def __init__(self, is_cobblerd=False):
"""
Constructor
"""
# FIXME: this should be switchable through some simple system
self.__dict__ = BootAPI.__shared_state
self.perms_ok = False
if not BootAPI.__has_loaded:
if os.path.exists("/etc/cobbler/use.couch"):
self.use_couch = True
else:
self.use_couch = False
# NOTE: we do not log all API actions, because
# a simple CLI invocation may call adds and such
# to load the config, which would just fill up
# the logs, so we'll do that logging at CLI
# level (and remote.py web service level) instead.
random.seed()
self.is_cobblerd = is_cobblerd
try:
self.logger = clogger.Logger("/var/log/cobbler/cobbler.log")
except CX:
# return to CLI/other but perms are not valid
# perms_ok is False
return
# FIMXE: conslidate into 1 server instance
self.selinux_enabled = utils.is_selinux_enabled()
self.dist = utils.check_dist()
self.os_version = utils.os_release()
BootAPI.__has_loaded = True
module_loader.load_modules()
self._config = config.Config(self)
self.deserialize()
self.authn = self.get_module_from_file("authentication", "module",
"authn_configfile")
self.authz = self.get_module_from_file("authorization", "module",
"authz_allowall")
# FIXME: pass more loggers around, and also see that those
# using things via tasks construct their own kickgen/yumgen/
# pxegen versus reusing this one, which has the wrong logger
# (most likely) for background tasks.
self.kickgen = kickgen.KickGen(self._config)
self.yumgen = yumgen.YumGen(self._config)
self.pxegen = pxegen.PXEGen(self._config, logger=self.logger)
self.logger.debug("API handle initialized")
self.perms_ok = True
def regen_ss_file():
# this is only used for Kerberos auth at the moment.
# it identifies XMLRPC requests from Apache that have already
# been cleared by Kerberos.
ssfile = "/var/lib/cobbler/web.ss"
fd = open("/dev/urandom")
data = fd.read(512)
fd.close()
if not os.path.isfile(ssfile):
um = os.umask(int('0027',16))
fd = open(ssfile,"w+")
fd.write(binascii.hexlify(data))
fd.close()
os.umask(um)
utils.os_system("chmod 700 /var/lib/cobbler/web.ss")
http_user = "******"
if utils.check_dist() in [ "debian", "ubuntu" ]:
http_user = "******"
utils.os_system("chown %s /var/lib/cobbler/web.ss"%http_user )
else:
fd = open(ssfile,"w+")
fd.write(binascii.hexlify(data))
fd.close()
return 1
def __init__(self, is_cobblerd=False):
"""
Constructor
"""
# FIXME: this should be switchable through some simple system
self.__dict__ = BootAPI.__shared_state
self.perms_ok = False
if not BootAPI.__has_loaded:
if os.path.exists("/etc/cobbler/use.couch"):
self.use_couch = True
else:
self.use_couch = False
# NOTE: we do not log all API actions, because
# a simple CLI invocation may call adds and such
# to load the config, which would just fill up
# the logs, so we'll do that logging at CLI
# level (and remote.py web service level) instead.
random.seed()
self.is_cobblerd = is_cobblerd
try:
self.logger = clogger.Logger("/var/log/cobbler/cobbler.log")
except CX:
# return to CLI/other but perms are not valid
# perms_ok is False
return
# FIMXE: conslidate into 1 server instance
self.selinux_enabled = utils.is_selinux_enabled()
self.dist = utils.check_dist()
self.os_version = utils.os_release()
BootAPI.__has_loaded = True
module_loader.load_modules()
self._config = config.Config(self)
self.deserialize()
self.authn = self.get_module_from_file("authentication", "module", "authn_configfile")
self.authz = self.get_module_from_file("authorization", "module", "authz_allowall")
# FIXME: pass more loggers around, and also see that those
# using things via tasks construct their own kickgen/yumgen/
# pxegen versus reusing this one, which has the wrong logger
# (most likely) for background tasks.
self.kickgen = kickgen.KickGen(self._config)
self.yumgen = yumgen.YumGen(self._config)
self.pxegen = pxegen.PXEGen(self._config, logger=self.logger)
self.logger.debug("API handle initialized")
self.perms_ok = True
def createrepo_walker(self, repo, dirname, fnames):
"""
Used to run createrepo on a copied Yum mirror.
