Exemplo n.º 1
0
    def auth_client(self, token):
        """ Authenticate a system based on the same authentication tokens
            the client is sending for GET requests
        """
        log_debug(3)
        # Build a UserDictCase out of the token
        dict = UserDictCase(token)
        # Set rhnFlags so that we can piggyback on apacheAuth's auth_client
        rhnFlags.set('AUTH_SESSION_TOKEN', dict)

        # XXX To clean up apacheAuth.auth_client's logging, this is not about
        # GET requests
        result = apacheAuth.auth_client()

        if not result:
            raise rhnFault(33, _("Invalid session key"))

        log_debug(4, "Client auth OK")
        # We checked it already, so we're sure it's there
        client_id = dict['X-RHN-Server-Id']

        server = rhnServer.search(client_id)
        if not server:
            raise rhnFault(8, _("This server ID no longer exists"))
        # XXX: should we check if the username still has access to it?
        # probably not, because there is no known good way we can
        # update the server system_id on the client side when
        # permissions change... Damn it. --gafton
        self.server = server
        self.server_id = client_id
        self.user = dict['X-RHN-Auth-User-Id']
        return server
Exemplo n.º 2
0
    def auth_client(self, token):
        """ Authenticate a system based on the same authentication tokens
            the client is sending for GET requests
        """
        log_debug(3)
        # Build a UserDictCase out of the token
        dict = UserDictCase(token)
        # Set rhnFlags so that we can piggyback on apacheAuth's auth_client
        rhnFlags.set('AUTH_SESSION_TOKEN', dict)

        # XXX To clean up apacheAuth.auth_client's logging, this is not about
        # GET requests
        result = apacheAuth.auth_client()

        if not result:
            raise rhnFault(33, _("Invalid session key"))

        log_debug(4, "Client auth OK")
        # We checked it already, so we're sure it's there
        client_id = dict['X-RHN-Server-Id']

        server = rhnServer.search(client_id)
        if not server:
            raise rhnFault(8, _("This server ID no longer exists"))
        # XXX: should we check if the username still has access to it?
        # probably not, because there is no known good way we can
        # update the server system_id on the client side when
        # permissions change... Damn it. --gafton
        self.server = server
        self.server_id = client_id
        self.user = dict['X-RHN-Auth-User-Id']
        return server
Exemplo n.º 3
0
def schedule_deploy(server_id, action_id, dry_run=0):
    log_debug(2, server_id, action_id)
    s = rhnServer.search(server_id)

    # Schedule an rhncfg install
    new_action_id = server_kickstart.schedule_rhncfg_install(server_id,
        action_id, scheduler=None)

    new_action_id_2 = rhnAction.schedule_server_action(
        server_id,
        action_type='configfiles.deploy',
        action_name="Activation Key Config Auto-Deploy",
        delta_time=0, scheduler=None,
        org_id=s.server['org_id'],
        prerequisite=new_action_id,
        )

    if (not dry_run):
        h = rhnSQL.prepare(_query_copy_revs_from_shadow_action)
        h.execute(action_id=action_id, new_action_id=new_action_id_2,
            server_id=server_id)
    else:
        log_debug(4, "dry run requested")

    log_debug(4, "scheduled config deploy for activation key")

    raise ShadowAction("Config deploy scheduled")
Exemplo n.º 4
0
def schedule_deploy(server_id, action_id, dry_run=0):
    log_debug(2, server_id, action_id)
    s = rhnServer.search(server_id)

    # Schedule an rhncfg install
    new_action_id = server_kickstart.schedule_rhncfg_install(server_id,
                                                             action_id,
                                                             scheduler=None)

    new_action_id_2 = rhnAction.schedule_server_action(
        server_id,
        action_type='configfiles.deploy',
        action_name="Activation Key Config Auto-Deploy",
        delta_time=0,
        scheduler=None,
        org_id=s.server['org_id'],
        prerequisite=new_action_id,
    )

    if (not dry_run):
        h = rhnSQL.prepare(_query_copy_revs_from_shadow_action)
        h.execute(action_id=action_id,
                  new_action_id=new_action_id_2,
                  server_id=server_id)
    else:
        log_debug(4, "dry run requested")

    log_debug(4, "scheduled config deploy for activation key")

