def auth_client(self, token):
""" Authenticate a system based on the same authentication tokens
the client is sending for GET requests
"""
log_debug(3)
# Build a UserDictCase out of the token
dict = UserDictCase(token)
# Set rhnFlags so that we can piggyback on apacheAuth's auth_client
rhnFlags.set('AUTH_SESSION_TOKEN', dict)
# XXX To clean up apacheAuth.auth_client's logging, this is not about
# GET requests
result = apacheAuth.auth_client()
if not result:
raise rhnFault(33, _("Invalid session key"))
log_debug(4, "Client auth OK")
# We checked it already, so we're sure it's there
client_id = dict['X-RHN-Server-Id']
server = rhnServer.search(client_id)
if not server:
raise rhnFault(8, _("This server ID no longer exists"))
# XXX: should we check if the username still has access to it?
# probably not, because there is no known good way we can
# update the server system_id on the client side when
# permissions change... Damn it. --gafton
self.server = server
self.server_id = client_id
self.user = dict['X-RHN-Auth-User-Id']
return server
def auth_client(self, token):
""" Authenticate a system based on the same authentication tokens
the client is sending for GET requests
"""
log_debug(3)
# Build a UserDictCase out of the token
dict = UserDictCase(token)
# Set rhnFlags so that we can piggyback on apacheAuth's auth_client
rhnFlags.set('AUTH_SESSION_TOKEN', dict)
# XXX To clean up apacheAuth.auth_client's logging, this is not about
# GET requests
result = apacheAuth.auth_client()
if not result:
raise rhnFault(33, _("Invalid session key"))
log_debug(4, "Client auth OK")
# We checked it already, so we're sure it's there
client_id = dict['X-RHN-Server-Id']
server = rhnServer.search(client_id)
if not server:
raise rhnFault(8, _("This server ID no longer exists"))
# XXX: should we check if the username still has access to it?
# probably not, because there is no known good way we can
# update the server system_id on the client side when
# permissions change... Damn it. --gafton
self.server = server
self.server_id = client_id
self.user = dict['X-RHN-Auth-User-Id']
return server
def schedule_deploy(server_id, action_id, dry_run=0):
log_debug(2, server_id, action_id)
s = rhnServer.search(server_id)
# Schedule an rhncfg install
new_action_id = server_kickstart.schedule_rhncfg_install(server_id,
action_id, scheduler=None)
new_action_id_2 = rhnAction.schedule_server_action(
server_id,
action_type='configfiles.deploy',
action_name="Activation Key Config Auto-Deploy",
delta_time=0, scheduler=None,
org_id=s.server['org_id'],
prerequisite=new_action_id,
)
if (not dry_run):
h = rhnSQL.prepare(_query_copy_revs_from_shadow_action)
h.execute(action_id=action_id, new_action_id=new_action_id_2,
server_id=server_id)
else:
log_debug(4, "dry run requested")
log_debug(4, "scheduled config deploy for activation key")
raise ShadowAction("Config deploy scheduled")
def schedule_deploy(server_id, action_id, dry_run=0):
log_debug(2, server_id, action_id)
s = rhnServer.search(server_id)
# Schedule an rhncfg install
new_action_id = server_kickstart.schedule_rhncfg_install(server_id,
action_id,
scheduler=None)
new_action_id_2 = rhnAction.schedule_server_action(
server_id,
action_type='configfiles.deploy',
action_name="Activation Key Config Auto-Deploy",
delta_time=0,
scheduler=None,
org_id=s.server['org_id'],
prerequisite=new_action_id,
)
if (not dry_run):
h = rhnSQL.prepare(_query_copy_revs_from_shadow_action)
h.execute(action_id=action_id,
new_action_id=new_action_id_2,
server_id=server_id)
else:
log_debug(4, "dry run requested")
log_debug(4, "scheduled config deploy for activation key")
raise ShadowAction("Config deploy scheduled")
def _get_files(server_id, action_id):
h = rhnSQL.prepare(_query_get_files)
h.execute(action_id=action_id, server_id=server_id)
server = rhnServer.search(server_id)
server = var_interp_prep(server)
files = []
while 1:
row = h.fetchone_dict()
if not row:
break
files.append(format_file_results(row, server=server))
result = {"files": files}
return result
def _get_files(server_id, action_id):
h = rhnSQL.prepare(_query_get_files)
h.execute(action_id=action_id, server_id=server_id)
server = rhnServer.search(server_id)
server = var_interp_prep(server)
files = []
while 1:
row = h.fetchone_dict()
if not row:
break
files.append(format_file_results(row, server=server))
result = {
'files': files,
}
return result
def process_network_ifaces_result(minion, event):
"""
Updates the spacewalk registration for a minion
with it's currently reported network interface list.
