def update(conduit, cache_only):
""" update entitlement certificates """
if os.getuid() != 0:
conduit.info(
3, 'Not root, Subscription Management repositories not updated')
return
conduit.info(3, 'Updating Subscription Management repositories.')
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.identity import ConsumerIdentity
cert_file = ConsumerIdentity.certpath()
key_file = ConsumerIdentity.keypath()
identity = inj.require(inj.IDENTITY)
if not identity.is_valid():
conduit.info(3, "Unable to read consumer identity")
return
try:
connection.UEPConnection(cert_file=cert_file, key_file=key_file)
#FIXME: catchall exception
except Exception:
# log
conduit.info(2, "Unable to connect to Subscription Management Service")
return
rl = RepoActionInvoker(cache_only=cache_only)
rl.update()
def _update(self, cache_only):
""" update entitlement certificates """
logger.info(_('Updating Subscription Management repositories.'))
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.identity import ConsumerIdentity
cert_file = str(ConsumerIdentity.certpath())
key_file = str(ConsumerIdentity.keypath())
identity = inj.require(inj.IDENTITY)
# In containers we have no identity, but we may have entitlements inherited
# from the host, which need to generate a redhat.repo.
if identity.is_valid():
try:
connection.UEPConnection(cert_file=cert_file, key_file=key_file)
# FIXME: catchall exception
except Exception:
# log
logger.info(_("Unable to connect to Subscription Management Service"))
return
else:
logger.info(_("Unable to read consumer identity"))
if config.in_container():
logger.info(_("Subscription Manager is operating in container mode."))
if not cache_only:
cert_action_invoker = EntCertActionInvoker()
cert_action_invoker.update()
repo_action_invoker = RepoActionInvoker(cache_only=cache_only)
repo_action_invoker.update()
def update(conduit, cache_only):
""" update entitlement certificates """
if os.getuid() != 0:
conduit.info(3, 'Not root, Subscription Management repositories not updated')
return
conduit.info(3, 'Updating Subscription Management repositories.')
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.identity import ConsumerIdentity
cert_file = ConsumerIdentity.certpath()
key_file = ConsumerIdentity.keypath()
identity = inj.require(inj.IDENTITY)
if not identity.is_valid():
conduit.info(3, "Unable to read consumer identity")
return
try:
uep = connection.UEPConnection(cert_file=cert_file, key_file=key_file)
#FIXME: catchall exception
except Exception:
# log
conduit.info(2, "Unable to connect to Subscription Management Service")
return
rl = RepoActionInvoker(uep=uep, cache_only=cache_only)
rl.update()
def _update(cache_only):
"""
Update entitlement certificates and redhat.repo
:param cache_only: is True, when rhsm.full_refresh_on_yum is set to 0 in rhsm.conf
"""
logger.info(_('Updating Subscription Management repositories.'))
identity = inj.require(inj.IDENTITY)
if not identity.is_valid():
logger.info(_("Unable to read consumer identity"))
if config.in_container():
logger.info(
_("Subscription Manager is operating in container mode."))
if cache_only is True:
log.debug('DNF subscription-manager operates in cache-only mode')
if not cache_only and not config.in_container():
log.debug(
'Trying to update entitlement certificates and redhat.repo')
cert_action_invoker = EntCertActionInvoker()
cert_action_invoker.update()
else:
log.debug('Skipping updating of entitlement certificates')
log.debug('Generating redhat.repo')
repo_action_invoker = RepoActionInvoker(cache_only=cache_only)
repo_action_invoker.update()
def update(conduit, cache_only):
""" update entitlement certificates """
if os.getuid() != 0:
conduit.info(3, 'Not root, Subscription Management repositories not updated')
return
conduit.info(3, 'Updating Subscription Management repositories.')
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.identity import ConsumerIdentity
cert_file = ConsumerIdentity.certpath()
key_file = ConsumerIdentity.keypath()
identity = inj.require(inj.IDENTITY)
# In containers we have no identity, but we may have entitlements inherited
# from the host, which need to generate a redhat.repo.
if identity.is_valid():
try:
connection.UEPConnection(cert_file=cert_file, key_file=key_file)
#FIXME: catchall exception
except Exception:
# log
conduit.info(2, "Unable to connect to Subscription Management Service")
return
else:
conduit.info(3, "Unable to read consumer identity")
if config.in_container():
conduit.info(3, "Subscription Manager is operating in container mode.")
rl = RepoActionInvoker(cache_only=cache_only, locker=YumRepoLocker(conduit=conduit))
rl.update()
def _update(self, cache_only):
""" update entitlement certificates """
logger.info(_('Updating Subscription Management repositories.'))
