def check_selinux(self,status):
enabled = self.config.api.is_selinux_enabled()
if enabled:
data2 = utils.subprocess_get(self.logger,"/usr/sbin/getsebool -a",shell=True)
for line in data2.split("\n"):
if line.find("httpd_can_network_connect ") != -1:
if line.find("off") != -1:
status.append(_("Must enable selinux boolean to enable Apache and web services components, run: setsebool -P httpd_can_network_connect true"))
data3 = utils.subprocess_get(self.logger,"/usr/sbin/semanage fcontext -l | grep public_content_t",shell=True)
rule1 = False
rule2 = False
rule3 = False
selinux_msg = "/usr/sbin/semanage fcontext -a -t public_content_t \"%s\""
for line in data3.split("\n"):
if line.startswith("/tftpboot/.*") and line.find("public_content_t") != -1:
rule1 = True
if line.startswith("/var/lib/tftpboot/.*") and line.find("public_content_t") != -1:
rule2 = True
if line.startswith("/var/www/cobbler/images/.*") and line.find("public_content_t") != -1:
rule3 = True
rules = []
if not os.path.exists("/tftpboot") and not rule1:
rules.append(selinux_msg % "/tftpboot/.*")
else:
if not rule2:
rules.append(selinux_msg % "/var/lib/tftpboot/.*")
if not rule3:
rules.append(selinux_msg % "/var/www/cobbler/images/.*")
if len(rules) > 0:
status.append("you need to set some SELinux content rules to ensure cobbler works correctly in your SELinux environment, run the following: %s" % " && ".join(rules))
def check_httpd(self, status):
"""
Check if Apache or Nginx is installed.
"""
if os.path.exists("/etc/nginx/nginx.conf"):
httpd_server = "nginx"
else:
httpd_server = "apache"
if httpd_server == "nginx":
rc = utils.subprocess_get(self.logger, "nginx -v")
else:
if self.checked_dist in (
"redhat",
"red hat enterprise linux server",
"fedora",
"centos",
"scientific linux"
):
rc = utils.subprocess_get(self.logger, "apache d-v")
elif self.checked_dist == "suse" or self.checked_dist == "opensuse":
rc = utils.subprocess_get(self.logger, "httpd2 -v")
else:
rc = utils.subprocess_get(self.logger, "apache2 -v")
if httpd_server == "nginx":
if rc.find("nginx") == -1:
status.append("Nginx (nginx) is not installed and/or in path")
else:
if rc.find("Server") == -1:
status.append("Apache (httpd) is not installed and/or in path")
def check_selinux(self,status):
"""
Suggests various SELinux rules changes to run Cobbler happily with
SELinux in enforcing mode. FIXME: this method could use some
refactoring in the future.
"""
if self.checked_dist in ["debian", "ubuntu"]:
return
enabled = self.config.api.is_selinux_enabled()
if enabled:
data2 = utils.subprocess_get(self.logger,"/usr/sbin/getsebool -a",shell=True)
for line in data2.split("\n"):
if line.find("httpd_can_network_connect ") != -1:
if line.find("off") != -1:
status.append(_("Must enable a selinux boolean to enable vital web services components, run: setsebool -P httpd_can_network_connect true"))
if line.find("rsync_disable_trans ") != -1:
if line.find("on") != -1:
status.append(_("Must enable the cobbler import and replicate commands, run: setsebool -P rsync_disable_trans=1"))
data3 = utils.subprocess_get(self.logger,"/usr/sbin/semanage fcontext -l | grep public_content_t",shell=True)
rule1 = False
rule2 = False
rule3 = False
selinux_msg = "/usr/sbin/semanage fcontext -a -t public_content_t \"%s\""
for line in data3.split("\n"):
if line.startswith("/tftpboot/.*"):
rule1 = True
if line.startswith("/var/lib/tftpboot/.*"):
rule2 = True
if line.startswith("/var/www/cobbler/images/.*"):
rule3 = True
rules = []
if os.path.exists("/tftpboot") and not rule1:
rules.append(selinux_msg % "/tftpboot/.*")
else:
if not rule2:
rules.append(selinux_msg % "/var/lib/tftpboot/.*")
if not rule3:
rules.append(selinux_msg % "/var/www/cobbler/images/.*")
if len(rules) > 0:
status.append("you need to set some SELinux content rules to ensure cobbler serves content correctly in your SELinux environment, run the following: %s" % " && ".join(rules))
# now check to see that the Django sessions path is accessible
# by Apache
data4 = utils.subprocess_get(self.logger,"/usr/sbin/semanage fcontext -l | grep httpd_sys_content_rw_t",shell=True)
selinux_msg = "you need to set some SELinux rules if you want to use cobbler-web (an optional package), run the following: /usr/sbin/semanage fcontext -a -t httpd_sys_content_rw_t \"%s\""
rule4 = False
for line in data4.split("\n"):
if line.startswith("/var/lib/cobbler/webui_sessions/.*"):
rule4 = True
if not rule4:
status.append(selinux_msg % "/var/lib/cobbler/webui_sessions/.*")
def check_selinux(self,status):
"""
Suggests various SELinux rules changes to run Cobbler happily with
SELinux in enforcing mode. FIXME: this method could use some
refactoring in the future.