    raise ShadowAction("Config deploy scheduled")
Exemplo n.º 5
0
def _get_files(server_id, action_id):
    h = rhnSQL.prepare(_query_get_files)
    h.execute(action_id=action_id, server_id=server_id)
    server = rhnServer.search(server_id)
    server = var_interp_prep(server)

    files = []
    while 1:
        row = h.fetchone_dict()
        if not row:
            break
        files.append(format_file_results(row, server=server))

    result = {"files": files}
    return result
Exemplo n.º 6
0
def _get_files(server_id, action_id):
    h = rhnSQL.prepare(_query_get_files)
    h.execute(action_id=action_id, server_id=server_id)
    server = rhnServer.search(server_id)
    server = var_interp_prep(server)

    files = []
    while 1:
        row = h.fetchone_dict()
        if not row:
            break
        files.append(format_file_results(row, server=server))

    result = {
        'files': files,
    }
    return result
Exemplo n.º 7
0
def process_network_ifaces_result(minion, event):
    """
    Updates the spacewalk registration for a minion
    with it's currently reported network interface list.
    """
    sid = is_minion_registered(minion)
    if not sid:
        logger.warning("%s is no longer registered. Interfaces ignored.",
                       minion)
        return

    profile = dict()
    interfaces = event.get('data', {}).get('return', {})
    logger.info('Got network interfaces for %s', sid)
    logger.debug(pp.pformat(interfaces))

    profile['class'] = 'NETINTERFACES'
    for iface, details in interfaces.iteritems():
        profile[iface] = dict()
        profile[iface]['ipv6'] = list()
        profile[iface]['hwaddr'] = details['hwaddr']
        # FIXME: how to get the iface module with Salt?
        profile[iface]['module'] = 'Unknown'

        # only one ipv4 addr supported
        for ipv4net in details['inet']:
            profile[iface]['ipaddr'] = ipv4net['address']
            profile[iface]['netmask'] = ipv4net['netmask']
            profile[iface]['broadcast'] = ipv4net['broadcast']
            break

        for ipv6net in details['inet6']:
            ipv6net['scope'] = 'Unknown'
            ipv6net['addr'] = ipv6net['address']
            ipv6net['netmask'] = ipv6net['prefixlen']
            profile[iface]['ipv6'].append(ipv6net)

        server = rhnServer.search(int(sid))

        # No need to delete the hardware as the class seems to ovewrite
        # the previous value
        server.add_hardware(profile)
        server.save_hardware()
Exemplo n.º 8
0
def schedule_pkg_install(server_id, action_id, dry_run=0):
    s = rhnServer.search(server_id)

    new_action_id = rhnAction.schedule_server_action(
        server_id,
        action_type='packages.update',
        action_name="Activation Key Package Auto-Install",
        delta_time=0, scheduler=None,
        org_id=s.server['org_id'],
        )

    if (not dry_run):
        h = rhnSQL.prepare(_query_copy_pkgs_from_shadow_action)
        h.execute(action_id=action_id, new_action_id=new_action_id)
    else:
        log_debug(4, "dry run requested")

    log_debug(4, "scheduled pkg install for activation key")

    raise ShadowAction("Package install scheduled")
Exemplo n.º 9
0
def schedule_pkg_install(server_id, action_id, dry_run=0):
    s = rhnServer.search(server_id)

    new_action_id = rhnAction.schedule_server_action(
        server_id,
        action_type='packages.update',
        action_name="Activation Key Package Auto-Install",
        delta_time=0,
        scheduler=None,
        org_id=s.server['org_id'],
    )

    if (not dry_run):
        h = rhnSQL.prepare(_query_copy_pkgs_from_shadow_action)
        h.execute(action_id=action_id, new_action_id=new_action_id)
    else:
        log_debug(4, "dry run requested")

    log_debug(4, "scheduled pkg install for activation key")

    raise ShadowAction("Package install scheduled")
Exemplo n.º 10
0
def process_package_list_result(minion, event):
    """
    Updates the server registration of the minion with
    the list of packages reported by salt.
    """
    sid = is_minion_registered(minion)
    if not sid:
        logger.warning("%s is no longer registered. Ignoring package list",
                       minion)
        return

    package_list = format_package_list(event.get('data', {}).get('return', {}))