"""
if os.path.exists(dirname) or repo['breed'] == 'rsync':
utils.remove_yum_olddata(dirname)
# add any repo metadata we can use
mdoptions = []
if os.path.isfile("%s/.origin/repomd.xml" % (dirname)):
if not HAS_YUM:
utils.die(self.logger,
"yum is required to use this feature")
rmd = yum.repoMDObject.RepoMD(
'', "%s/.origin/repomd.xml" % (dirname))
if rmd.repoData.has_key("group"):
groupmdfile = rmd.getData("group").location[1]
mdoptions.append("-g %s" % groupmdfile)
if rmd.repoData.has_key("prestodelta"):
# need createrepo >= 0.9.7 to add deltas
if utils.check_dist() == "redhat" or utils.check_dist(
) == "suse":
cmd = "/usr/bin/rpmquery --queryformat=%{VERSION} createrepo"
createrepo_ver = utils.subprocess_get(self.logger, cmd)
if createrepo_ver >= "0.9.7":
mdoptions.append("--deltas")
else:
utils.die(
self.logger,
"this repo has presto metadata; you must upgrade createrepo to >= 0.9.7 first and then need to resync the repo through cobbler."
)
blended = utils.blender(self.api, False, repo)
flags = blended.get("createrepo_flags", "(ERROR: FLAGS)")
try:
# BOOKMARK
cmd = "createrepo %s %s %s" % (" ".join(mdoptions), flags,
dirname)
utils.subprocess_call(self.logger, cmd)
except:
utils.log_exc(self.logger)
self.logger.error("createrepo failed.")
del fnames[:] # we're in the right place
def run(self):
"""
Returns None if there are no errors, otherwise returns a list
of things to correct prior to running application 'for real'.
(The CLI usage is "cobbler check" before "cobbler sync")
"""
status = []
self.checked_dist = utils.check_dist()
self.check_name(status)
self.check_selinux(status)
if self.settings.manage_dhcp:
mode = self.config.api.get_sync().dhcp.what()
if mode == "isc":
self.check_dhcpd_bin(status)
self.check_dhcpd_conf(status)
self.check_service(status, "dhcpd")
elif mode == "dnsmasq":
self.check_dnsmasq_bin(status)
self.check_service(status, "dnsmasq")
if self.settings.manage_dns:
mode = self.config.api.get_sync().dns.what()
if mode == "bind":
self.check_bind_bin(status)
self.check_service(status, "named")
elif mode == "dnsmasq" and not self.settings.manage_dhcp:
self.check_dnsmasq_bin(status)
self.check_service(status, "dnsmasq")
mode = self.config.api.get_sync().tftpd.what()
if mode == "in_tftpd":
self.check_tftpd_bin(status)
self.check_tftpd_dir(status)
self.check_tftpd_conf(status)
elif mode == "tftpd_py":
self.check_ctftpd_bin(status)
self.check_ctftpd_dir(status)
self.check_ctftpd_conf(status)
self.check_service(status, "cobblerd")
self.check_bootloaders(status)
self.check_for_wget_curl(status)
self.check_rsync_conf(status)
self.check_httpd(status)
self.check_iptables(status)
self.check_yum(status)
self.check_debmirror(status)
self.check_for_ksvalidator(status)
self.check_for_default_password(status)
self.check_for_unreferenced_repos(status)
self.check_for_unsynced_repos(status)
self.check_for_cman(status)
self.check_dynamic_settings(status)
return status
def __init__(self, log_settings={}, is_cobblerd=False):
"""
Constructor
"""
self.__dict__ = BootAPI.__shared_state
self.log_settings = log_settings
self.perms_ok = False
if not BootAPI.__has_loaded:
