3 g|@sddlZddlZddlZddlZddlZddlmZddlmZddlmZddlm Z ddlm Z ddlm Z ddlm Z dd lm Z dd lmZdd lmZdd lmZmZdd lmZy4ddlZddlZddlmZmZmZmZmZmZWnFe k r6ddl!j"Zddl#j$Ze%Ze&Ze'Ze(Ze)Ze)Ze*Z+YnXyddl,m-Z-Wne k rbdZ-YnXddl.Z.e.j/dddZ0e1e0dse0j.e0_2e0j2Z3dZ4de4Z5de4Z6dZ7dZ8dZ9dZ:dZ;ddddd Zdd#lm?Z?e?j@ZAe jBZCd$d%ZDd&d'ZEd(d)ZFd*d+ZGd,d-ZHd.d/ZId0d1ZJd2d3ZKd4d5ZLe(eMd6d7d8ZNeMd9d:d;ZOdd=d>ZPd?d@ZQdAdBZRdCdDZSdEdFZTdGdHZUdIdJZVdKdLZWdMdNZXdOdPZYGdQdRdRZZdeMdSdTdUZ[dVdWZ\dXdYZ]dZd[Z^d\d]Z_e(d^d_d`Z`ddadbZadcddZbdedfZcdgdhZddddddifdidjZedkdlZfdmdnZgdodpZhdqdrZidsdtZjdudvZkddwdxZlGdydzdzZmd{d|Znd}d~ZodddZpddZqedkrddZrn ddlsmrZrdS)N) up2dateUtils) up2dateErrors) up2dateAuth) rhnserver)pkgUtils) up2dateLog)rhnreg_constants)hardware)convertPackagesFromHashToList) getPlatform)ustrsstr) raise_with_tb)ListType TupleType StringType UnicodeTypeDictTypeDictionaryType)supportzrhn-client-toolsT)Zfallbackugettextz/etc/sysconfig/rhnz%s/rhn_register_remindz%s/hw-activation-codez/etc/pki/consumer/cert.pemz$/etc/sysconfig/rhn/cl-rollout-ca.pemz!/etc/sysconfig/rhn/cl-rollout.pemz%/etc/sysconfig/rhn/cl-rollout-key.pemz/etc/sysconfig/rhn/jwt.tokenZ shared_prosharedsoloadmin)zCloudLinux OS Shared ProzCloudLinux OS SharedzCloudLinux OS SolozCloudLinux OS AdmincCsi|]\}}||qSr).0kvrr/usr/lib/python3.6/rhnreg.py Ksr)configcCs&tjdtjtjBr"d}d}tj|tjtjBsNtjdtjtjBrNd}d}tjd|tjrtj|tjtjBrtjd|tjd|n ttd ntjd tjtjBrtjd n ttd d }tj|tjtjBstjdtjtjBrd}tjd|}|r"tjd|dS)Nz/usr/sbin/rhnsdz/usr/lib/systemd/systemz/usr/bin/systemctlz/bin/systemctlz/lib/systemd/systemz%s/rhnsd.servicez%s enable rhnsd > /dev/nullz%s start rhnsd > /dev/nullz,Warning: unable to enable rhnsd with systemdz/sbin/chkconfigz$/sbin/chkconfig rhnsd on > /dev/nullz.Warning: unable to enable rhnsd with chkconfigz /sbin/servicez/usr/sbin/servicez%s rhnsd status > /dev/nullz%s rhnsd start > /dev/null)osaccessR_OKX_OKsystemprint_)Zsystemd_system_unitdirZsystemd_systemctlZ service_pathZrcrrr startRhnsdSs,  r(c Cstdp d}tj|tjsiSt|d}|j}i}x`|D]X}|j}|dkrPq:y|jd\}}Wn"tk rt t j |YnX|j||<q:W|S)NZ oemInfoFilez/etc/sysconfig/rhn/oeminfor:) cfgr!r"r#open readlinesstripsplit ValueErrorrrZOemInfoFileError)Z configFilefdLinfoikeyvaluerrr getOemInfots    r8cCs*tjttjr"tjt}|jdkSdSdS)z@ Returns true if system is registred using subscription manager rFN)r!r" RHSM_FILEr#statst_size)Zstatinforrrrhsm_registereds  r<cCstjtdtjS)N systemIdPath)r!r"r,r#rrrr registeredsr>cCs$tjttjs ttd}|jdS)Nzw+)r!r" REMIND_FILEr#r-close)r2rrrcreateSystemRegisterRemindFiles rAcCstjttjrtjtdS)N)r!r"r?r#unlinkrrrrremoveSystemRegisterRemindFilesrCcCstjj|}tj|tjsdStj|tjrLytj||dWn dStj|tjtj Bt dd}tj |d}z|j t |Wd|jXdS)z; Write a file to disk that is not readable by other users. Fz.saveZ0600wNT)r!pathdirnamer"W_OKF_OKrenamer-O_WRONLYO_CREATintfdopenwriter r@)Z secure_fileZ file_contentsZdir_namer2Zfd_filerrr_write_secure_files   rPcCs"ttd|}|rtt|S)Nr=)rPr,rCupdateRhsmStatus)systemIdresrrr writeSystemIds rTc Csxd}tj}|dkrdSy6tj|}|j}|j|dj}t|dd}Wn$ttj fk rrt j ddSX|S)Nz'//member[name='system_id']/value/stringrz@systemID file doesn't have system_id field or the file is broken) r getSystemIdlibxml2ZparseDocZxpathNewContextZ xpathEvalZcontentrM IndexErrorZ parserErrorloglog_me)Z xpath_strrRresultcontext system_idrrrextract_system_ids  r^)tokenallowTransitioncCsnddl}ddl}|jjds dSdd|g}|r8|jd|j|}|j\}}|jdkrjtj d||fdS)zH