"""
sid = is_minion_registered(minion)
if not sid:
logger.warning("%s is no longer registered. Interfaces ignored.",
minion)
return
profile = dict()
interfaces = event.get('data', {}).get('return', {})
logger.info('Got network interfaces for %s', sid)
logger.debug(pp.pformat(interfaces))
profile['class'] = 'NETINTERFACES'
for iface, details in interfaces.iteritems():
profile[iface] = dict()
profile[iface]['ipv6'] = list()
profile[iface]['hwaddr'] = details['hwaddr']
# FIXME: how to get the iface module with Salt?
profile[iface]['module'] = 'Unknown'
# only one ipv4 addr supported
for ipv4net in details['inet']:
profile[iface]['ipaddr'] = ipv4net['address']
profile[iface]['netmask'] = ipv4net['netmask']
profile[iface]['broadcast'] = ipv4net['broadcast']
break
for ipv6net in details['inet6']:
ipv6net['scope'] = 'Unknown'
ipv6net['addr'] = ipv6net['address']
ipv6net['netmask'] = ipv6net['prefixlen']
profile[iface]['ipv6'].append(ipv6net)
server = rhnServer.search(int(sid))
# No need to delete the hardware as the class seems to ovewrite
# the previous value
server.add_hardware(profile)
server.save_hardware()
def schedule_pkg_install(server_id, action_id, dry_run=0):
s = rhnServer.search(server_id)
new_action_id = rhnAction.schedule_server_action(
server_id,
action_type='packages.update',
action_name="Activation Key Package Auto-Install",
delta_time=0, scheduler=None,
org_id=s.server['org_id'],
)
if (not dry_run):
h = rhnSQL.prepare(_query_copy_pkgs_from_shadow_action)
h.execute(action_id=action_id, new_action_id=new_action_id)
else:
log_debug(4, "dry run requested")
log_debug(4, "scheduled pkg install for activation key")
raise ShadowAction("Package install scheduled")
def schedule_pkg_install(server_id, action_id, dry_run=0):
s = rhnServer.search(server_id)
new_action_id = rhnAction.schedule_server_action(
server_id,
action_type='packages.update',
action_name="Activation Key Package Auto-Install",
delta_time=0,
scheduler=None,
org_id=s.server['org_id'],
)
if (not dry_run):
h = rhnSQL.prepare(_query_copy_pkgs_from_shadow_action)
h.execute(action_id=action_id, new_action_id=new_action_id)
else:
log_debug(4, "dry run requested")
log_debug(4, "scheduled pkg install for activation key")
raise ShadowAction("Package install scheduled")
def process_package_list_result(minion, event):
"""
Updates the server registration of the minion with
the list of packages reported by salt.
