def main(options, log):
if RhicCertificate.existsAndValid():
facts = Facts(ent_dir=EntitlementDirectory(),
prod_dir=ProductDirectory())
iproducts = managerlib.getInstalledProductStatus(ProductDirectory(),
EntitlementDirectory(), facts.get_facts())
product_certs = []
for product in iproducts:
product_certs.append(product[1])
certs = []
try:
certs = rhiclib.getCerts(facts.to_dict(), product_certs)
except connection.NetworkException, e:
if e.code == 410:
print _("RHIC was deleted by upstream server. See rhsm.log for more detail.")
RhicCertificate.move()
sys.exit(-1)
else:
raise
except connection.RemoteServerException, e:
if e.code == 404:
print _("RHIC was not found by upstream server. See rhsm.log for more detail.")
RhicCertificate.move()
sys.exit(-1)
else:
raise
def update(conduit):
""" update entitlement certificates """
if os.getuid() != 0:
conduit.info(3, 'Not root, Subscription Management repositories not updated')
return
conduit.info(3, 'Updating Subscription Management repositories.')
# XXX: Importing inline as you must be root to read the config file
from subscription_manager.certlib import ConsumerIdentity
cert_file = ConsumerIdentity.certpath()
key_file = ConsumerIdentity.keypath()
# if we have a RHIC, it's ok to call RepoLib without a ConsumerId or UEP
if RhicCertificate.existsAndValid():
rl = RepoLib()
rl.update()
return
try:
ConsumerIdentity.read().getConsumerId()
except Exception:
conduit.info(3, "Unable to read consumer identity")
return
try:
uep = connection.UEPConnection(cert_file=cert_file, key_file=key_file)
#FIXME: catchall exception
except Exception:
# log
conduit.info(2, "Unable to connect to Subscription Management Service")
return
rl = RepoLib(uep=uep)
rl.update()
def config_hook(conduit):
""" update """
# register rpm name for yum history recording"
# yum on 5.7 doesn't have this method, so check for it
if hasattr(conduit, 'registerPackageName'):
conduit.registerPackageName("subscription-manager")
logutil.init_logger_for_yum()
try:
update(conduit)
if not ClassicCheck().is_registered_with_classic() and not RhicCertificate.existsAndValid():
warnOrGiveUsageMessage(conduit)
warnExpired(conduit)
except Exception, e:
conduit.error(2, str(e))
def getCerts(facts_dict, product_certs):
rhic = RhicCertificate.read()
try:
identifier = managerlib.getRhicMachineId(facts_dict)
log.info("machine identifier is %s" % identifier)
except:
log.error("unable to determine machine identifier, aborting")
raise
results = None
# grab the certs from RCS
for i in range(LOOKUP_MAX_ATTEMPTS):
try:
results = SpliceConnection().getCerts(rhic, identifier, installed_products=product_certs, facts_dict=facts_dict)
except AcceptedException:
log.info("got a 202, retrying after pause of %s seconds" % LOOKUP_RETRY_DELAY)
time.sleep(LOOKUP_RETRY_DELAY)
else:
break
return results
def test_existsandvalid(self, mock_exists, mock_read):
mock_exists.return_value = True
mock_read.return_value = certificate.create_from_pem(certdata.RHIC_CERT)
testRhicCert = RhicCertificate()
testRhicCert.cfg = StubConfig()
self.assertTrue(testRhicCert.existsAndValid())