def is_installed_oscap_ok(): """Check whether expected openscap rpms are installed.""" class GetCmdStdout(): def __init__(self): self.stdout_lines = [] def __call__(self, line): if line.strip(): self.stdout_lines.append(line.strip()) if not os.path.exists(settings.openscap_binary): log_message("Oscap with SCE enabled is not installed") return False if not os.access(settings.openscap_binary, os.X_OK): log_message("Oscap with SCE %s is not executable" % settings.openscap_binary) return False # that's generic problem that could be on various rpm-based systems url = "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html-single/6.10_release_notes/index#BZ1804691" for pkg in settings.openscap_rpms: cmd = ["rpm", "-q", pkg, "--qf", "%{ARCH}\n"] cmdout = GetCmdStdout() ProcessHelper.run_subprocess(cmd, function=cmdout) if SystemIdentification.get_arch() not in cmdout.stdout_lines: log_message("The %s rpm is not installed for the" " %s architecture. This usually ends in a broken" " state in which all the Preupgrade Assistant modules" " are skipped (notchecked state). Please, install" " packages related for your architecture. See %s" " for more info." % (pkg, SystemIdentification.get_arch(), url)) return False return True
def _get_required_arch_dirname(self): """ Get expected dirname of common data for requested assessment of system. In case that dst_arch is not specified by --dst-arch option, final arch is arch of current system (e.g. x86_64). In case that destination architecture is specified by the option and it is different to source arch, specific dirname for cross-architecture is returned. E.g. for source arch "i386" and destination arch "x86_64" returns "i386-x86_64". Doesn't matter when directory exist or not. Just return expected dirname, which correspond to used convention. """ arch = src_arch = SystemIdentification.get_arch() if self.conf.dst_arch and src_arch != self.conf.dst_arch: arch = "%s-%s" % (src_arch, self.conf.dst_arch) return arch
def prep_symlinks(self, assessment_dir, scenario=""): """Prepare a symlinks for relevant architecture and Server Variant""" server_variant = SystemIdentification.get_variant() if server_variant is None: return self.common_result_dir = os.path.join(assessment_dir, settings.common_name) # We need to copy /usr/share/preupgrade/RHEL6_7/common also in case of # usage --contents option. Some contents needs a /root/preupgrade/RHEL6_7/common # directory if self.conf.contents: usr_common_name = os.path.join(settings.source_dir, scenario, settings.common_name) if os.path.exists(usr_common_name): dir_util.copy_tree( usr_common_name, os.path.join(assessment_dir, settings.common_name)) # We have repositories for i386 architecture but packages are built # sometimes as i686 architecture. That's problematic in some cases # so we solve this for now by this little hack ugly. i386_dir = os.path.join(self.common_result_dir, 'i386') i386_x64_dir = os.path.join(self.common_result_dir, 'i386-x86_64') i686_x64_dir = os.path.join(self.common_result_dir, 'i686-x86_64') i686_dir = os.path.join(self.common_result_dir, 'i686') if not os.path.exists(i686_dir) and os.path.exists(i386_dir): os.symlink(i386_dir, i686_dir) if not os.path.exists(i686_x64_dir) and os.path.exists(i386_x64_dir): os.symlink(i386_x64_dir, i686_x64_dir) dir_name = os.path.join(self.common_result_dir, SystemIdentification.get_arch()) if not os.path.exists(dir_name): return server_variant_files = [ files for files in os.listdir(dir_name) if files.startswith(server_variant) or files.startswith("Common") ] self.copy_kickstart_files(self.common_result_dir, server_variant) for files in server_variant_files: # First create a default links to "ServerVariant_" if files.startswith(server_variant): self.create_common_symlink(files, server_variant) elif files.startswith("Common"): self.create_common_symlink(files, "Common")