"""
if self.checked_dist in ["debian", "ubuntu"]:
return
enabled = self.config.api.is_selinux_enabled()
if enabled:
data2 = utils.subprocess_get(self.logger,"/usr/sbin/getsebool -a",shell=True)
for line in data2.split("\n"):
if line.find("httpd_can_network_connect ") != -1:
if line.find("off") != -1:
status.append(_("Must enable a selinux boolean to enable vital web services components, run: setsebool -P httpd_can_network_connect true"))
if line.find("rsync_disable_trans ") != -1:
if line.find("on") != -1:
status.append(_("Must enable the cobbler import and replicate commands, run: setsebool -P rsync_disable_trans=1"))
data3 = utils.subprocess_get(self.logger,"/usr/sbin/semanage fcontext -l | grep public_content_t",shell=True)
rule1 = False
rule2 = False
rule3 = False
selinux_msg = "/usr/sbin/semanage fcontext -a -t public_content_t \"%s\""
for line in data3.split("\n"):
if line.startswith("/tftpboot/.*"):
rule1 = True
if line.startswith("/var/lib/tftpboot/.*"):
rule2 = True
if line.startswith(self.settings.webdir+"/images/.*"):
rule3 = True
rules = []
if os.path.exists("/tftpboot") and not rule1:
rules.append(selinux_msg % "/tftpboot/.*")
else:
if not rule2:
rules.append(selinux_msg % "/var/lib/tftpboot/.*")
if not rule3:
rules.append(selinux_msg % self.settings.webdir+"/images/.*")
if len(rules) > 0:
status.append("you need to set some SELinux content rules to ensure cobbler serves content correctly in your SELinux environment, run the following: %s" % " && ".join(rules))
# now check to see that the Django sessions path is accessible
# by Apache
data4 = utils.subprocess_get(self.logger,"/usr/sbin/semanage fcontext -l | grep httpd_sys_content_rw_t",shell=True)
selinux_msg = "you need to set some SELinux rules if you want to use cobbler-web (an optional package), run the following: /usr/sbin/semanage fcontext -a -t httpd_sys_content_rw_t \"%s\""
rule4 = False
for line in data4.split("\n"):
if line.startswith("/var/lib/cobbler/webui_sessions/.*"):
rule4 = True
if not rule4:
status.append(selinux_msg % "/var/lib/cobbler/webui_sessions/.*")
def check_httpd(self,status):
"""
Check if Apache is installed.
"""
if self.checked_dist == "suse":
rc = utils.subprocess_get(self.logger,"httpd -v")
else:
rc = utils.subprocess_get(self.logger,"apache2 -v")
if rc.find("Server") != -1:
status.append("Apache (httpd) is not installed and/or in path")
def check_httpd(self, status):
"""
Check if Apache is installed.
"""
if self.checked_dist in ["suse", "redhat"]:
rc = utils.subprocess_get(self.logger, "httpd -v")
else:
rc = utils.subprocess_get(self.logger, "apache2 -v")
if rc.find("Server") == -1:
status.append("Apache (httpd) is not installed and/or in path")
def check_httpd(self,status):
"""
Check if Apache is installed.