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.identity import ConsumerIdentity
cert_file = str(ConsumerIdentity.certpath())
key_file = str(ConsumerIdentity.keypath())
identity = inj.require(inj.IDENTITY)
# In containers we have no identity, but we may have entitlements inherited
# from the host, which need to generate a redhat.repo.
if identity.is_valid():
try:
connection.UEPConnection(cert_file=cert_file,
key_file=key_file)
# FIXME: catchall exception
except Exception:
# log
logger.info(
_("Unable to connect to Subscription Management Service"))
return
else:
logger.info(_("Unable to read consumer identity"))
if config.in_container():
logger.info(
_("Subscription Manager is operating in container mode."))
rl = RepoActionInvoker(cache_only=cache_only)
rl.update()
def update(conduit, cache_only):
"""
Update entitlement certificates
"""
if os.getuid() != 0:
conduit.info(
3, 'Not root, Subscription Management repositories not updated')
return
conduit.info(3, 'Updating Subscription Management repositories.')
identity = inj.require(inj.IDENTITY)
if not identity.is_valid():
conduit.info(3, "Unable to read consumer identity")
# In containers we have no identity, but we may have entitlements inherited
# from the host, which need to generate a redhat.repo.
if config.in_container():
conduit.info(3, "Subscription Manager is operating in container mode.")
if not cache_only and not config.in_container():
cert_action_invoker = EntCertActionInvoker(locker=YumRepoLocker(
conduit=conduit))
cert_action_invoker.update()
if cache_only or config.in_container():
repo_action_invoker = RepoActionInvoker(
cache_only=cache_only, locker=YumRepoLocker(conduit=conduit))
repo_action_invoker.update()
def _do_command(self):
cdn_url = conf['rhsm']['baseurl']
# note: parse_baseurl_info will populate with defaults if not found
(cdn_hostname, cdn_port, _cdn_prefix) = parse_baseurl_info(cdn_url)
# Base CliCommand has already setup proxy info etc
self.cp_provider.set_content_connection_info(cdn_hostname=cdn_hostname,
cdn_port=cdn_port)
self.release_backend = ReleaseBackend()
self.assert_should_be_registered()
repo_action_invoker = RepoActionInvoker()
if self.options.unset:
self.cp.updateConsumer(self.identity.uuid,
release="")
repo_action_invoker.update()
print(_("Release preference has been unset"))
elif self.options.release is not None:
# get first list of available releases from the server
try:
releases = self.release_backend.get_releases()
except MultipleReleaseProductsError as err:
log.error("Getting releases failed: {err}".format(err=err))
system_exit(os.EX_CONFIG, err.translated_message())
if self.options.release in releases:
self.cp.updateConsumer(
self.identity.uuid,
release=self.options.release
)
else:
system_exit(os.EX_DATAERR, _(
"No releases match '{release}'. "
"Consult 'release --list' for a full listing.").format(
release=self.options.release))
repo_action_invoker.update()
print(_("Release set to: {release}").format(release=self.options.release))
elif self.options.list:
try:
releases = self.release_backend.get_releases()
except MultipleReleaseProductsError as err:
log.error("Getting releases failed: {err}".format(err=err))
system_exit(os.EX_CONFIG, err.translated_message())
if len(releases) == 0:
system_exit(os.EX_CONFIG, _(
"No release versions available, please check subscriptions."))
print("+-------------------------------------------+")
print(" {label} ".format(label=_('Available Releases')))
print("+-------------------------------------------+")
for release in releases:
print(release)
else:
self.show_current_release()
def repo_hook(self):
"""Update yum repos."""
try:
# NOTE: this may need a lock
rl = RepoActionInvoker()
rl.update()
except Exception, e:
log.debug(e)
log.debug("Failed to update repos")
def repo_hook(self):
"""Update yum repos."""