def prep_symlinks(self, assessment_dir, scenario=""): """Prepare a symlinks for relevant architecture and Server Variant""" server_variant = SystemIdentification.get_variant() if server_variant is None: return self.common_result_dir = os.path.join(assessment_dir, settings.common_name) # We need to copy /usr/share/preupgrade/RHEL6_7/common also in case of # usage --contents option. Some contents needs a /root/preupgrade/RHEL6_7/common # directory if self.conf.contents: usr_common_name = os.path.join(settings.source_dir, scenario, settings.common_name) if os.path.exists(usr_common_name): dir_util.copy_tree(usr_common_name, os.path.join(assessment_dir, settings.common_name)) # We have repositories for i386 architecture but packages are built # sometimes as i686 architecture. That's problematic in some cases # so we solve this for now by this little hack ugly. i386_dir = os.path.join(self.common_result_dir, 'i386') i386_x64_dir = os.path.join(self.common_result_dir, 'i386-x86_64') i686_x64_dir = os.path.join(self.common_result_dir, 'i686-x86_64') i686_dir = os.path.join(self.common_result_dir, 'i686') if not os.path.exists(i686_dir) and os.path.exists(i386_dir): os.symlink(i386_dir, i686_dir) if not os.path.exists(i686_x64_dir) and os.path.exists(i386_x64_dir): os.symlink(i386_x64_dir, i686_x64_dir) dir_name = os.path.join(self.common_result_dir, SystemIdentification.get_arch()) if not os.path.exists(dir_name): return server_variant_files = [files for files in os.listdir(dir_name) if files.startswith(server_variant) or files.startswith("Common")] self.copy_kickstart_files(self.common_result_dir, server_variant) for files in server_variant_files: # First create a default links to "ServerVariant_" if files.startswith(server_variant): self.create_common_symlink(files, server_variant) elif files.startswith("Common"): self.create_common_symlink(files, "Common")
def run(self): """run analysis""" version_msg = "Preupgrade Assistant version: %s" % VERSION if self.conf.version: print(version_msg) return 0 logger_debug.debug(version_msg) if self.conf.list_contents_set: for dir_name, dummy_content in iter( get_installed_module_sets(self.conf.source_dir).items()): log_message("%s" % dir_name) return 0 if self.conf.riskcheck: result_xml_path = os.path.join(settings.assessment_results_dir, settings.xml_result_name) if not os.path.exists(result_xml_path): log_message("System assessment needs to be performed first.") return ReturnValues.PREUPG_BEFORE_RISKCHECK return XccdfHelper.check_inplace_risk(result_xml_path, self.conf.verbose) if self.conf.upload and self.conf.results: if not self.upload_results(): return ReturnValues.SEND_REPORT_TO_UI return 0 if self.conf.cleanup: if not self.executed_under_root(): return ReturnValues.ROOT self.clean_preupgrade_environment() return 0 if self.conf.text: # Test whether w3m, lynx and elinks packages are installed found = False for pkg in SystemIdentification.get_convertors(): if xml_manager.get_package_version(pkg): self.text_convertor = pkg found = True break if not found: log_message( settings.converter_message.format(' '.join( SystemIdentification.get_convertors()))) return ReturnValues.MISSING_TEXT_CONVERTOR return_code = self.determine_module_set_location() if return_code: return return_code self.determine_module_set_copy_location() if self.conf.list_rules: rules = [ x for x in XccdfHelper.get_list_rules(self.all_xccdf_xml_path) ] log_message('\n'.join(rules)) return 0 if self.conf.mode and self.conf.select_rules: log_message(settings.options_not_allowed) return ReturnValues.MODE_SELECT_RULES # If force option is not mentioned and user selects NO then exit if not self.conf.force: text = "" if self.conf.dst_arch: correct_option = [ x for x in settings.migration_options if self.conf.dst_arch == x ] if not correct_option: sys.stderr.write( "Error: Specify correct value for --dst-arch" " option.