"""
sid = is_minion_registered(minion)
if not sid:
logger.warning("%s is no longer registered. Ignoring package list",
minion)
return
package_list = format_package_list(event.get('data', {}).get('return', {}))
if not package_list:
logger.error("Failed to retrieve a current package list for %s",
minion)
else:
logger.info('Updating package list for Spacewalk sid=%s', sid)
server = rhnServer.search(int(sid))
server.dispose_packages()
for package in package_list:
server.add_package(package)
server.save_packages()
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
#
# Red Hat trademarks are not licensed under GPLv2. No permission is
# granted to use or replicate Red Hat trademarks that are incorporated
# in this software or its documentation.
#
import sys
from templated_document import ServerTemplatedDocument
from spacewalk.server import rhnServer, rhnSQL
rhnSQL.initDB()
server_id = 1003887108
server = rhnServer.search(server_id)
server.reload_hardware()
server.load_custom_info()
t = ServerTemplatedDocument(server, start_delim='@@', end_delim='@@')
#t = ServerTemplatedDocument(server, start_delim='{|', end_delim='|}')
data = open("test/template1.tmpl").read()
try:
print "interpolated: ", t.interpolate(data)
except Exception, e:
print e
tb = sys.exc_info()[2]
stack = []
# walk the traceback to the end
#
# Copyright (c) 2008--2013 Red Hat, Inc.
#
# This software is licensed to you under the GNU General Public License,
# version 2 (GPLv2). There is NO WARRANTY for this software, express or
# implied, including the implied warranties of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
# along with this software; if not, see
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
#
# Red Hat trademarks are not licensed under GPLv2. No permission is
# granted to use or replicate Red Hat trademarks that are incorporated
# in this software or its documentation.
#
from spacewalk.common.rhnConfig import initCFG
from spacewalk.server import rhnSQL, rhnServer
initCFG("server.xmlrpc")
rhnSQL.initDB("rhnuser/rhnuser@webdev")
print rhnServer.search(1003485567).fetch_registration_message()
print rhnServer.search(1003485558).fetch_registration_message()
print rhnServer.search(1003485584).fetch_registration_message()
print rhnChannel.channels_for_release_arch('2.1AS', 'athlon-redhat-linux', user_id=575937)
print rhnChannel.channels_for_release_arch('2.1AS', 'XXXX-redhat-linux', user_id=575937)
# mibanescu-2
# print rhnChannel.channels_for_release_arch('9', 'i386-redhat-linux', user_id=2012148)
# mibanescu-plain
print rhnChannel.channels_for_release_arch('2.1AS', 'athlon-redhat-linux', user_id=2825619)
sys.exit(1)
channel = "redhat-linux-i386-7.1"
start = time.time()
ret = rhnChannel.list_packages(channel)
print "Took %.2f seconds to list %d packages in %s" % (
time.time() - start, len(ret), channel)
# pprint.pprint(ret)
start = time.time()
ret = rhnChannel.list_obsoletes(channel)
print "Took %.2f seconds to list %d obsoletes in %s" % (
time.time() - start, len(ret), channel)
# pprint.pprint(ret)
server_id = 1002156837
channels = rhnChannel.channels_for_server(server_id)
s = rhnServer.search(server_id)
s.change_base_channel("2.1AS-foobar")
print map(lambda x: x['label'], channels)
print map(lambda x: x['label'], rhnChannel.channels_for_server(server_id))
rhnSQL.commit()
#
# Copyright (c) 2008--2016 Red Hat, Inc.
#
# This software is licensed to you under the GNU General Public License,
# version 2 (GPLv2). There is NO WARRANTY for this software, express or
# implied, including the implied warranties of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
# along with this software; if not, see
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
#
# Red Hat trademarks are not licensed under GPLv2. No permission is
# granted to use or replicate Red Hat trademarks that are incorporated
# in this software or its documentation.
#
from spacewalk.common.rhnConfig import initCFG
from spacewalk.server import rhnSQL, rhnServer
initCFG("server.xmlrpc")
rhnSQL.initDB("rhnuser/rhnuser@webdev")
print(rhnServer.search(1003485567).fetch_registration_message())
print(rhnServer.search(1003485558).fetch_registration_message())
print(rhnServer.search(1003485584).fetch_registration_message())
def create_system(self, user, profile_name, release_version,
architecture, data):
"""
Create a system based on the input parameters.
Return dict containing a server object for now.