# NOTE: we do not log all API actions, because
# a simple CLI invocation may call adds and such
# to load the config, which would just fill up
# the logs, so we'll do that logging at CLI
# level (and remote.py web service level) instead.
random.seed()
self.is_cobblerd = is_cobblerd
try:
self.logger = self.__setup_logger("api")
except CX:
# return to CLI/other but perms are not valid
# perms_ok is False
return
# FIMXE: conslidate into 1 server instance
self.selinux_enabled = utils.is_selinux_enabled()
self.dist = utils.check_dist()
self.os_version = utils.os_release()
self.acl_engine = acls.AclEngine()
BootAPI.__has_loaded = True
module_loader.load_modules()
self._config = config.Config(self)
self.deserialize()
self.authn = self.get_module_from_file(
"authentication",
"module",
"authn_configfile"
)
self.authz = self.get_module_from_file(
"authorization",
"module",
"authz_allowall"
)
self.kickgen = kickgen.KickGen(self._config)
self.yumgen = yumgen.YumGen(self._config)
self.pxegen = pxegen.PXEGen(self._config)
self.logger.debug("API handle initialized")
self.perms_ok = True
def run(self):
"""
Returns None if there are no errors, otherwise returns a list
of things to correct prior to running application 'for real'.
(The CLI usage is "cobbler check" before "cobbler sync")
"""
status = []
self.checked_dist = utils.check_dist()
self.check_name(status)
self.check_selinux(status)
if self.settings.manage_dhcp:
mode = self.config.api.get_sync().dhcp.what()
if mode == "isc":
self.check_dhcpd_bin(status)
self.check_dhcpd_conf(status)
self.check_service(status,"dhcpd")
elif mode == "dnsmasq":
self.check_dnsmasq_bin(status)
self.check_service(status,"dnsmasq")
if self.settings.manage_dns:
mode = self.config.api.get_sync().dns.what()
if mode == "bind":
self.check_bind_bin(status)
self.check_service(status,"named")
elif mode == "dnsmasq" and not self.settings.manage_dhcp:
self.check_dnsmasq_bin(status)
self.check_service(status,"dnsmasq")
mode = self.config.api.get_sync().tftpd.what()
if mode == "in_tftpd":
self.check_tftpd_bin(status)
self.check_tftpd_dir(status)
self.check_tftpd_conf(status)
elif mode == "tftpd_py":
self.check_ctftpd_bin(status)
self.check_ctftpd_dir(status)
self.check_ctftpd_conf(status)
self.check_service(status, "cobblerd")
self.check_bootloaders(status)
self.check_for_wget_curl(status)
self.check_rsync_conf(status)
self.check_httpd(status)
self.check_iptables(status)
self.check_yum(status)
self.check_debmirror(status)
self.check_for_ksvalidator(status)
self.check_for_default_password(status)
self.check_for_unreferenced_repos(status)
self.check_for_unsynced_repos(status)
self.check_for_cman(status)
self.check_dynamic_settings(status)
return status
def regen_ss_file():
# this is only used for Kerberos auth at the moment.
# it identifies XMLRPC requests from Apache that have already
# been cleared by Kerberos.
ssfile = "/var/lib/cobbler/web.ss"
fd = open("/dev/urandom")
data = fd.read(512)
fd.close()
fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0600)
os.write(fd, binascii.hexlify(data))
os.close(fd)
http_user = "******"
if utils.check_dist() in ["debian", "ubuntu"]:
http_user = "******"
elif utils.check_dist() in ["suse", "opensuse"]:
http_user = "******"
os.lchown("/var/lib/cobbler/web.ss", pwd.getpwnam(http_user)[2], -1)
return 1
def regen_ss_file():