    if not package_list:
        logger.error("Failed to retrieve a current package list for %s",
                     minion)
    else:
        logger.info('Updating package list for Spacewalk sid=%s', sid)
        server = rhnServer.search(int(sid))
        server.dispose_packages()
        for package in package_list:
            server.add_package(package)
        server.save_packages()
Exemplo n.º 11
0
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
#
# Red Hat trademarks are not licensed under GPLv2. No permission is
# granted to use or replicate Red Hat trademarks that are incorporated
# in this software or its documentation.
#
import sys

from templated_document import ServerTemplatedDocument
from spacewalk.server import rhnServer, rhnSQL

rhnSQL.initDB()

server_id = 1003887108

server = rhnServer.search(server_id)
server.reload_hardware()
server.load_custom_info()

t = ServerTemplatedDocument(server, start_delim='@@', end_delim='@@')
#t = ServerTemplatedDocument(server, start_delim='{|', end_delim='|}')

data = open("test/template1.tmpl").read()

try:
    print "interpolated:  ", t.interpolate(data)
except Exception, e:
    print e
    tb = sys.exc_info()[2]
    stack = []
    # walk the traceback to the end
Exemplo n.º 12
0
#
# Copyright (c) 2008--2013 Red Hat, Inc.
#
# This software is licensed to you under the GNU General Public License,
# version 2 (GPLv2). There is NO WARRANTY for this software, express or
# implied, including the implied warranties of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
# along with this software; if not, see
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
#
# Red Hat trademarks are not licensed under GPLv2. No permission is
# granted to use or replicate Red Hat trademarks that are incorporated
# in this software or its documentation.
#
from spacewalk.common.rhnConfig import initCFG
from spacewalk.server import rhnSQL, rhnServer


initCFG("server.xmlrpc")
rhnSQL.initDB("rhnuser/rhnuser@webdev")

print rhnServer.search(1003485567).fetch_registration_message()
print rhnServer.search(1003485558).fetch_registration_message()
print rhnServer.search(1003485584).fetch_registration_message()
Exemplo n.º 13
0
    print rhnChannel.channels_for_release_arch('2.1AS', 'athlon-redhat-linux', user_id=575937)
    print rhnChannel.channels_for_release_arch('2.1AS', 'XXXX-redhat-linux', user_id=575937)
    # mibanescu-2
#    print rhnChannel.channels_for_release_arch('9', 'i386-redhat-linux', user_id=2012148)
    # mibanescu-plain
    print rhnChannel.channels_for_release_arch('2.1AS', 'athlon-redhat-linux', user_id=2825619)
    sys.exit(1)

    channel = "redhat-linux-i386-7.1"

    start = time.time()
    ret = rhnChannel.list_packages(channel)
    print "Took %.2f seconds to list %d packages in %s" % (
        time.time() - start, len(ret), channel)
    # pprint.pprint(ret)

    start = time.time()
    ret = rhnChannel.list_obsoletes(channel)
    print "Took %.2f seconds to list %d obsoletes in %s" % (
        time.time() - start, len(ret), channel)
    # pprint.pprint(ret)

    server_id = 1002156837
    channels = rhnChannel.channels_for_server(server_id)

    s = rhnServer.search(server_id)
    s.change_base_channel("2.1AS-foobar")
    print map(lambda x: x['label'], channels)
    print map(lambda x: x['label'], rhnChannel.channels_for_server(server_id))
    rhnSQL.commit()
Exemplo n.º 14
0
#
# Copyright (c) 2008--2016 Red Hat, Inc.
#
# This software is licensed to you under the GNU General Public License,
# version 2 (GPLv2). There is NO WARRANTY for this software, express or
# implied, including the implied warranties of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
# along with this software; if not, see
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
#
# Red Hat trademarks are not licensed under GPLv2. No permission is
# granted to use or replicate Red Hat trademarks that are incorporated
# in this software or its documentation.
#
from spacewalk.common.rhnConfig import initCFG
from spacewalk.server import rhnSQL, rhnServer

initCFG("server.xmlrpc")
rhnSQL.initDB("rhnuser/rhnuser@webdev")

print(rhnServer.search(1003485567).fetch_registration_message())
print(rhnServer.search(1003485558).fetch_registration_message())
print(rhnServer.search(1003485584).fetch_registration_message())
Exemplo n.º 15
0
    def create_system(self, user, profile_name, release_version,
                                  architecture, data):
        """
        Create a system based on the input parameters.

