def __init__(self, config): """ :param config: The XML configuration for this client :type config: lxml.etree._Element :raises: :exc:`Bcfg2.Client.Tools.ToolInstantiationError` """ #: A :class:`logging.Logger` object that will be used by this #: tool for logging self.logger = logging.getLogger(self.name) #: The XML configuration for this client self.config = config #: An :class:`Bcfg2.Utils.Executor` object for #: running external commands. self.cmd = Executor(timeout=Bcfg2.Options.setup.command_timeout) #: A list of entries that have been modified by this tool self.modified = [] #: A list of extra entries that are not listed in the #: configuration self.extra = [] #: A list of all entries handled by this tool self.handled = [] self._analyze_config() self._check_execs()
def __init__(self, core): Bcfg2.Server.Plugin.Plugin.__init__(self, core) Bcfg2.Server.Plugin.Connector.__init__(self) Bcfg2.Server.Plugin.ClientRunHooks.__init__(self) Bcfg2.Server.Plugin.DirectoryBacked.__init__(self, self.data) self.cache = dict() self.cmd = Executor()
def __init__(self, _, path, entry_type, encoding, parent=None): Bcfg2.Server.Plugin.EntrySet.__init__(self, os.path.basename(path), path, entry_type, encoding) self.parent = parent self.key = None self.cert = None self.cmd = Executor(timeout=120)
def create_key(self): """Creates a bcfg2.key at the directory specifed by keypath.""" cmd = Executor(timeout=120) subject = "/C=%s/ST=%s/L=%s/CN=%s'" % ( self.data['country'], self.data['state'], self.data['location'], self.data['shostname']) key = cmd.run(["openssl", "req", "-batch", "-x509", "-nodes", "-subj", subject, "-days", "1000", "-newkey", "rsa:2048", "-keyout", self.data['keypath'], "-noout"]) if not key.success: print("Error generating key: %s" % key.error) return os.chmod(self.data['keypath'], stat.S_IRUSR | stat.S_IWUSR) # 0600 csr = cmd.run(["openssl", "req", "-batch", "-new", "-subj", subject, "-key", self.data['keypath']]) if not csr.success: print("Error generating certificate signing request: %s" % csr.error) return cert = cmd.run(["openssl", "x509", "-req", "-days", "1000", "-signkey", self.data['keypath'], "-out", self.data['certpath']], inputdata=csr.stdout) if not cert.success: print("Error signing certificate: %s" % cert.error) return
def __init__(self): self.config = None self._proxy = None self.logger = logging.getLogger('bcfg2') self.cmd = Executor(Bcfg2.Options.setup.probe_timeout) self.tools = [] self.times = dict() self.times['initialization'] = time.time() if Bcfg2.Options.setup.bundle_quick: if (not Bcfg2.Options.setup.only_bundles and not Bcfg2.Options.setup.except_bundles): self.logger.error("-Q option requires -b or -B") raise SystemExit(1) if Bcfg2.Options.setup.remove == 'services': self.logger.error("Service removal is nonsensical; " "removed services will only be disabled") if not Bcfg2.Options.setup.server.startswith('https://'): Bcfg2.Options.setup.server = \ 'https://' + Bcfg2.Options.setup.server #: A dict of the state of each entry. Keys are the entries. #: Values are boolean: True means that the entry is good, #: False means that the entry is bad. self.states = {} self.whitelist = [] self.blacklist = [] self.removal = [] self.unhandled = [] self.logger = logging.getLogger(__name__)
