading repos with GPG key") args.repos.append(('gpgkey', '%s=%s' % (f.instrepo.name, rhel_gpgkey_path))) f = setup_downloader(version=args.network, cacheonly=args.cacheonly, instrepo=args.instrepo, repos=args.repos, enable_plugins=args.enable_plugins, disable_plugins=args.disable_plugins) except NoOptionError: log.debug("No product name found, skipping gpg check") if args.expire_cache: print "expiring cache files" f.cleanExpireCache() return if args.clean_metadata: print "cleaning metadata" f.cleanMetadata() return # Cleanup old conf files log.info("Clearing %s", upgradeconf) rm_f(upgradeconf) mkdir_p(os.path.dirname(upgradeconf)) # TODO: error msg generation should be shared between CLI and GUI if args.skipkernel: message("skipping kernel/initrd download") elif f.instrepoid is None or f.instrepoid in f.disabled_repos: print _("Error: can't get boot images.") if args.instrepo: print _("The '%s' repo was rejected by yum as invalid.") % args.instrepo if args.iso: print _("The given ISO probably isn't an install DVD image.") media.umount(args.device.mnt) elif args.device: print _("The media doesn't contain a valid install DVD image.") else: print _("The installation repo isn't currently available.") print _("Try again later, or specify a repo using --instrepo.") raise SystemExit(1) else: print _("getting boot images...") kernel, initrd = f.download_boot_images() # TODO: force arch? if args.skippkgs: message("skipping package download") else: print _("setting up update...") if len(f.pkgSack) == 0: print("no updates available in configured repos!") raise SystemExit(1) pkgs = download_packages(f) # Run a test transaction probs, rv = transaction_test(pkgs) # And prepare for upgrade # TODO: use polkit to get root privs for these things print _("setting up system for upgrade") if not args.skippkgs: prep_upgrade(pkgs) # Save the repo configuration f.save_repo_configs() if not args.skipbootloader: if args.skipkernel: print "warning: --skipkernel without --skipbootloader" print "using default paths: %s %s" % (kernelpath, initrdpath) kernel = kernelpath initrd = initrdpath prep_boot(kernel, initrd) if args.device: setup_media_mount(args.device) if args.iso: media.umount(args.device.mnt) if args.cleanup_post: setup_cleanup_post() # Workaround the redhat-upgrade-dracut upgrade-post hook order problem # Copy upgrade.conf to /root/preupgrade so that it won't be removed # before the postupgrade scripts are run. mkdir_p('/root/preupgrade') shutil.copyfile(upgradeconf, '/root/preupgrade/upgrade.conf') if args.reboot: reboot() else: print _('Finished. Reboot to start upgrade.') # --- Here's where we summarize potential problems. --- # list packages without updates, if any missing = sorted(f.find_packages_without_updates(), key=lambda p:p.envra) if missing and not major_upgrade: message(_('Packages without updates:')) for p in missing: message(" %s" % p) # warn if the "important" repos are disabled #if f.disabled_repos: # NOTE: I hate having a hardcoded list of Important Repos here. # This information should be provided by the system, somehow.. #important = ("fedora", "updates") #if any(i in f.disabled_repos for i in important): # msg = _("WARNING: Some important repos could not be contacted: %s") #else: # msg = _("NOTE: Some repos could not be contacted: %s") #print msg % ", ".join(f.disabled_repos) #print _("If you start the upgrade now, packages from these repos will not be installed.") # warn about broken dependencies etc. # If this is a major version upgrade, the user has already been warned # about all of this from preupgrade-assistant, so skip the warning here if probs and not major_upgrade: print print _("WARNING: problems were encountered during transaction test:") for s in probs.summaries: print " "+s.desc for line in s.format_details(): print " "+line print _("Continue with the upgrade at your own risk.")