        Return dict containing a server object for now.
        Called by new_system (< rhel5)
              and new_system_user_pass | new_system_activation_key (>= rhel5)
        """

        if profile_name is not None and not \
           rhnFlags.test("re_registration_token") and \
           len(profile_name) < 1:
           raise rhnFault(800)

        # log entry point
        if data.has_key("token"):
            log_item = "token = '%s'" % data["token"]
        else:
            log_item = "username = '******'" % user.username

        log_debug(1, log_item, release_version, architecture)

        # Fetch the applet's UUID
        if data.has_key("uuid"):
            applet_uuid = data['uuid']
            log_debug(3, "applet uuid", applet_uuid)
        else:
            applet_uuid = None

        # Fetch the up2date UUID
        if data.has_key("rhnuuid"):
            up2date_uuid = data['rhnuuid']
            log_debug(3, "up2date uuid", up2date_uuid)
            # XXX Should somehow check the uuid uniqueness
            #raise rhnFault(105, "A system cannot be registered multiple times")
        else:
            up2date_uuid = None

        release = str(release_version)

        if data.has_key('token'):
            token_string = data['token']
            # Look the token up; if the token does not exist or is invalid,
            # stop right here (search_token raises the appropriate rhnFault)
            tokens_obj = rhnServer.search_token(token_string)
            log_user_id = tokens_obj.get_user_id()
        else:
            # user should not be null here
            log_user_id = user.getid()
            tokens_obj = rhnServer.search_org_token(user.contact["org_id"])
            log_debug(3,"universal_registration_token set as %s" %
                        str(tokens_obj.get_tokens()))
            rhnFlags.set("universal_registration_token", tokens_obj)

        if data.has_key('channel') and len(data['channel']) > 0:
            channel = data['channel']
            log_debug(3, "requested EUS channel: %s" % str(channel))
        else:
            channel = None

        newserv = None
        if tokens_obj:
            # Only set registration_token if we have token(s) available.
            # server_token.ActivationTokens.__nonzero__ should do the right
            # thing of filtering the case of no tokens
            rhnFlags.set("registration_token", tokens_obj)
            # Is the token associated with a server?
            if tokens_obj.is_rereg_token:
                # Also flag it's a re-registration token
                rhnFlags.set("re_registration_token", tokens_obj)
                # Load the server object
                newserv = rhnServer.search(tokens_obj.get_server_id())
                newserv.disable_token()
                # The old hardware info no longer applies
                newserv.delete_hardware()
                # Update the arch - it may have changed; we know the field was
                # provided for us
                newserv.set_arch(architecture)
                newserv.user = rhnUser.User("", "")
                newserv.user.reload(newserv.server['creator_id'])
                # Generate a new secret for this server
                newserv.gen_secret()
                # Get rid of the old package profile - it's bogus in this case
                newserv.dispose_packages()
                # The new server may have a different base channel
                newserv.change_base_channel(release)

        if newserv is None:
            # Not a re-registration token, we need a fresh server object
            rhnSQL.set_log_auth(log_user_id)
            newserv = rhnServer.Server(user, architecture)


        # Proceed with using the rest of the data
        newserv.server["release"] = release
        if data.has_key('release_name'):
            newserv.server["os"] = data['release_name']

        ## add the package list
        if data.has_key('packages'):
            for package in data['packages']:
                newserv.add_package(package)
        # add the hardware profile
        if data.has_key('hardware_profile'):
            for hw in data['hardware_profile']:
                newserv.add_hardware(hw)
        # fill in the other details from the data dictionary
        if profile_name is not None and not \
           rhnFlags.test("re_registration_token"):
            newserv.server["name"] = profile_name[:128]
        if data.has_key("os"):
            newserv.server["os"] = data["os"][:64]
        if data.has_key("description"):
            newserv.server["description"] = data["description"][:256]
        else:
            newserv.default_description()