def __init__(self, core, datastore): Bcfg2.Server.Plugin.Plugin.__init__(self, core, datastore) Bcfg2.Server.Plugin.Generator.__init__(self) Bcfg2.Server.Plugin.PullTarget.__init__(self) self.ipcache = {} self.namecache = {} self.__skn = False # keep track of which bogus keys we've warned about, and only # do so once self.badnames = dict() self.fam = Bcfg2.Server.FileMonitor.get_fam() self.fam.AddMonitor(self.data, self) self.static = dict() self.entries = dict() self.Entries['Path'] = dict() self.entries['/etc/ssh/ssh_known_hosts'] = \ KnownHostsEntrySet(self.data) self.Entries['Path']['/etc/ssh/ssh_known_hosts'] = self.build_skn for keypattern in self.keypatterns: self.entries["/etc/ssh/" + keypattern] = \ HostKeyEntrySet(keypattern, self.data) self.Entries['Path']["/etc/ssh/" + keypattern] = self.build_hk self.cmd = Executor()
def __init__(self, core): Bcfg2.Server.Plugin.Version.__init__(self, core) self.revision = None self.svn_root = None self.client = None self.cmd = None if not HAS_SVN: self.logger.debug("Svn: PySvn not found, using CLI interface to " "SVN") self.cmd = Executor() else: self.client = pysvn.Client() self.debug_log("Svn: Conflicts will be resolved with %s" % Bcfg2.Options.setup.svn_conflict_resolution) self.client.callback_conflict_resolver = self.conflict_resolver if Bcfg2.Options.setup.svn_trust_ssl: self.client.callback_ssl_server_trust_prompt = \ self.ssl_server_trust_prompt if (Bcfg2.Options.setup.svn_user and Bcfg2.Options.setup.svn_password): self.client.callback_get_login = self.get_login self.logger.debug("Svn: Initialized svn plugin with SVN directory %s" % self.vcs_path)
def __init__(self, core, datastore): Bcfg2.Server.Plugin.Version.__init__(self, core, datastore) self.revision = None self.svn_root = None self.client = None self.cmd = None if not HAS_SVN: self.logger.debug("Svn: PySvn not found, using CLI interface to " "SVN") self.cmd = Executor() else: self.client = pysvn.Client() # pylint: disable=E1101 choice = pysvn.wc_conflict_choice.postpone try: resolution = self.core.setup.cfp.get( "svn", "conflict_resolution").replace('-', '_') if resolution in ["edit", "launch", "working"]: self.logger.warning("Svn: Conflict resolver %s requires " "manual intervention, using %s" % choice) else: choice = getattr(pysvn.wc_conflict_choice, resolution) except AttributeError: self.logger.warning("Svn: Conflict resolver %s does not " "exist, using %s" % choice) except (ConfigParser.NoSectionError, ConfigParser.NoOptionError): self.logger.info("Svn: No conflict resolution method " "selected, using %s" % choice) # pylint: enable=E1101 self.debug_log("Svn: Conflicts will be resolved with %s" % choice) self.client.callback_conflict_resolver = \ self.get_conflict_resolver(choice) try: if self.core.setup.cfp.get( "svn", "always_trust").lower() == "true": self.client.callback_ssl_server_trust_prompt = \ self.ssl_server_trust_prompt except (ConfigParser.NoSectionError, ConfigParser.NoOptionError): self.logger.debug("Svn: Using subversion cache for SSL " "certificate trust") try: if (self.core.setup.cfp.get("svn", "user") and self.core.setup.cfp.get("svn", "password")): self.client.callback_get_login = \ self.get_login except (ConfigParser.NoSectionError, ConfigParser.NoOptionError): self.logger.info("Svn: Using subversion cache for " "password-based authetication") self.logger.debug("Svn: Initialized svn plugin with SVN directory %s" % self.vcs_path)
def __init__(self, fname): CfgCreator.__init__(self, fname) StructFile.__init__(self, fname) pubkey_path = os.path.dirname(self.name) + ".pub" pubkey_name = os.path.join(pubkey_path, os.path.basename(pubkey_path)) self.pubkey_creator = CfgPublicKeyCreator(pubkey_name) self.setup = get_option_parser() self.cmd = Executor()
def __init__(self, core): Version.__init__(self, core) if HAS_GITPYTHON: self.repo = git.Repo(Bcfg2.Options.setup.vcs_root) self.cmd = None else: self.logger.debug("Git: GitPython not found, using CLI interface " "to Git") self.repo = None self.cmd = Executor() self.logger.debug("Initialized git plugin with git directory %s" % self.vcs_path)
