def enable_snmpd(password): from ovirtnode.ovirtfunctions import ovirt_store_config system.service("snmpd", "stop") # get old password # if os.path.exists("/tmp/snmpd.conf"): conf = "/tmp/snmpd.conf" else: conf = snmp_conf cmd = "cat %s|grep createUser|awk '{print $4}'" % conf oldpwd, stderr = process.pipe(cmd) oldpwd = oldpwd.stdout.read().strip() process.call("sed -c -ie '/^createUser root/d' %s" % snmp_conf) f = open(snmp_conf, "a") # create user account f.write("createUser root SHA %s AES\n" % password) f.close() system.service("snmpd", "start") # change existing password if len(oldpwd) > 0: pwd_change_cmd = (("snmpusm -v 3 -u root -n \"\" -l authNoPriv -a " + "SHA -A %s localhost passwd %s %s -x AES") % (oldpwd, oldpwd, password)) process.check_call(pwd_change_cmd) # Only reached when no excepion occurs process.call("rm -rf /tmp/snmpd.conf") ovirt_store_config(snmp_conf)
def enable_snmpd(password): system.service("snmpd", "stop") # get old password # if os.path.exists("/tmp/snmpd.conf"): conf = "/tmp/snmpd.conf" else: conf = snmp_conf cmd = "cat %s|grep createUser| grep -v '^#' | awk '{print $4}'" % conf oldpwd = process.pipe(cmd, shell=True).strip() # change existing password if len(oldpwd) > 0: system.service("snmpd", "start") pwd_change_cmd = (("snmpusm -v 3 -u root -n \"\" -l authNoPriv -a " + "SHA -A %s localhost passwd %s %s -x AES") % (oldpwd, oldpwd, password)) process.check_call(pwd_change_cmd, shell=True) # Only reached when no excepion occurs process.call(["rm", "-rf", "/tmp/snmpd.conf"]) system.service("snmpd", "stop") if not any([x for x in open('/etc/snmp/snmpd.conf').readlines() if 'rwuser root' in x]): with open('/etc/snmp/snmpd.conf', 'a') as f: f.write("rwuser root") fs.Config().persist("/etc/snmp/snmpd.conf") cfg = fs.File(snmp_conf) # create user account cfg.write("createUser root SHA %s AES\n" % password) system.service("snmpd", "start") fs.Config().persist(snmp_conf) firewall.open_port(port="161", proto="udp")
def commit(self): def scrub(f): if Config().exists(f): Config().unpersist(f) # Unlinking causes problems with satellite5. Why? # os.unlink(f) # find old SAM/Sat 6 registrations if Config().exists("/etc/rhsm/rhsm.conf"): try: process.call(["subscription-manager", "remove", "--all"]) process.call(["subscription-manager", "clean"]) Config().unpersist("/etc/rhsm/rhsm.conf") except process.CalledProcessError: raise RuntimeError("Couldn't remove old configuration!" " Check the output of " "subscription-manager remove --all") # First two are Sat5/RHN classic, last two are SAM/Sat6 configs = ["/etc/sysconfig/rhn/systemid", "/etc/sysconfig/rhn/up2date", "/var/lib/rhsm/cache/installed_products.json", "/var/lib/rhsm/facts/facts.json"] configs.extend(glob.glob("/etc/pki/consumer/*pem*")) [scrub(f) for f in configs] # Don't rely on Vars.location, since it may not be set, but we # should remove this regardless cert_path = "/etc/rhsm/ca/candlepin-local.pem" if os.path.exists(cert_path): Config().unpersist(cert_path) os.unlink(cert_path) Config().unpersist("/etc/cron.d/rhn-virtualization.cron")
def has_link(self): """Determin if L1 is up on a given interface Args: ifname: The interface to be checked Returns: True if L1 (the-link-is-up) is detected (depends on driver support) """ if not self.exists(): raise UnknownNicError("Unknown network interface: '%s'" % self.ifname) if is_nm_managed(self.ifname): try: device = _nm_client.get_device_by_iface(self.ifname) if device: return device.get_carrier() except: LOGGER.debug("Failed to retrieve carrier with NM") # Fallback process.call(["ip", "link", "set", "dev", self.ifname, "up"]) content = File("/sys/class/net/%s/carrier" % self.ifname).read() has_carrier = "1" in content return has_carrier