        # Check for virt params
        # Get the uuid, if there is one.
        if data.has_key('virt_uuid'):
            virt_uuid = data['virt_uuid']
            if virt_uuid is not None \
               and not rhnVirtualization.is_host_uuid(virt_uuid):
                # If we don't have a virt_type key, we'll assume PARA.
                virt_type = None
                if data.has_key('virt_type'):
                    virt_type = data['virt_type']
                    if virt_type == 'para':
                        virt_type = rhnVirtualization.VirtualizationType.PARA
                    elif virt_type == 'fully':
                        virt_type = rhnVirtualization.VirtualizationType.FULLY
                    else:
                        raise Exception(
                            "Unknown virtualization type: %s" % virt_type)
                else:
                    raise Exception("Virtualization type not provided")
                newserv.virt_uuid = virt_uuid
                newserv.virt_type = virt_type
            else:
                newserv.virt_uuid = None
                newserv.virt_type = None
        else:
            newserv.virt_uuid = None
            newserv.virt_type = None


        # If we didn't find virt info from xen, check smbios
        if data.has_key('smbios') and newserv.virt_uuid is None:
            (newserv.virt_type, newserv.virt_uuid) = \
                    parse_smbios(data['smbios'])

        if tokens_obj.forget_rereg_token:
	    # At this point we retained the server with re-activation
	    # let the stacked activation keys do their magic
            tokens_obj.is_rereg_token = 0
            rhnFlags.set("re_registration_token", 0)

        # now if we have a token, load the extra registration
        # information from the token
        if rhnFlags.test("registration_token"):
            # Keep the original "info" field
            newserv.load_token()
            # we need to flush the registration information into the
            # database so we can proceed with processing the rest of
            # the token information (like subscribing the server to
            # groups, channels, etc)

            # bretm 02/19/2007 -- this shouldn't throw any of the following:
            #   SubscriptionCountExceeded
            #   BaseChannelDeniedError
            #   NoBaseChannelError
            # since we have the token object, and underneath the hood, we have none_ok=have_token

            # BUT - it does. So catch them and throw. this will make rhnreg_ks
            # die out, but oh well. at least they don't end up registered, and
            # without a base channel.
            try:
                # don't commit
                newserv.save(0, channel)
            except (rhnChannel.SubscriptionCountExceeded,
                    rhnChannel.NoBaseChannelError), channel_error:
                raise rhnFault(70), None, sys.exc_info()[2]
            except rhnChannel.BaseChannelDeniedError, channel_error:
                raise rhnFault(71), None, sys.exc_info()[2]
Exemplo n.º 16
0
    def create_system(self, user, profile_name, release_version,
                                  architecture, data):
        """
        Create a system based on the input parameters.

        Return dict containing a server object for now.
        Called by new_system (< rhel5)
              and new_system_user_pass | new_system_activation_key (>= rhel5)
        """

        if profile_name is not None and not \
           rhnFlags.test("re_registration_token") and \
           len(profile_name) < 1:
           raise rhnFault(800)

        # log entry point
        if data.has_key("token"):
            log_item = "token = '%s'" % data["token"]
        else:
            log_item = "username = '******'" % user.username

        log_debug(1, log_item, release_version, architecture)

        # Fetch the applet's UUID
        if data.has_key("uuid"):
            applet_uuid = data['uuid']
            log_debug(3, "applet uuid", applet_uuid)
        else:
            applet_uuid = None

        # Fetch the up2date UUID
        if data.has_key("rhnuuid"):
            up2date_uuid = data['rhnuuid']
            log_debug(3, "up2date uuid", up2date_uuid)
            # XXX Should somehow check the uuid uniqueness
            #raise rhnFault(105, "A system cannot be registered multiple times")
        else:
            up2date_uuid = None

        release = str(release_version)

        if data.has_key('token'):
            token_string = data['token']
            # Look the token up; if the token does not exist or is invalid,
            # stop right here (search_token raises the appropriate rhnFault)
            tokens_obj = rhnServer.search_token(token_string)
            log_user_id = tokens_obj.get_user_id()
        else:
            # user should not be null here
            log_user_id = user.getid()
            tokens_obj = rhnServer.search_org_token(user.contact["org_id"])
            log_debug(3,"universal_registration_token set as %s" %
                        str(tokens_obj.get_tokens()))
            rhnFlags.set("universal_registration_token", tokens_obj)

        if data.has_key('channel') and len(data['channel']) > 0:
            channel = data['channel']
            log_debug(3, "requested EUS channel: %s" % str(channel))
        else:
            channel = None