def __init__(self): self.toolset = None self.tools = None self.config = None self._proxy = None self.setup = Bcfg2.Options.get_option_parser() if self.setup['debug']: level = logging.DEBUG elif self.setup['verbose']: level = logging.INFO else: level = logging.WARNING Bcfg2.Logger.setup_logging('bcfg2', to_syslog=self.setup['syslog'], level=level, to_file=self.setup['logging']) self.logger = logging.getLogger('bcfg2') self.logger.debug(self.setup) self.cmd = Executor(self.setup['command_timeout']) if self.setup['bundle_quick']: if not self.setup['bundle'] and not self.setup['skipbundle']: self.logger.error("-Q option requires -b or -B") raise SystemExit(1) elif self.setup['remove']: self.logger.error("-Q option incompatible with -r") raise SystemExit(1) if 'drivers' in self.setup and self.setup['drivers'] == 'help': self.logger.info("The following drivers are available:") self.logger.info(Bcfg2.Client.Tools.__all__) raise SystemExit(0) if self.setup['remove'] and 'services' in self.setup['remove'].lower(): self.logger.error("Service removal is nonsensical; " "removed services will only be disabled") if (self.setup['remove'] and self.setup['remove'].lower() not in ['all', 'services', 'packages', 'users']): self.logger.error("Got unknown argument %s for -r" % self.setup['remove']) if self.setup["file"] and self.setup["cache"]: print("cannot use -f and -c together") raise SystemExit(1) if not self.setup['server'].startswith('https://'): self.setup['server'] = 'https://' + self.setup['server']
def run(self, setup): if setup.outfile: fmt = setup.outfile.split('.')[-1] else: fmt = 'png' exc = Executor() cmd = ["dot", "-T", fmt] if setup.outfile: cmd.extend(["-o", setup.outfile]) inputlist = ["digraph groups {", '\trankdir="LR";', self.metadata.viz(setup.includehosts, setup.includebundles, setup.includekey, setup.only_client, self.colors)] if setup.includekey: inputlist.extend( ["\tsubgraph cluster_key {", '\tstyle="filled";', '\tcolor="lightblue";', '\tBundle [ shape="septagon" ];', '\tGroup [shape="ellipse"];', '\tGroup Category [shape="trapezium"];\n', '\tProfile [style="bold", shape="ellipse"];', '\tHblock [label="Host1|Host2|Host3",shape="record"];', '\tlabel="Key";', "\t}"]) inputlist.append("}") idata = "\n".join(inputlist) try: result = exc.run(cmd, inputdata=idata) except OSError: # on some systems (RHEL 6), you cannot run dot with # shell=True. on others (Gentoo with Python 2.7), you # must. In yet others (RHEL 5), either way works. I have # no idea what the difference is, but it's kind of a PITA. result = exc.run(cmd, shell=True, inputdata=idata) if not result.success: self.errExit("Error running %s: %s" % (cmd, result.error)) if not setup.outfile: print(result.stdout)
def create_data(self, entry, metadata): self.logger.info("Cfg: Generating new SSL key for %s" % self.name) spec = self.XMLMatch(metadata) key = spec.find("Key") if not key: key = dict() ktype = key.get('type', 'rsa') bits = key.get('bits', '2048') if ktype == 'rsa': cmd = ["openssl", "genrsa", bits] elif ktype == 'dsa': cmd = ["openssl", "dsaparam", "-noout", "-genkey", bits] result = Executor().run(cmd) if not result.success: raise CfgCreationError("Failed to generate key %s for %s: %s" % (self.name, metadata.hostname, result.error)) self.write_data(result.stdout, **self.get_specificity(metadata)) return result.stdout