# this is only used for Kerberos auth at the moment.
# it identifies XMLRPC requests from Apache that have already
# been cleared by Kerberos.
ssfile = "/var/lib/cobbler/web.ss"
fd = open("/dev/urandom")
data = fd.read(512)
fd.close()
fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0600)
os.write(fd, binascii.hexlify(data))
os.close(fd)
http_user = "******"
if utils.check_dist() in ["debian", "ubuntu"]:
http_user = "******"
elif utils.check_dist() in ["suse", "opensuse"]:
http_user = "******"
os.lchown("/var/lib/cobbler/web.ss", pwd.getpwnam(http_user)[2], -1)
return 1
def createrepo_walker(self, repo, dirname, fnames):
"""
Used to run createrepo on a copied Yum mirror.
"""
if os.path.exists(dirname) or repo["breed"] == "rsync":
utils.remove_yum_olddata(dirname)
# add any repo metadata we can use
mdoptions = []
if os.path.isfile("%s/repodata/repomd.xml" % (dirname)):
if not HAS_YUM:
utils.die(self.logger, "yum is required to use this feature")
rmd = yum.repoMDObject.RepoMD("", "%s/repodata/repomd.xml" % (dirname))
if rmd.repoData.has_key("group"):
groupmdfile = rmd.getData("group").location[1]
mdoptions.append("-g %s" % groupmdfile)
if rmd.repoData.has_key("prestodelta"):
# need createrepo >= 0.9.7 to add deltas
if utils.check_dist() == "redhat" or utils.check_dist() == "suse":
cmd = "/usr/bin/rpmquery --queryformat=%{VERSION} createrepo"
createrepo_ver = utils.subprocess_get(self.logger, cmd)
if createrepo_ver >= "0.9.7":
mdoptions.append("--deltas")
else:
utils.die(
self.logger,
"this repo has presto metadata; you must upgrade createrepo to >= 0.9.7 first and then need to resync the repo through cobbler.",
)
blended = utils.blender(self.api, False, repo)
flags = blended.get("createrepo_flags", "(ERROR: FLAGS)")
try:
# BOOKMARK
cmd = "createrepo %s %s %s" % (" ".join(mdoptions), flags, dirname)
utils.subprocess_call(self.logger, cmd)
except:
utils.log_exc(self.logger)
self.logger.error("createrepo failed.")
del fnames[:] # we're in the right place
def run(self):
"""
Returns None if there are no errors, otherwise returns a list
of things to correct prior to running application 'for real'.
(The CLI usage is "cobbler check" before "cobbler sync")
"""
status = []
self.checked_dist = utils.check_dist()
self.check_name(status)
self.check_selinux(status)
if self.settings.manage_dhcp:
mode = self.config.api.get_sync().dhcp.what()
if mode == "isc":
self.check_dhcpd_bin(status)
self.check_dhcpd_conf(status)
self.check_service(status,"dhcpd")
elif mode == "dnsmasq":
self.check_dnsmasq_bin(status)
self.check_service(status,"dnsmasq")
if self.settings.manage_dns:
mode = self.config.api.get_sync().dns.what()
if mode == "bind":
self.check_bind_bin(status)
self.check_service(status,"named")
elif mode == "dnsmasq" and not self.settings.manage_dhcp:
self.check_dnsmasq_bin(status)
self.check_service(status,"dnsmasq")
self.check_service(status, "cobblerd")
# self.check_bootloaders(status)
self.check_tftpd_bin(status)
self.check_tftpd_dir(status)
self.check_tftpd_conf(status)
self.check_httpd(status)
self.check_iptables(status)
self.check_yum(status)
self.check_for_default_password(status)
self.check_for_unreferenced_repos(status)
self.check_for_unsynced_repos(status)
# comment out until s390 virtual PXE is fully supported
# self.check_vsftpd_bin(status)
self.check_for_cman(status)
return status
def __init__(self, config, logger=None):
"""