        newserv = None
        if tokens_obj:
            # Only set registration_token if we have token(s) available.
            # server_token.ActivationTokens.__nonzero__ should do the right
            # thing of filtering the case of no tokens
            rhnFlags.set("registration_token", tokens_obj)
            # Is the token associated with a server?
            if tokens_obj.is_rereg_token:
                # Also flag it's a re-registration token
                rhnFlags.set("re_registration_token", tokens_obj)
                # Load the server object
                newserv = rhnServer.search(tokens_obj.get_server_id())
                newserv.disable_token()
                # The old hardware info no longer applies
                newserv.delete_hardware()
                # Update the arch - it may have changed; we know the field was
                # provided for us
                newserv.set_arch(architecture)
                newserv.user = rhnUser.User("", "")
                newserv.user.reload(newserv.server['creator_id'])
                # Generate a new secret for this server
                newserv.gen_secret()
                # Get rid of the old package profile - it's bogus in this case
                newserv.dispose_packages()
                # The new server may have a different base channel
                newserv.change_base_channel(release)

        if newserv is None:
            # Not a re-registration token, we need a fresh server object
            rhnSQL.set_log_auth(log_user_id)
            newserv = rhnServer.Server(user, architecture)


        # Proceed with using the rest of the data
        newserv.server["release"] = release
        if data.has_key('release_name'):
            newserv.server["os"] = data['release_name']

        ## add the package list
        if data.has_key('packages'):
            for package in data['packages']:
                newserv.add_package(package)
        # add the hardware profile
        if data.has_key('hardware_profile'):
            for hw in data['hardware_profile']:
                newserv.add_hardware(hw)
        # fill in the other details from the data dictionary
        if profile_name is not None and not \
           rhnFlags.test("re_registration_token"):
            newserv.server["name"] = profile_name[:128]
        if data.has_key("os"):
            newserv.server["os"] = data["os"][:64]
        if data.has_key("description"):
            newserv.server["description"] = data["description"][:256]
        else:
            newserv.default_description()

        # Check for virt params
        # Get the uuid, if there is one.
        if data.has_key('virt_uuid'):
            virt_uuid = data['virt_uuid']
            if virt_uuid is not None \
               and not rhnVirtualization.is_host_uuid(virt_uuid):
                # If we don't have a virt_type key, we'll assume PARA.
                virt_type = None
                if data.has_key('virt_type'):
                    virt_type = data['virt_type']
                    if virt_type == 'para':
                        virt_type = rhnVirtualization.VirtualizationType.PARA
                    elif virt_type == 'fully':
                        virt_type = rhnVirtualization.VirtualizationType.FULLY
                    else:
                        raise Exception(
                            "Unknown virtualization type: %s" % virt_type)
                else:
                    raise Exception("Virtualization type not provided")
                newserv.virt_uuid = virt_uuid
                newserv.virt_type = virt_type
            else:
                newserv.virt_uuid = None
                newserv.virt_type = None
        else:
            newserv.virt_uuid = None
            newserv.virt_type = None


        # If we didn't find virt info from xen, check smbios
        if data.has_key('smbios') and newserv.virt_uuid is None:
            (newserv.virt_type, newserv.virt_uuid) = \
                    parse_smbios(data['smbios'])

        if tokens_obj.forget_rereg_token:
	    # At this point we retained the server with re-activation
	    # let the stacked activation keys do their magic
            tokens_obj.is_rereg_token = 0
            rhnFlags.set("re_registration_token", 0)

        # now if we have a token, load the extra registration
        # information from the token
        if rhnFlags.test("registration_token"):
            # Keep the original "info" field
            newserv.load_token()
            # we need to flush the registration information into the
            # database so we can proceed with processing the rest of
            # the token information (like subscribing the server to
            # groups, channels, etc)

            # bretm 02/19/2007 -- this shouldn't throw any of the following:
            #   SubscriptionCountExceeded
            #   BaseChannelDeniedError
            #   NoBaseChannelError
            # since we have the token object, and underneath the hood, we have none_ok=have_token

            # BUT - it does. So catch them and throw. this will make rhnreg_ks
            # die out, but oh well. at least they don't end up registered, and
            # without a base channel.
            try:
                # don't commit
                newserv.save(0, channel)
            except (rhnChannel.SubscriptionCountExceeded,
                    rhnChannel.NoBaseChannelError), channel_error:
                raise rhnFault(70), None, sys.exc_info()[2]
            except rhnChannel.BaseChannelDeniedError, channel_error:
                raise rhnFault(71), None, sys.exc_info()[2]