"""
if self.checked_dist in ("redhat","fedora","centos","scientific linux"):
rc = utils.subprocess_get(self.logger,"httpd -v")
elif self.checked_dist == "suse":
rc = utils.subprocess_get(self.logger,"httpd2 -v")
else:
rc = utils.subprocess_get(self.logger,"apache2 -v")
if rc.find("Server") == -1:
status.append("Apache (httpd) is not installed and/or in path")
def check_httpd(self,status):
"""
Check if Apache is installed.
"""
if self.checked_dist in ("redhat","fedora","centos","scientific linux"):
rc = utils.subprocess_get(self.logger,"httpd -v")
elif self.checked_dist == "suse":
rc = utils.subprocess_get(self.logger,"httpd2 -v")
else:
rc = utils.subprocess_get(self.logger,"apache2 -v")
if rc.find("Server") == -1:
status.append("Apache (httpd) is not installed and/or in path")
def check_yum(self, status):
if self.checked_dist in ["debian", "ubuntu"]:
return
if not os.path.exists("/usr/bin/createrepo"):
status.append(
_(
"createrepo package is not installed, needed for cobbler import and cobbler reposync, install createrepo?"
)
)
if not os.path.exists("/usr/bin/reposync"):
status.append(_("reposync is not installed, need for cobbler reposync, install/upgrade yum-utils?"))
if not os.path.exists("/usr/bin/yumdownloader"):
status.append(
_(
"yumdownloader is not installed, needed for cobbler repo add with --rpm-list parameter, install/upgrade yum-utils?"
)
)
if self.settings.reposync_flags.find("-l"):
if self.checked_dist == "redhat" or self.checked_dist == "suse":
yum_utils_ver = utils.subprocess_get(
self.logger, "/usr/bin/rpmquery --queryformat=%{VERSION} yum-utils", shell=True
)
if yum_utils_ver < "1.1.17":
status.append(
_("yum-utils need to be at least version 1.1.17 for reposync -l, current version is %s")
% yum_utils_ver
)
def check_bind_bin(self,status):
"""
Check if bind is installed.
"""
rc = utils.subprocess_get(self.logger,"named --help")
if rc.find("unknown option") == -1:
status.append("named is not installed and/or in path")
def check_dnsmasq_bin(self,status):
"""
Check if dnsmasq is installed
"""
rc = utils.subprocess_get(self.logger,"dnsmasq --help")
if rc.find("Valid options") == -1:
status.append("dnsmasq is not installed and/or in path")
def check_dnsmasq_bin(self, status):
"""
Check if dnsmasq is installed
"""
rc = utils.subprocess_get(self.logger, "dnsmasq --help")
if rc.find("Valid options") == -1:
status.append("dnsmasq is not installed and/or in path")
def check_yum(self, status):
if self.checked_dist in ["debian", "ubuntu"]:
return
if not os.path.exists("/usr/bin/createrepo"):
status.append(
_("createrepo package is not installed, needed for cobbler import and cobbler reposync, install createrepo?"
))
if not os.path.exists("/usr/bin/reposync"):
status.append(
_("reposync is not installed, need for cobbler reposync, install/upgrade yum-utils?"
))
if not os.path.exists("/usr/bin/yumdownloader"):
status.append(
_("yumdownloader is not installed, needed for cobbler repo add with --rpm-list parameter, install/upgrade yum-utils?"
))
if self.settings.reposync_flags.find("-l"):
if self.checked_dist == "redhat" or self.checked_dist == "suse":
yum_utils_ver = utils.subprocess_get(
self.logger,
"/usr/bin/rpmquery --queryformat=%{VERSION} yum-utils",
shell=True)
if yum_utils_ver < "1.1.17":
status.append(
_("yum-utils need to be at least version 1.1.17 for reposync -l, current version is %s"
) % yum_utils_ver)
def check_bind_bin(self,status):
"""
Check if bind is installed.
"""
rc = utils.subprocess_get(self.logger,"named -v")
# it should return something like "BIND 9.6.1-P1-RedHat-9.6.1-6.P1.fc11"
if rc.find("BIND") == -1:
status.append("named is not installed and/or in path")
def check_bind_bin(self, status):
"""
Check if bind is installed.
"""
rc = utils.subprocess_get(self.logger, "named -v")
# it should return something like "BIND 9.6.1-P1-RedHat-9.6.1-6.P1.fc11"
if rc.find("BIND") == -1:
status.append("named is not installed and/or in path")
def createrepo_walker(self, repo, dirname, fnames):
"""
Used to run createrepo on a copied Yum mirror.