def __init__(self, *args, **kwargs): Bcfg2.Server.Lint.ServerlessPlugin.__init__(self, *args, **kwargs) #: A dict of <file glob>: <schema file> that maps files in the #: Bcfg2 specification to their schemas. The globs are #: extended :mod:`fnmatch` globs that also support ``**``, #: which matches any number of any characters, including #: forward slashes. The schema files are relative to the #: schema directory, which can be controlled by the #: ``bcfg2-lint --schema`` option. self.filesets = \ {"Metadata/groups.xml": "metadata.xsd", "Metadata/clients.xml": "clients.xsd", "Cfg/**/info.xml": "info.xsd", "Cfg/**/privkey.xml": "privkey.xsd", "Cfg/**/pubkey.xml": "pubkey.xsd", "Cfg/**/authorizedkeys.xml": "authorizedkeys.xsd", "Cfg/**/authorized_keys.xml": "authorizedkeys.xsd", "Cfg/**/sslcert.xml": "sslca-cert.xsd", "Cfg/**/sslkey.xml": "sslca-key.xsd", "SSHbase/**/info.xml": "info.xsd", "TGenshi/**/info.xml": "info.xsd", "TCheetah/**/info.xml": "info.xsd", "Bundler/*.xml": "bundle.xsd", "Bundler/*.genshi": "bundle.xsd", "Pkgmgr/*.xml": "pkglist.xsd", "Rules/*.xml": "rules.xsd", "Defaults/*.xml": "defaults.xsd", "etc/report-configuration.xml": "report-configuration.xsd", "Deps/*.xml": "deps.xsd", "Decisions/*.xml": "decisions.xsd", "Packages/sources.xml": "packages.xsd", "GroupPatterns/config.xml": "grouppatterns.xsd", "AWSTags/config.xml": "awstags.xsd", "NagiosGen/config.xml": "nagiosgen.xsd", "FileProbes/config.xml": "fileprobes.xsd", "GroupLogic/groups.xml": "grouplogic.xsd" } self.filelists = {} self.get_filelists() self.cmd = Executor()
def Visualize(self, hosts=False, bundles=False, key=False, only_client=None, output=None): """Build visualization of groups file.""" if output: fmt = output.split('.')[-1] else: fmt = 'png' exc = Executor() cmd = ["dot", "-T", fmt] if output: cmd.extend(["-o", output]) idata = [ "digraph groups {", '\trankdir="LR";', self.metadata.viz(hosts, bundles, key, only_client, self.colors) ] if key: idata.extend([ "\tsubgraph cluster_key {", '\tstyle="filled";', '\tcolor="lightblue";', '\tBundle [ shape="septagon" ];', '\tGroup [shape="ellipse"];', '\tProfile [style="bold", shape="ellipse"];', '\tHblock [label="Host1|Host2|Host3",shape="record"];', '\tlabel="Key";', "\t}" ]) idata.append("}") try: result = exc.run(cmd, inputdata=idata) except OSError: # on some systems (RHEL 6), you cannot run dot with # shell=True. on others (Gentoo with Python 2.7), you # must. In yet others (RHEL 5), either way works. I have # no idea what the difference is, but it's kind of a PITA. result = exc.run(cmd, shell=True, inputdata=idata) if not result.success: print("Error running %s: %s" % (cmd, result.error)) raise SystemExit(result.retval)
def __init__(self, fname): XMLCfgCreator.__init__(self, fname) pubkey_path = os.path.dirname(self.name) + ".pub" pubkey_name = os.path.join(pubkey_path, os.path.basename(pubkey_path)) self.pubkey_creator = CfgPublicKeyCreator(pubkey_name) self.cmd = Executor()
def __init__(self, core, datastore): Bcfg2.Server.Plugin.Version.__init__(self, core, datastore) self.cmd = Executor() self.logger.debug( "Initialized Fossil plugin with fossil directory %s" % self.vcs_path)
def __init__(self, name, specific, encoding): CfgVerifier.__init__(self, name, specific, encoding) self.cmd = [] self.exc = Executor(timeout=30)
def __init__(self, fname): CfgCreator.__init__(self, fname) StructFile.__init__(self, fname) self.cfg = get_cfg() self.core = self.cfg.core self.cmd = Executor()
def __init__(self, core): Bcfg2.Server.Plugin.Version.__init__(self, core) self.cmd = Executor() self.logger.debug("Initialized Darcs plugin with darcs directory %s" % self.vcs_path)
def __init__(self, fname): XMLCfgCreator.__init__(self, fname) CfgVerifier.__init__(self, fname, None) self.cmd = Executor() self.cfg = get_cfg()