def commit(self): def scrub(f): if Config().exists(f): Config().unpersist(f) # Unlinking causes problems with satellite5. Why? # os.unlink(f) # find old SAM/Sat 6 registrations if Config().exists("/etc/rhsm/rhsm.conf"): try: process.call(["subscription-manager", "remove", "--all"]) process.call(["subscription-manager", "clean"]) Config().unpersist("/etc/rhsm/rhsm.conf") except process.CalledProcessError: raise RuntimeError("Couldn't remove old configuration!" " Check the output of " "subscription-manager remove --all") # First two are Sat5/RHN classic, last two are SAM/Sat6 configs = ["/etc/sysconfig/rhn/systemid", "/etc/sysconfig/rhn/up2date", "/var/lib/rhsm/cache/installed_products.json", "/var/lib/rhsm/facts/facts.json"] configs.extend(glob.glob("/etc/pki/consumer/*pem*")) [scrub(f) for f in configs] # Don't rely on Vars.location, since it may not be set, but we # should remove this regardless cert_path = "/etc/rhsm/ca/candlepin-local.pem" if os.path.exists(cert_path): Config().unpersist(cert_path) os.unlink(cert_path)
def change_password(oldpwd): system.service("snmpd", "start") pwd_change_cmd = (("snmpusm -v 3 -u root -n \"\" -l authNoPriv " + "-a SHA -A %s localhost passwd %s %s -x AES") % (oldpwd, oldpwd, password)) process.check_call(pwd_change_cmd, shell=True) # Only reached when no excepion occurs process.call(["rm", "-rf", "/tmp/snmpd.conf"])
def _flush(): """Let all pending operations finish and flush anything to any disks E.g. iscsi etc pipe() is used to capture the output of the calls """ # Don't litter the screen with output, so get a handle to /dev/null with open(os.devnull, "wb") as DEVNULL: process.call(["udevadm", "settle"], stdout=DEVNULL, stderr=DEVNULL)
def _flush(): """Let all pending operations finish and flush anything to any disks E.g. iscsi etc pipe() is used to capture the output of the calls """ # Don't litter the screen with output, so get a handle to /dev/null with open(os.devnull, 'wb') as DEVNULL: process.call(["udevadm", "settle"], stdout=DEVNULL, stderr=DEVNULL)
def commit(self): from ovirt.node.utils import AugeasWrapper aug = AugeasWrapper() if OVIRT_VARS["OVIRT_SSH_PWAUTH"] == "yes": aug.set("/files/etc/ssh/sshd_config/PasswordAuthentication", "yes") elif OVIRT_VARS["OVIRT_SSH_PWAUTH"] == "no": aug.set("/files/etc/ssh/sshd_config/PasswordAuthentication", "no") Config().persist("/etc/ssh/sshd_config") process.call("service sshd restart &> /dev/null", shell=True)
def _flush(): """Let all pending operations finish and flush anything to any disks E.g. iscsi etc pipe() is used to capture the output of the calls """ # Don't litter the screen with output, so get a handle to /dev/null with open(os.devnull, 'wb') as DEVNULL: process.call(["partprobe"] + [x for x in glob.glob("/dev/mapper/*") if not re.match(r'.*\/control$', x)], stdout=DEVNULL, stderr=DEVNULL) process.call(["udevadm", "settle"], stdout=DEVNULL, stderr=DEVNULL)
def setup_firewalld(port, proto): port_conf = "" rule_dict = {"port": port, "proto": proto} port_conf += FIREWALLD_PORT_XML % rule_dict port_dict = {"port_section": port_conf} with open(PLUGIN_XML_OUT, "w") as f: f.write(FIREWALLD_XML_TEMPLATE % port_dict) process.call(["firewall-cmd", "--reload"]) process.call( ["firewall-cmd", "--permanent", "--add-service", "node-plugin"]) process.check_call(["firewall-cmd", "--reload"])
def copy_dir_if_not_exist(orig, target): """function to copy missing directories from one location to another should only be used when syncing a directory structure from iso to disk like /var/log use case -- upgrade adds some service which logs to /var/log/<service> need to have the directory created, but it's not on iso upgrade """ for f in os.listdir(orig): if os.path.isdir("%s/%s" % (orig, f)): if not os.path.exists("%s/%s" % (target, f)): process.call("cp -av %s/%s %s &>/dev/null" % (orig, f, target), shell=True) else: copy_dir_if_not_exist("%s/%s" % (orig, f), "%s/%s" % (target, f))