Called by new_system (< rhel5)
and new_system_user_pass | new_system_activation_key (>= rhel5)
"""
if profile_name is not None and not \
rhnFlags.test("re_registration_token") and \
len(profile_name) < 1:
raise rhnFault(800)
# log entry point
if data.has_key("token"):
log_item = "token = '%s'" % data["token"]
else:
log_item = "username = '******'" % user.username
log_debug(1, log_item, release_version, architecture)
# Fetch the applet's UUID
if data.has_key("uuid"):
applet_uuid = data['uuid']
log_debug(3, "applet uuid", applet_uuid)
else:
applet_uuid = None
# Fetch the up2date UUID
if data.has_key("rhnuuid"):
up2date_uuid = data['rhnuuid']
log_debug(3, "up2date uuid", up2date_uuid)
# XXX Should somehow check the uuid uniqueness
#raise rhnFault(105, "A system cannot be registered multiple times")
else:
up2date_uuid = None
release = str(release_version)
if data.has_key('token'):
token_string = data['token']
# Look the token up; if the token does not exist or is invalid,
# stop right here (search_token raises the appropriate rhnFault)
tokens_obj = rhnServer.search_token(token_string)
log_user_id = tokens_obj.get_user_id()
else:
# user should not be null here
log_user_id = user.getid()
tokens_obj = rhnServer.search_org_token(user.contact["org_id"])
log_debug(3,"universal_registration_token set as %s" %
str(tokens_obj.get_tokens()))
rhnFlags.set("universal_registration_token", tokens_obj)
if data.has_key('channel') and len(data['channel']) > 0:
channel = data['channel']
log_debug(3, "requested EUS channel: %s" % str(channel))
else:
channel = None
newserv = None
if tokens_obj:
# Only set registration_token if we have token(s) available.
# server_token.ActivationTokens.__nonzero__ should do the right
# thing of filtering the case of no tokens
rhnFlags.set("registration_token", tokens_obj)
# Is the token associated with a server?
if tokens_obj.is_rereg_token:
# Also flag it's a re-registration token
rhnFlags.set("re_registration_token", tokens_obj)
# Load the server object
newserv = rhnServer.search(tokens_obj.get_server_id())
newserv.disable_token()
# The old hardware info no longer applies
newserv.delete_hardware()
# Update the arch - it may have changed; we know the field was
# provided for us
newserv.set_arch(architecture)
newserv.user = rhnUser.User("", "")
newserv.user.reload(newserv.server['creator_id'])
# Generate a new secret for this server
newserv.gen_secret()
# Get rid of the old package profile - it's bogus in this case
newserv.dispose_packages()
# The new server may have a different base channel
newserv.change_base_channel(release)
if newserv is None:
# Not a re-registration token, we need a fresh server object
rhnSQL.set_log_auth(log_user_id)
newserv = rhnServer.Server(user, architecture)
# Proceed with using the rest of the data
newserv.server["release"] = release
if data.has_key('release_name'):
newserv.server["os"] = data['release_name']
## add the package list
if data.has_key('packages'):
for package in data['packages']:
newserv.add_package(package)
# add the hardware profile
if data.has_key('hardware_profile'):
for hw in data['hardware_profile']:
newserv.add_hardware(hw)
# fill in the other details from the data dictionary
if profile_name is not None and not \
rhnFlags.test("re_registration_token"):
newserv.server["name"] = profile_name[:128]
if data.has_key("os"):
newserv.server["os"] = data["os"][:64]
if data.has_key("description"):
newserv.server["description"] = data["description"][:256]
else:
newserv.default_description()
# Check for virt params
# Get the uuid, if there is one.
if data.has_key('virt_uuid'):
virt_uuid = data['virt_uuid']
if virt_uuid is not None \
and not rhnVirtualization.is_host_uuid(virt_uuid):