\nValid are: %s.\n" % ", ".join(settings.migration_options)) return ReturnValues.INVALID_CLI_OPTION if SystemIdentification.get_arch() == "i386" or \ SystemIdentification.get_arch() == "i686": if not self.conf.dst_arch: text = '\n' + settings.migration_text logger_debug.debug("Architecture '%s'. Text '%s'.", SystemIdentification.get_arch(), text) if not show_message(settings.warning_text + text): # User does not want to continue return ReturnValues.USER_ABORT self.openscap_helper = OpenSCAPHelper(self.conf.assessment_results_dir, self.conf.result_prefix, self.conf.xml_result_name, self.conf.html_result_name, self.all_xccdf_xml_path) if not self.executed_under_root(): return ReturnValues.ROOT if not os.path.exists(settings.openscap_binary): log_message("Oscap with SCE enabled is not installed") return ReturnValues.MISSING_OPENSCAP if not os.access(settings.openscap_binary, os.X_OK): log_message("Oscap with SCE %s is not executable" % settings.openscap_binary) return ReturnValues.MISSING_OPENSCAP self.execution_dir = os.getcwd() os.chdir("/tmp") retval = self.scan_system() if retval != 0: return retval retval = self.summary_report(self.tar_ball_name) self.common.copy_common_files() KickstartGenerator.kickstart_scripts() FileHelper.remove_home_issues() if self.conf.upload: if not self.upload_results(): retval = ReturnValues.SEND_REPORT_TO_UI os.chdir(self.execution_dir) return retval
def run(self): """run analysis""" version_msg = "Preupgrade Assistant version: %s" % VERSION if self.conf.version: print (version_msg) return 0 logger_debug.debug(version_msg) if self.conf.list_contents_set: for dir_name, dummy_content in six.iteritems(list_contents(self.conf.source_dir)): log_message("%s" % dir_name) return 0 if not self.conf.scan and not self.conf.contents and not self.conf.list_rules: ret_val = self._check_available_contents() if int(ret_val) != 0: return ret_val if self.conf.list_rules: ret_val = self._check_available_contents() if int(ret_val) != 0: return ret_val rules = [self.conf.scan + ':' + x for x in XccdfHelper.get_list_rules(self.conf.scan)] log_message('\n'.join(rules)) return 0 if self.conf.upload: if not self.upload_results(): return ReturnValues.SEND_REPORT_TO_UI return 0 if self.conf.mode and self.conf.select_rules: log_message(settings.options_not_allowed) return ReturnValues.MODE_SELECT_RULES if not self.conf.riskcheck and not self.conf.cleanup and not self.conf.kickstart: # If force option is not mentioned and user select NO then exits if not self.conf.force: text = "" if self.conf.dst_arch: correct_option = [x for x in settings.migration_options if self.conf.dst_arch == x] if not correct_option: log_message("Specify the correct --dst-arch option.") log_message("There are '%s' or '%s' available." % (settings.migration_options[0], settings.migration_options[1])) return ReturnValues.RISK_CLEANUP_KICKSTART if SystemIdentification.get_arch() == "i386" or SystemIdentification.get_arch() == "i686": if not self.conf.dst_arch: text = '\n' + settings.migration_text logger_debug.debug("Architecture '%s'. Text '%s'.", SystemIdentification.get_arch(), text) if not show_message(settings.warning_text + text): # We do not want to continue return ReturnValues.RISK_CLEANUP_KICKSTART if self.conf.text: # Test whether w3m, lynx and elinks packages are installed found = False for pkg in SystemIdentification.get_convertors(): if xml_manager.get_package_version(pkg): self.text_convertor = pkg found = True break if not found: log_message(settings.converter_message.format(' '.join(SystemIdentification.get_convertors()))) return ReturnValues.MISSING_TEXT_CONVERTOR if os.geteuid() != 0: print("Need to be root", end="\n") if not self.conf.debug: return ReturnValues.ROOT if self.conf.cleanup: self.clean_preupgrade_environment() return 0 self.openscap_helper = OpenSCAPHelper(self.conf.assessment_results_dir, self.conf.result_prefix, self.conf.xml_result_name, self.conf.html_result_name, self.content) if self.conf.riskcheck: if not os.path.exists(self.openscap_helper.get_default_xml_result_path()): log_message("The 'preupg' command was not run yet. Run it to check for possible risks.") return ReturnValues.PREUPG_BEFORE_KICKSTART return_val = XccdfHelper.check_inplace_risk(self.openscap_helper.get_default_xml_result_path(), self.conf.verbose) return return_val if self.conf.kickstart: if not os.path.exists(self.openscap_helper.get_default_xml_result_path()): log_message("The 'preupg' command was not run yet. Run it before the Kickstart generation.") return ReturnValues.PREUPG_BEFORE_KICKSTART kg = KickstartGenerator(self.conf, settings.KS_DIR, settings.KS_PATH) kg.main() return 0 if self.conf.scan: self.content = os.path.join(self.conf.source_dir, self.conf.scan, settings.content_file) if self.conf.scan.startswith("/"): log_message('Specify the correct upgrade path parameter like -s RHEL6_7') log_message("Upgrade path is provided by the 'preupg --list' command.") self._check_available_contents() log_message("The available upgrade paths: '%s'" % '\n'.join(self.list_scans)) return ReturnValues.SCENARIO if not os.path.isdir(os.path.join(self.conf.source_dir, self.conf.scan)): log_message('Specify the correct upgrade path parameter like -s RHEL6_7') self._check_available_contents() log_message("Upgrade path is provided by the 'preupg --list' command.") log_message("The available upgrade paths: '%s'" % '\n'.join(self.list_scans)) return ReturnValues.SCENARIO if self.conf.contents: self.content = os.path.join(os.getcwd(), self.conf.contents) # From content path like content-users/RHEL6_7 we need # to get content-users dir content_dir = self.conf.contents[:self.conf.contents.find(self.get_scenario())] self.conf.source_dir = os.path.join(os.getcwd(), content_dir) self.common = Common(self.conf) if not self.conf.skip_common: if not self.common.common_results(): return ReturnValues.SCRIPT_TXT_MISSING if self.conf.scan or self.conf.contents: if not os.path.exists(settings.openscap_binary): log_message("Oscap with SCE enabled is not installed") return ReturnValues.MISSING_OPENSCAP if not os.access(settings.openscap_binary, os.X_OK): log_message("Oscap with SCE %s is not executable" % settings.openscap_binary) return ReturnValues.MISSING_OPENSCAP current_dir = os.getcwd() os.chdir("/tmp") retval = self.scan_system() if int(retval) != 0: return retval self.summary_report(self.tar_ball_name) self.common.copy_common_files() KickstartGenerator.kickstart_scripts() FileHelper.remove_home_issues() if self.conf.upload: self.upload_results(self.tar_ball_name) os.chdir(current_dir) return self.report_return_value log_message('Nothing to do. Give me a task, please.') self.conf.settings[2].parser.print_help() return 0
def run(self): """run analysis""" version_msg = "Preupgrade Assistant version: %s" % VERSION if self.conf.version: print (version_msg) return 0 logger_debug.debug(version_msg) if self.conf.list_contents_set: for dir_name, dummy_content in iter(get_installed_module_sets( self.conf.source_dir).items()): log_message("%s" % dir_name) return 0 if self.conf.riskcheck: result_xml_path = os.path.join(settings.assessment_results_dir, settings.xml_result_name) if not os.path.exists(result_xml_path): log_message("System assessment needs to be performed first.") return ReturnValues.PREUPG_BEFORE_RISKCHECK return XccdfHelper.check_inplace_risk(result_xml_path, self.conf.verbose) if self.conf.upload and self.conf.results: if not self.upload_results(): return ReturnValues.SEND_REPORT_TO_UI return 0 if self.conf.cleanup: if not self.executed_under_root(): return ReturnValues.ROOT self.clean_preupgrade_environment() return 0 if self.conf.text: # Test whether w3m, lynx and elinks packages are installed