def copy_dir_if_not_exist(orig, target): """function to copy missing directories from one location to another should only be used when syncing a directory structure from iso to disk like /var/log use case -- upgrade adds some service which logs to /var/log/<service> need to have the directory created, but it's not on iso upgrade """ for f in os.listdir(orig): if os.path.isdir("%s/%s" % (orig, f)): if not os.path.exists("%s/%s" % (target, f)): process.call("cp -av %s/%s %s &>/dev/null" % (orig, f, target)) else: copy_dir_if_not_exist("%s/%s" % (orig, f), "%s/%s" % (target, f))
def _flush(): """Let all pending operations finish and flush anything to any disks E.g. iscsi etc pipe() is used to capture the output of the calls """ # Don't litter the screen with output, so get a handle to /dev/null with open(os.devnull, 'wb') as DEVNULL: process.call(["partprobe"] + [ x for x in glob.glob("/dev/mapper/*") if not re.match(r'.*\/control$', x) ], stdout=DEVNULL, stderr=DEVNULL) process.call(["udevadm", "settle"], stdout=DEVNULL, stderr=DEVNULL)
def _setup_firewalld(port, proto): port_conf = "" rule_dict = {"port": port, "proto": proto } port_conf += FIREWALLD_PORT_XML % rule_dict port_dict = {"port_section": port_conf} with open(PLUGIN_XML_OUT, "w") as f: f.write(FIREWALLD_XML_TEMPLATE % port_dict) process.call(["firewall-cmd", "--reload"]) process.call(["firewall-cmd", "--permanent", "--add-service", "node-plugin"]) process.check_call(["firewall-cmd", "--reload"])
def run(args): # Instead of checking for an exception, return the actual return code # from ovirt-hosted-engine-setup in case we decide to check for some # real value on it in the future rc = process.call(["ovirt-hosted-engine-setup"] + args) if rc != 0: print("Something went wrong setting up hosted engine, or the " "setup process was cancelled.\n\nPress any key to continue...") getch() sys.exit(rc)
def _remove_devices(self): process.call(["killall", "dhclient"]) vlans = utils.network.Vlans() vifs = vlans.all_vlan_devices() self.logger.debug("Attempting to delete all vlans: %s" % vifs) for vifname in vifs: vlans.delete(vifname) if NicConfig(vifname).exists(): NicConfig(vifname).delete() # FIXME we are removing ALL bridges bridges = Bridges() for bifname in bridges.ifnames(): bridges.delete(bifname) if NicConfig(bifname).exists(): NicConfig(bifname).delete() bonds = Bonds() bonds.delete_all()
def enable_snmpd(password): system.service("snmpd", "stop") # get old password # if os.path.exists("/tmp/snmpd.conf"): conf = "/tmp/snmpd.conf" else: conf = snmp_conf cmd = "cat %s|grep createUser| grep -v '^#' | awk '{print $4}'" % conf oldpwd = process.pipe(cmd, shell=True).strip() process.call("sed -c -ie '/^createUser root/d' %s" % snmp_conf, shell=True) f = open(snmp_conf, "a") # create user account f.write("createUser root SHA %s AES\n" % password) f.close() # change existing password if len(oldpwd) > 0: system.service("snmpd", "start") pwd_change_cmd = (("snmpusm -v 3 -u root -n \"\" -l authNoPriv -a " + "SHA -A %s localhost passwd %s %s -x AES") % (oldpwd, oldpwd, password)) process.check_call(pwd_change_cmd, shell=True) # Only reached when no excepion occurs process.call(["rm", "-rf", "/tmp/snmpd.conf"]) system.service("snmpd", "stop") fs.Config().persist(snmp_conf) if not any([ x for x in open('/etc/snmp/snmpd.conf').readlines() if 'rwuser root' in x ]): with open('/etc/snmp/snmpd.conf', 'a') as f: f.write("rwuser root") fs.Config().persist("/etc/snmp/snmpd.conf") system.service("snmpd", "start")
def delete(self, ifname): if not self.is_bridge(ifname): raise RuntimeError("Can no delete '%s', is no bridge" % ifname) process.call("ifconfig %s down" % ifname) process.call("ip link delete %s type bridge" % ifname)
def poweroff(): """Poweroff the system """ process.call("poweroff")
def reboot(): """Reboot the system """ process.call("reboot")