# If we don't have a virt_type key, we'll assume PARA.
virt_type = None
if data.has_key('virt_type'):
virt_type = data['virt_type']
if virt_type == 'para':
virt_type = rhnVirtualization.VirtualizationType.PARA
elif virt_type == 'fully':
virt_type = rhnVirtualization.VirtualizationType.FULLY
else:
raise Exception(
"Unknown virtualization type: %s" % virt_type)
else:
raise Exception("Virtualization type not provided")
newserv.virt_uuid = virt_uuid
newserv.virt_type = virt_type
else:
newserv.virt_uuid = None
newserv.virt_type = None
else:
newserv.virt_uuid = None
newserv.virt_type = None
# If we didn't find virt info from xen, check smbios
if data.has_key('smbios') and newserv.virt_uuid is None:
(newserv.virt_type, newserv.virt_uuid) = \
parse_smbios(data['smbios'])
if tokens_obj.forget_rereg_token:
# At this point we retained the server with re-activation
# let the stacked activation keys do their magic
tokens_obj.is_rereg_token = 0
rhnFlags.set("re_registration_token", 0)
# now if we have a token, load the extra registration
# information from the token
if rhnFlags.test("registration_token"):
# Keep the original "info" field
newserv.load_token()
# we need to flush the registration information into the
# database so we can proceed with processing the rest of
# the token information (like subscribing the server to
# groups, channels, etc)
# bretm 02/19/2007 -- this shouldn't throw any of the following:
# SubscriptionCountExceeded
# BaseChannelDeniedError
# NoBaseChannelError
# since we have the token object, and underneath the hood, we have none_ok=have_token
# BUT - it does. So catch them and throw. this will make rhnreg_ks
# die out, but oh well. at least they don't end up registered, and
# without a base channel.
try:
# don't commit
newserv.save(0, channel)
except (rhnChannel.SubscriptionCountExceeded,
rhnChannel.NoBaseChannelError), channel_error:
raise rhnFault(70), None, sys.exc_info()[2]
except rhnChannel.BaseChannelDeniedError, channel_error:
raise rhnFault(71), None, sys.exc_info()[2]
def create_system(self, user, profile_name, release_version,
architecture, data):
"""
Create a system based on the input parameters.
Return dict containing a server object for now.
Called by new_system (< rhel5)
and new_system_user_pass | new_system_activation_key (>= rhel5)
"""
if profile_name is not None and not \
rhnFlags.test("re_registration_token") and \
len(profile_name) < 1:
raise rhnFault(800)
# log entry point
if data.has_key("token"):
log_item = "token = '%s'" % data["token"]
else:
log_item = "username = '******'" % user.username
log_debug(1, log_item, release_version, architecture)
# Fetch the applet's UUID
if data.has_key("uuid"):
applet_uuid = data['uuid']
log_debug(3, "applet uuid", applet_uuid)
else:
applet_uuid = None
# Fetch the up2date UUID
if data.has_key("rhnuuid"):
up2date_uuid = data['rhnuuid']
log_debug(3, "up2date uuid", up2date_uuid)
# XXX Should somehow check the uuid uniqueness
#raise rhnFault(105, "A system cannot be registered multiple times")
else:
up2date_uuid = None
release = str(release_version)
if data.has_key('token'):
token_string = data['token']
# Look the token up; if the token does not exist or is invalid,
# stop right here (search_token raises the appropriate rhnFault)
tokens_obj = rhnServer.search_token(token_string)
log_user_id = tokens_obj.get_user_id()
else:
# user should not be null here
log_user_id = user.getid()
tokens_obj = rhnServer.search_org_token(user.contact["org_id"])
log_debug(3,"universal_registration_token set as %s" %
str(tokens_obj.get_tokens()))
rhnFlags.set("universal_registration_token", tokens_obj)
if data.has_key('channel') and len(data['channel']) > 0:
channel = data['channel']
log_debug(3, "requested EUS channel: %s" % str(channel))
else:
channel = None
newserv = None
if tokens_obj:
# Only set registration_token if we have token(s) available.
# server_token.ActivationTokens.__nonzero__ should do the right
# thing of filtering the case of no tokens
rhnFlags.set("registration_token", tokens_obj)
# Is the token associated with a server?
if tokens_obj.is_rereg_token:
# Also flag it's a re-registration token
rhnFlags.set("re_registration_token", tokens_obj)
# Load the server object
newserv = rhnServer.search(tokens_obj.get_server_id())
newserv.disable_token()
# The old hardware info no longer applies
newserv.delete_hardware()
# Update the arch - it may have changed; we know the field was
# provided for us
newserv.set_arch(architecture)
newserv.user = rhnUser.User("", "")
newserv.user.reload(newserv.server['creator_id'])
# Generate a new secret for this server
newserv.gen_secret()
# Get rid of the old package profile - it's bogus in this case
newserv.dispose_packages()
# The new server may have a different base channel
newserv.change_base_channel(release)
if newserv is None:
# Not a re-registration token, we need a fresh server object
rhnSQL.set_log_auth(log_user_id)
newserv = rhnServer.Server(user, architecture)
# Proceed with using the rest of the data
newserv.server["release"] = release
if data.has_key('release_name'):
newserv.server["os"] = data['release_name']
## add the package list
if data.has_key('packages'):
for package in data['packages']:
newserv.add_package(package)
# add the hardware profile
if data.has_key('hardware_profile'):
for hw in data['hardware_profile']:
newserv.add_hardware(hw)
# fill in the other details from the data dictionary
if profile_name is not None and not \
rhnFlags.test("re_registration_token"):
newserv.server["name"] = profile_name[:128]
if data.has_key("os"):
newserv.server["os"] = data["os"][:64]
if data.has_key("description"):
newserv.server["description"] = data["description"][:256]
else:
newserv.default_description()
# Check for virt params
# Get the uuid, if there is one.
if data.has_key('virt_uuid'):
virt_uuid = data['virt_uuid']
if virt_uuid is not None \
and not rhnVirtualization.is_host_uuid(virt_uuid):
# If we don't have a virt_type key, we'll assume PARA.
virt_type = None
if data.has_key('virt_type'):
virt_type = data['virt_type']
if virt_type == 'para':
virt_type = rhnVirtualization.VirtualizationType.PARA
elif virt_type == 'fully':
virt_type = rhnVirtualization.VirtualizationType.FULLY
else:
raise Exception(
"Unknown virtualization type: %s" % virt_type)
else:
raise Exception("Virtualization type not provided")
newserv.virt_uuid = virt_uuid
newserv.virt_type = virt_type
else:
newserv.virt_uuid = None
newserv.virt_type = None
else:
newserv.virt_uuid = None
newserv.virt_type = None
# If we didn't find virt info from xen, check smbios
if data.has_key('smbios') and newserv.virt_uuid is None:
(newserv.virt_type, newserv.virt_uuid) = \
parse_smbios(data['smbios'])
if tokens_obj.forget_rereg_token:
# At this point we retained the server with re-activation
# let the stacked activation keys do their magic
tokens_obj.is_rereg_token = 0
rhnFlags.set("re_registration_token", 0)
# now if we have a token, load the extra registration
# information from the token
if rhnFlags.test("registration_token"):
# Keep the original "info" field
newserv.load_token()
# we need to flush the registration information into the
# database so we can proceed with processing the rest of
# the token information (like subscribing the server to
# groups, channels, etc)
# bretm 02/19/2007 -- this shouldn't throw any of the following:
# SubscriptionCountExceeded
# BaseChannelDeniedError
# NoBaseChannelError
# since we have the token object, and underneath the hood, we have none_ok=have_token
# BUT - it does. So catch them and throw. this will make rhnreg_ks
# die out, but oh well. at least they don't end up registered, and
# without a base channel.
try:
# don't commit
newserv.save(0, channel)
except (rhnChannel.SubscriptionCountExceeded,
rhnChannel.NoBaseChannelError), channel_error:
raise rhnFault(70), None, sys.exc_info()[2]
except rhnChannel.BaseChannelDeniedError, channel_error:
raise rhnFault(71), None, sys.exc_info()[2]