try:
# NOTE: this may need a lock
rl = RepoActionInvoker()
rl.update()
except Exception, e:
log.debug(e)
log.debug("Failed to update repos")
class Overrides(object):
def __init__(self):
self.cp_provider = inj.require(inj.CP_PROVIDER)
self.cache = inj.require(inj.OVERRIDE_STATUS_CACHE)
self.repo_lib = RepoActionInvoker(cache_only=True)
def get_overrides(self, consumer_uuid):
return self._build_from_json(
self.cache.load_status(self._getuep(), consumer_uuid))
def add_overrides(self, consumer_uuid, overrides):
return self._build_from_json(self._getuep().setContentOverrides(
consumer_uuid, self._add(overrides)))
def remove_overrides(self, consumer_uuid, overrides):
return self._delete_overrides(consumer_uuid, self._remove(overrides))
def remove_all_overrides(self, consumer_uuid, repos):
return self._delete_overrides(consumer_uuid, self._remove_all(repos))
def update(self, overrides):
self.cache.server_status = [
override.to_json() for override in overrides
]
self.cache.write_cache()
self.repo_lib.update()
def _delete_overrides(self, consumer_uuid, override_data):
return self._build_from_json(self._getuep().deleteContentOverrides(
consumer_uuid, override_data))
def _add(self, overrides):
return [override.to_json() for override in overrides]
def _remove(self, overrides):
return [{
'contentLabel': override.repo_id,
'name': override.name
} for override in overrides]
def _remove_all(self, repos):
if repos:
return [{'contentLabel': repo} for repo in repos]
else:
return None
def _build_from_json(self, override_json):
return [
Override.from_json(override_dict)
for override_dict in override_json
]
def _getuep(self):
return self.cp_provider.get_consumer_auth_cp()
def _set_enable_for_yum_repositories(setting, *repo_ids):
invoker = RepoActionInvoker()
repos = invoker.get_repos()
repos_to_change = []
for r in repo_ids:
matches = set([repo for repo in repos if fnmatch.fnmatch(repo.id, r)])
repos_to_change.extend(matches)
if len(repos_to_change) == 0:
return 0
# The cache should be primed at this point by the invoker.get_repos()
cache = inj.require(inj.OVERRIDE_STATUS_CACHE)
identity = inj.require(inj.IDENTITY)
cp_provider = inj.require(inj.CP_PROVIDER)
if identity.is_valid() and cp_provider.get_consumer_auth_cp(
).supports_resource('content_overrides'):
overrides = [{
'contentLabel': repo.id,
'name': 'enabled',
'value': setting
} for repo in repos_to_change]
cp = cp_provider.get_consumer_auth_cp()
results = cp.setContentOverrides(identity.uuid, overrides)
cache = inj.require(inj.OVERRIDE_STATUS_CACHE)
# Update the cache with the returned JSON
cache.server_status = results
cache.write_cache()
invoker.update()
else:
for repo in repos_to_change:
repo['enabled'] = setting
repo_file = RepoFile()
repo_file.read()
for repo in repos_to_change:
repo_file.update(repo)
repo_file.write()
return len(repos_to_change)
class Overrides(object):
def __init__(self):
self.cp_provider = inj.require(inj.CP_PROVIDER)
self.cache = inj.require(inj.OVERRIDE_STATUS_CACHE)
self.repo_lib = RepoActionInvoker(cache_only=True)
def get_overrides(self, consumer_uuid):
return self._build_from_json(self.cache.load_status(self._getuep(), consumer_uuid))
def add_overrides(self, consumer_uuid, overrides):
return self._build_from_json(self._getuep().setContentOverrides(consumer_uuid,
self._add(overrides)))
def remove_overrides(self, consumer_uuid, overrides):
return self._delete_overrides(consumer_uuid, self._remove(overrides))
def remove_all_overrides(self, consumer_uuid, repos):
return self._delete_overrides(consumer_uuid, self._remove_all(repos))
def update(self, overrides):
self.cache.server_status = [override.to_json() for override in overrides]
self.cache.write_cache()
self.repo_lib.update()
def _delete_overrides(self, consumer_uuid, override_data):
return self._build_from_json(self._getuep().deleteContentOverrides(consumer_uuid, override_data))
def _add(self, overrides):
return [override.to_json() for override in overrides]
def _remove(self, overrides):
return [{'contentLabel': override.repo_id, 'name': override.name} for override in overrides]