def delete(self, ifname): if not self.is_bridge(ifname): raise RuntimeError("Can no delete '%s', is no bridge" % ifname) process.call(["ip", "link", "set", "dev", ifname, "down"]) process.call(["brctl", "delbr", ifname])
def delete(self, ifname): if not self.is_vlan_device(ifname): raise RuntimeError("Can no delete '%s', is no vlan device" % ifname) process.call(["ip", "link", "del", ifname])
def reset(): process.call(["reset"])
def delete_all(self): """Deletes all bond devices """ process.call(["rmmod", "bonding"], shell=False)
def delete(self, ifname): if not self.is_vlan_device(ifname): raise RuntimeError("Can no delete '%s', is no vlan device" % ifname) process.call(["vconfig", "rem", ifname])
def commit(self): cfg = RHN().retrieve() self.logger.debug(cfg) rhntype = cfg["rhntype"] serverurl = cfg["url"] cacert = cfg["ca_cert"] activationkey = cfg["activationkey"] username = cfg["username"] profilename = cfg["profile"] proxy = cfg["proxy"] proxyuser = cfg["proxyuser"] # novirtinfo: rhn-virtualization daemon refreshes virtinfo extra_args = ['--novirtinfo', '--norhnsd', '--nopackages', '--force'] args = ['/usr/sbin/rhnreg_ks'] if rhntype == "rhn": sys.path.append("/usr/share/rhn/up2date_client") import rhnreg rhnreg.cfg.set("serverURL", RHN_XMLRPC_ADDR) rhnreg.cfg.set("sslCACert", RHN_SSL_CERT) rhnreg.cfg.save() self.logger.info("ran update") if serverurl: cacert = cacert if cacert is not None else serverurl + \ "/pub/RHN-ORG-TRUSTED-SSL-CERT" if not serverurl.endswith("/XMLRPC"): serverurl = serverurl + "/XMLRPC" args.append('--serverUrl') args.append(serverurl) location = "/etc/sysconfig/rhn/%s" % \ os.path.basename(cacert) if cacert: if not os.path.exists(cacert): self.logger.info("Downloading CA cert.....") self.logger.debug("From: %s To: %s" % (cacert, location)) RHN().retrieveCert(cacert, location) if os.path.isfile(location): if os.stat(location).st_size > 0: args.append('--sslCACert') args.append(location) Config().persist(location) else: raise RuntimeError("Error Downloading \ CA cert!") if activationkey: args.append('--activationkey') args.append(activationkey) elif username: args.append('--username') args.append(username) if password: args.append('--password') args.append(password) else: # skip RHN registration when neither activationkey # nor username/password is supplied self.logger.debug("No activationkey or " "username+password given") return if profilename: args.append('--profilename') args.append(profilename) if proxy: args.append('--proxy') args.append(proxy) if proxyuser: args.append('--proxyUser') args.append(proxyuser) if proxypass: args.append('--proxyPassword') args.append(proxypass) args.extend(extra_args) self.logger.info("Registering to RHN account.....") conf = Config() conf.unpersist("/etc/sysconfig/rhn/systemid") conf.unpersist("/etc/sysconfig/rhn/up2date") logged_args = list(args) remove_values_from_args = ["--password", "--proxyPassword"] for idx, arg in enumerate(logged_args): if arg in remove_values_from_args: logged_args[idx+1] = "XXXXXXX" logged_args = str(logged_args) self.logger.debug(logged_args) try: subprocess.check_call(args) conf.persist("/etc/sysconfig/rhn/up2date") conf.persist("/etc/sysconfig/rhn/systemid") self.logger.info("System %s sucessfully registered to %s" % (profilename, serverurl)) # sync profile if reregistering, fixes problem with # virt guests not showing sys.path.append("/usr/share/rhn") from virtualization import support support.refresh(True) # find old SAM/Sat 6 registrations if Config().exists("/etc/rhsm/rhsm.conf"): process.call(["subscription-manager", "remove", "--all"]) process.call(["subscription-manager", "clean"]) Config().unpersist("/etc/rhsm/rhsm.conf") except: self.logger.exception("Failed to call: %s" % logged_args) raise RuntimeError("Error registering to RHN account")