found = False for pkg in SystemIdentification.get_convertors(): if xml_manager.get_package_version(pkg): self.text_convertor = pkg found = True break if not found: log_message(settings.converter_message.format( ' '.join(SystemIdentification.get_convertors()))) return ReturnValues.MISSING_TEXT_CONVERTOR return_code = self.determine_module_set_location() if return_code: return return_code self.determine_module_set_copy_location() if self.conf.list_rules: rules = [x for x in XccdfHelper.get_list_rules(self.all_xccdf_xml_path)] log_message('\n'.join(rules)) return 0 if self.conf.mode and self.conf.select_rules: log_message(settings.options_not_allowed) return ReturnValues.MODE_SELECT_RULES # If force option is not mentioned and user selects NO then exit if not self.conf.force: text = "" if self.conf.dst_arch: correct_option = [x for x in settings.migration_options if self.conf.dst_arch == x] if not correct_option: sys.stderr.write( "Error: Specify correct value for --dst-arch" " option.\nValid are: %s.\n" % ", ".join(settings.migration_options) ) return ReturnValues.INVALID_CLI_OPTION if SystemIdentification.get_arch() == "i386" or \ SystemIdentification.get_arch() == "i686": if not self.conf.dst_arch: text = '\n' + settings.migration_text logger_debug.debug("Architecture '%s'. Text '%s'.", SystemIdentification.get_arch(), text) if not show_message(settings.warning_text + text): # User does not want to continue return ReturnValues.USER_ABORT self.openscap_helper = OpenSCAPHelper(self.conf.assessment_results_dir, self.conf.result_prefix, self.conf.xml_result_name, self.conf.html_result_name, self.all_xccdf_xml_path) if not self.executed_under_root(): return ReturnValues.ROOT if not os.path.exists(settings.openscap_binary): log_message("Oscap with SCE enabled is not installed") return ReturnValues.MISSING_OPENSCAP if not os.access(settings.openscap_binary, os.X_OK): log_message("Oscap with SCE %s is not executable" % settings.openscap_binary) return ReturnValues.MISSING_OPENSCAP self.execution_dir = os.getcwd() os.chdir("/tmp") retval = self.scan_system() if retval != 0: return retval retval = self.summary_report(self.tar_ball_name) self.common.copy_common_files() KickstartGenerator.kickstart_scripts() FileHelper.remove_home_issues() if self.conf.upload: if not self.upload_results(): retval = ReturnValues.SEND_REPORT_TO_UI os.chdir(self.execution_dir) return retval
def run(self): """run analysis""" version_msg = "Preupgrade Assistant version: %s" % VERSION if self.conf.version: print(version_msg) return 0 logger_debug.debug(version_msg) if self.conf.list_contents_set: for dir_name, dummy_content in six.iteritems( list_contents(self.conf.source_dir)): log_message("%s" % dir_name) return 0 if not self.conf.scan and not self.conf.contents and not self.conf.list_rules: ret_val = self._check_available_contents() if int(ret_val) != 0: return ret_val if self.conf.list_rules: ret_val = self._check_available_contents() if int(ret_val) != 0: return ret_val rules = [ self.conf.scan + ':' + x for x in XccdfHelper.get_list_rules(self.conf.scan) ] log_message('\n'.join(rules)) return 0 if self.conf.upload: if not self.upload_results(): return ReturnValues.SEND_REPORT_TO_UI return 0 if self.conf.mode and self.conf.select_rules: log_message(settings.options_not_allowed) return ReturnValues.MODE_SELECT_RULES if not self.conf.riskcheck and not self.conf.cleanup and not self.conf.kickstart: # If force option is not mentioned and user select NO then exits if not self.conf.force: text = "" if self.conf.dst_arch: correct_option = [ x for x in settings.migration_options if self.conf.dst_arch == x ] if not correct_option: log_message("Specify the correct --dst-arch option.") log_message("There are '%s' or '%s' available." % (settings.migration_options[0], settings.migration_options[1])) return ReturnValues.RISK_CLEANUP_KICKSTART