def _remove_all(self, repos):
if repos:
return [{'contentLabel': repo} for repo in repos]
else:
return None
def _build_from_json(self, override_json):
return [Override.from_json(override_dict) for override_dict in override_json]
def _getuep(self):
return self.cp_provider.get_consumer_auth_cp()
def _set_enable_for_yum_repositories(setting, *repo_ids):
invoker = RepoActionInvoker()
repos = invoker.get_repos()
repos_to_change = []
for r in repo_ids:
matches = set([repo for repo in repos if fnmatch.fnmatch(repo.id, r)])
repos_to_change.extend(matches)
if len(repos_to_change) == 0:
return 0
# The cache should be primed at this point by the invoker.get_repos()
cache = inj.require(inj.OVERRIDE_STATUS_CACHE)
identity = inj.require(inj.IDENTITY)
cp_provider = inj.require(inj.CP_PROVIDER)
if identity.is_valid() and cp_provider.get_consumer_auth_cp().supports_resource('content_overrides'):
overrides = [{'contentLabel': repo.id, 'name': 'enabled', 'value': setting} for repo in repos_to_change]
cp = cp_provider.get_consumer_auth_cp()
results = cp.setContentOverrides(identity.uuid, overrides)
cache = inj.require(inj.OVERRIDE_STATUS_CACHE)
# Update the cache with the returned JSON
cache.server_status = results
cache.write_cache()
invoker.update()
else:
for repo in repos_to_change:
repo['enabled'] = setting
repo_file = YumRepoFile()
repo_file.read()
for repo in repos_to_change:
repo_file.update(repo)
repo_file.write()
return len(repos_to_change)
def _set_repo_status(self, repos, repo_action_invoker, repo_actions):
"""
Given a list of repo actions (tuple of enable/disable and repo ID),
build a list without duplicates to send to the server.
"""
rc = 0
# Maintain a dict of repo to enabled/disabled status. This allows us
# to remove dupes and send only the last action specified by the user
# on the command line. Items will be overwritten as we process the CLI
# arguments in order.
repos_to_modify = {}
if not len(repos):
print(_("This system has no repositories available through subscriptions."))
return 1
for (status, repoid) in repo_actions:
matches = set([repo for repo in repos if fnmatch.fnmatch(repo.id, repoid)])
if not matches:
rc = 1
print(
_(
"Error: '{repoid}' does not match a valid repository ID. "
'Use "subscription-manager repos --list" to see valid repositories.'
).format(repoid=repoid)
)
log.warning("'{repoid}' does not match a valid repository ID.".format(repoid=repoid))
# Overwrite repo if it's already in the dict, we want the last
# match to be the one sent to server.
for repo in matches:
repos_to_modify[repo] = status
if repos_to_modify:
# The cache should be primed at this point by the
# repo_action_invoker.get_repos()
cache = inj.require(inj.OVERRIDE_STATUS_CACHE)
if self.is_registered() and self.use_overrides:
overrides = [
{"contentLabel": repo.id, "name": "enabled", "value": repos_to_modify[repo]}
for repo in repos_to_modify
]
metadata_overrides = [
{"contentLabel": repo.id, "name": "enabled_metadata", "value": repos_to_modify[repo]}
for repo in repos_to_modify
]
overrides.extend(metadata_overrides)
results = self.cp.setContentOverrides(self.identity.uuid, overrides)
cache = inj.require(inj.OVERRIDE_STATUS_CACHE)
# Update the cache with the returned JSON
cache.server_status = results
cache.write_cache()
repo_action_invoker.update()
else:
# When subscription-manager is in offline mode, then we have to generate redhat.repo from
# entitlement certificates
rl = RepoActionInvoker()
rl.update()
# In the disconnected case we must modify the repo file directly.
changed_repos = [repo for repo in matches if repo["enabled"] != status]
for repo in changed_repos:
repo["enabled"] = status
repo["enabled_metadata"] = status
if changed_repos:
repo_file = YumRepoFile()
repo_file.read()
for repo in changed_repos:
repo_file.update(repo)
repo_file.write()
for repo in repos_to_modify:
# Watchout for string comparison here:
if repos_to_modify[repo] == "1":
print(_("Repository '{repoid}' is enabled for this system.").format(repoid=repo.id))
else:
print(_("Repository '{repoid}' is disabled for this system.").format(repoid=repo.id))
return rc