Constructor
"""
#self.config = config
#self.api = config.api
#self.settings = config.settings()
if logger is None:
logger = clogger.Logger()
self.logger = logger
self.distro = utils.check_dist()
if self.distro == "ubuntu" or self.distro == "debian":
self.hardlink = "/usr/bin/hardlink"
self.hardlink_args = "-f -p -o -t -v /var/www/cobbler/ks_mirror /var/www/cobbler/repo_mirror"
else:
self.hardlink = "/usr/sbin/hardlink"
self.hardlink_args = "-c -v /var/www/cobbler/ks_mirror /var/www/cobbler/repo_mirror"
self.hardlink_cmd = "%s %s" % (self.hardlink, self.hardlink_args)
def __init__(self,config,logger=None):
"""
Constructor
"""
#self.config = config
#self.api = config.api
#self.settings = config.settings()
if logger is None:
logger = clogger.Logger()
self.logger = logger
self.distro = utils.check_dist()
if self.distro == "ubuntu" or self.distro == "debian":
self.hardlink = "/usr/bin/hardlink"
self.hardlink_args = "-f -p -o -t -v /var/www/cobbler/ks_mirror /var/www/cobbler/repo_mirror"
else:
self.hardlink = "/usr/sbin/hardlink"
self.hardlink_args = "-c -v /var/www/cobbler/ks_mirror /var/www/cobbler/repo_mirror"
self.hardlink_cmd = "%s %s" % (self.hardlink, self.hardlink_args)
def regen_ss_file():
# this is only used for Kerberos auth at the moment.
# it identifies XMLRPC requests from Apache that have already
# been cleared by Kerberos.
fd = open("/dev/urandom")
data = fd.read(512)
fd.close()
fd = open("/var/lib/cobbler/web.ss","w+")
fd.write(binascii.hexlify(data))
fd.close()
utils.os_system("chmod 700 /var/lib/cobbler/web.ss")
http_user = "******"
if utils.check_dist() in [ "debian", "ubuntu" ]:
http_user = "******"
cmd = "chown %s /var/lib/cobbler/web.ss" % http_user
utils.os_system( cmd )
return 1
def regen_ss_file():
# this is only used for Kerberos auth at the moment.
# it identifies XMLRPC requests from Apache that have already
# been cleared by Kerberos.
ssfile = "/var/lib/cobbler/web.ss"
fd = open("/dev/urandom")
data = fd.read(512)
fd.close()
if not os.path.isfile(ssfile):
fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0600)
os.write(fd, binascii.hexlify(data))
os.close(fd)
http_user = "******"
if utils.check_dist() in ["debian", "ubuntu"]:
http_user = "******"
utils.os_system("chown %s /var/lib/cobbler/web.ss" % http_user)
else:
fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0600)
os.write(fd, binascii.hexlify(data))
os.close(fd)
return 1
def regen_ss_file():
# this is only used for Kerberos auth at the moment.
# it identifies XMLRPC requests from Apache that have already
# been cleared by Kerberos.
ssfile = "/var/lib/cobbler/web.ss"
fd = open("/dev/urandom")
data = fd.read(512)
fd.close()
if not os.path.isfile(ssfile):
fd = os.open(ssfile,os.O_CREAT|os.O_RDWR,0600)
os.write(fd,binascii.hexlify(data))
os.close(fd)
http_user = "******"
if utils.check_dist() in [ "debian", "ubuntu" ]:
http_user = "******"
utils.os_system("chown %s /var/lib/cobbler/web.ss"%http_user )
else:
fd = os.open(ssfile,os.O_CREAT|os.O_RDWR,0600)
os.write(fd,binascii.hexlify(data))
os.close(fd)
return 1
def __init__(self, config):
"""Constructor. Requires json config object."""
self.config = json.JSONDecoder().decode(config)
self.stats = {}
self.dist = utils.check_dist()
def __init__(self, config):
"""Constructor. Requires json config object."""
self.config = json.JSONDecoder().decode(config)
self.stats = {}
self.dist = utils.check_dist()