if SystemIdentification.get_arch( ) == "i386" or SystemIdentification.get_arch() == "i686": if not self.conf.dst_arch: text = '\n' + settings.migration_text logger_debug.debug("Architecture '%s'. Text '%s'.", SystemIdentification.get_arch(), text) if not show_message(settings.warning_text + text): # We do not want to continue return ReturnValues.RISK_CLEANUP_KICKSTART if self.conf.text: # Test whether w3m, lynx and elinks packages are installed found = False for pkg in SystemIdentification.get_convertors(): if xml_manager.get_package_version(pkg): self.text_convertor = pkg found = True break if not found: log_message( settings.converter_message.format(' '.join( SystemIdentification.get_convertors()))) return ReturnValues.MISSING_TEXT_CONVERTOR if os.geteuid() != 0: print("Need to be root", end="\n") if not self.conf.debug: return ReturnValues.ROOT if self.conf.cleanup: self.clean_preupgrade_environment() return 0 self.openscap_helper = OpenSCAPHelper(self.conf.assessment_results_dir, self.conf.result_prefix, self.conf.xml_result_name, self.conf.html_result_name, self.content) if self.conf.riskcheck: if not os.path.exists( self.openscap_helper.get_default_xml_result_path()): log_message( "The 'preupg' command was not run yet. Run it to check for possible risks." ) return ReturnValues.PREUPG_BEFORE_KICKSTART return_val = XccdfHelper.check_inplace_risk( self.openscap_helper.get_default_xml_result_path(), self.conf.verbose) return return_val if self.conf.kickstart: if not os.path.exists( self.openscap_helper.get_default_xml_result_path()): log_message( "The 'preupg' command was not run yet. Run it before the Kickstart generation." ) return ReturnValues.PREUPG_BEFORE_KICKSTART kg = KickstartGenerator(self.conf, settings.KS_DIR, settings.KS_PATH) kg.main() return 0 if self.conf.scan: self.content = os.path.join(self.conf.source_dir, self.conf.scan, settings.content_file) if self.conf.scan.startswith("/"): log_message( 'Specify the correct upgrade path parameter like -s RHEL6_7' ) log_message( "Upgrade path is provided by the 'preupg --list' command.") self._check_available_contents() log_message("The available upgrade paths: '%s'" % '\n'.join(self.list_scans)) return ReturnValues.SCENARIO if not os.path.isdir( os.path.join(self.conf.source_dir, self.conf.scan)): log_message( 'Specify the correct upgrade path parameter like -s RHEL6_7' ) self._check_available_contents() log_message( "Upgrade path is provided by the 'preupg --list' command.") log_message("The available upgrade paths: '%s'" % '\n'.join(self.list_scans)) return ReturnValues.SCENARIO if self.conf.contents: self.content = os.path.join(os.getcwd(), self.conf.contents) # From content path like content-users/RHEL6_7 we need # to get content-users dir content_dir = self.conf.contents[:self.conf.contents. find(self.get_scenario())] self.conf.source_dir = os.path.join(os.getcwd(), content_dir) self.common = Common(self.conf) if not self.conf.skip_common: if not self.common.common_results(): return ReturnValues.SCRIPT_TXT_MISSING if self.conf.scan or self.conf.contents: if not os.path.exists(settings.openscap_binary): log_message("Oscap with SCE enabled is not installed") return ReturnValues.MISSING_OPENSCAP if not os.access(settings.openscap_binary, os.X_OK): log_message("Oscap with SCE %s is not executable" % settings.openscap_binary) return ReturnValues.MISSING_OPENSCAP current_dir = os.getcwd() os.chdir("/tmp") retval = self.scan_system() if int(retval) != 0: return retval self.summary_report(self.tar_ball_name) self.common.copy_common_files() KickstartGenerator.kickstart_scripts() FileHelper.remove_home_issues() if self.conf.upload: self.upload_results(self.tar_ball_name) os.chdir(current_dir) return self.report_return_value log_message('Nothing to do. Give me a task, please.') self.conf.settings[2].parser.print_help() return 0