"""
if os.path.exists(dirname) or repo['breed'] == 'rsync':
utils.remove_yum_olddata(dirname)
# add any repo metadata we can use
mdoptions = []
if os.path.isfile("%s/.origin/repomd.xml" % (dirname)):
if not HAS_YUM:
utils.die(self.logger,
"yum is required to use this feature")
rmd = yum.repoMDObject.RepoMD(
'', "%s/.origin/repomd.xml" % (dirname))
if rmd.repoData.has_key("group"):
groupmdfile = rmd.getData("group").location[1]
mdoptions.append("-g %s" % groupmdfile)
if rmd.repoData.has_key("prestodelta"):
# need createrepo >= 0.9.7 to add deltas
if utils.check_dist() in ("redhat", "fedora", "centos",
"scientific linux", "suse",
"opensuse"):
cmd = "/usr/bin/rpmquery --queryformat=%{VERSION} createrepo"
createrepo_ver = utils.subprocess_get(self.logger, cmd)
if createrepo_ver >= "0.9.7":
mdoptions.append("--deltas")
else:
self.logger.error(
"this repo has presto metadata; you must upgrade createrepo to >= 0.9.7 first and then need to resync the repo through cobbler."
)
blended = utils.blender(self.api, False, repo)
flags = blended.get("createrepo_flags", "(ERROR: FLAGS)")
try:
# BOOKMARK
cmd = "createrepo %s %s %s" % (" ".join(mdoptions), flags,
dirname)
utils.subprocess_call(self.logger, cmd)
except:
utils.log_exc(self.logger)
self.logger.error("createrepo failed.")
del fnames[:] # we're in the right place
def get_file_lines(self, filename):
"""
Get lines from a file, which may or may not be compressed
"""
lines = []
ftype = utils.subprocess_get(self.logger, "/usr/bin/file %s" % filename)
if ftype.find("gzip") != -1:
try:
import gzip
f = gzip.open(filename, 'r')
lines = f.readlines()
f.close()
except:
pass
elif ftype.find("text") != -1:
f = open(filename, 'r')
lines = f.readlines()
f.close()
return lines
def get_file_lines(self,filename):
"""
Get lines from a file, which may or may not be compressed
"""
lines = []
ftype = utils.subprocess_get(self.logger, "/usr/bin/file %s" % filename)
if ftype.find("gzip") != -1:
try:
import gzip
f = gzip.open(filename,'r')
lines = f.readlines()
f.close()
except:
pass
elif ftype.find("text") != -1:
f = open(filename,'r')
lines = f.readlines()
f.close()
return lines
def createrepo_walker(self, repo, dirname, fnames):
"""
Used to run createrepo on a copied Yum mirror.
"""
if os.path.exists(dirname) or repo["breed"] == "rsync":
utils.remove_yum_olddata(dirname)
# add any repo metadata we can use
mdoptions = []
if os.path.isfile("%s/repodata/repomd.xml" % (dirname)):
if not HAS_YUM:
utils.die(self.logger, "yum is required to use this feature")
rmd = yum.repoMDObject.RepoMD("", "%s/repodata/repomd.xml" % (dirname))
if rmd.repoData.has_key("group"):
groupmdfile = rmd.getData("group").location[1]
mdoptions.append("-g %s" % groupmdfile)
if rmd.repoData.has_key("prestodelta"):
# need createrepo >= 0.9.7 to add deltas
if utils.check_dist() == "redhat" or utils.check_dist() == "suse":
cmd = "/usr/bin/rpmquery --queryformat=%{VERSION} createrepo"
createrepo_ver = utils.subprocess_get(self.logger, cmd)
if createrepo_ver >= "0.9.7":
mdoptions.append("--deltas")
else:
utils.die(
self.logger,
"this repo has presto metadata; you must upgrade createrepo to >= 0.9.7 first and then need to resync the repo through cobbler.",
)
blended = utils.blender(self.api, False, repo)
flags = blended.get("createrepo_flags", "(ERROR: FLAGS)")
try:
# BOOKMARK
cmd = "createrepo %s %s %s" % (" ".join(mdoptions), flags, dirname)
utils.subprocess_call(self.logger, cmd)
except:
utils.log_exc(self.logger)
self.logger.error("createrepo failed.")
del fnames[:] # we're in the right place