Execute binary file which we use as hook for jwt token updates rNz /opt/cloudlinux/venv/bin/python3z/usr/sbin/cl-pre-jwt-updatez --new-tokenz--allow-transitionz7Pre jwt update hook failed with stdout=%s and stderr=%s) subprocessr!rFexistsappendPopen communicate returncoderYrZ)r_r`rar!cmdpstdoutstderrrrr_execute_pre_jwt_update_hooks      rk)r`cCsjddl}ddl}|jjds dSdg}|r4|jd|j|}|j\}}|jdkrftj d||fdS)zH Execute binary file which we use as hook for jwt token updates rNz /opt/cloudlinux/venv/bin/python3z/usr/sbin/cl-post-jwt-updatez--allow-transitionz8Post jwt update hook failed with stdout=%s and stderr=%s) rar!rFrbrcrdrerfrYrZ)r`rar!rgrhrirjrrr_execute_post_jwt_update_hooks     rlFcCstj}y|jj|}WnFtjk r.dStjtjtjtj fk r^t j t j dSXt||tt|t|dS)z Get a JWT token from CLN and save it to the file :param systemId: content of file `/etc/sysconfig/rhn/systemid` :return: None N)r RhnServerup2dateZ getJWTTokenrUnknownMethodExceptionAuthenticationTicketErrorRhnUuidUniquenessErrorCommunicationError$AuthenticationOrAccountCreationErrorrY log_exceptionsysexc_inforkrP JWT_TOKENrl)rRr`Z xmlrpm_serverr[rrrgetAndWriteJWTTokenToFiles  rxc;Csd }|dkrytjtWnttfk r2YnXytjtWnttfk rZYnXytjtWnttfk rYnXdStj}y|j j |}WnFt j k rdSt j t jt jt jfk rtjtjdSXx,|D]$}||jkrtjdj|dSqWytj|d}Wn tk rHtjddSXytj|d}Wn tk r|tjddSXytj|d}Wn tk rtjddSXtt|tt|tt|dS) z Get ca.crt, rollout.crt and rollout.key from CLN and write them to files :param systemId: registration ID :return: None cert_base64 ca_base64 key_base64NzCLN did not return "{}".z/CLN returned incorrectly encoded CA certificatez,CLN returned incorrectly encoded rollout keyz4CLN returned incorrectly encoded rollout certificate)ryrzr{)r!remove ROLLOUT_KEYOSErrorIOError ROLLOUT_CERTROLLOUT_CA_CERTrrmrnZgetCLNCertificaterrorprqrrrsrYrtrurvkeysrZformatbase64Z b64decode TypeErrorrP)rRrsr[r6Zca_certZ rollout_keyZ rollout_certrrr"prepareGradualRolloutCertsIfNeededsh     rcCstt|dS)z=Returns True if the write is successful or False if it fails. )rP HW_CODE_FILE)hw_activation_coderrr writeHWCode\src Cspy"tjjdr t\}}||fSWntk r6YnXt\}}|dk rR||fSt\}}|dk rl||fSdS)a This function returns the UUID and virtualization type of this system, if it is a guest. Otherwise, it returns None. To figure this out, we'll use a number of heuristics (list in order of precedence): 1. Check /proc/xen/xsd_port. If exists, we know the system is a host; exit. 2. Check SMBIOS. If vendor='Xen' and UUID is non-zero, we know the system is a fully-virt guest; exit. 3. Check /sys/hypervisor/uuid. If exists and is non-zero, we know the system is a para-virt guest; exit. 4. If non of the above checks worked; we know we have a non-xen-enabled system; exit. z/proc/xen/xsd_portN)NN)r!rFrbget_fully_virt_inforget_para_virt_info)uuid virt_typerrr get_virt_info`s     rc CsVysz@RegistrationResult.getSystemSlotDescriptions..)r)rr)rrgetSystemSlotDescriptionssz,RegistrationResult.getSystemSlotDescriptionscsfddjDS)Ncsg|]}j|qSr)_getFailedSlotDescription)rr)rrrrszFRegistrationResult.getFailedSystemSlotDescriptions..)r)rr)rrgetFailedSystemSlotDescriptionssz2RegistrationResult.getFailedSystemSlotDescriptionscCs|jS)z5Returns None if no universal activation key was used.)r)rrrrgetUniversalActivationKeysz,RegistrationResult.getUniversalActivationKeycCst|jdkot|jdkS)zReturns True if the system was subscribed to at least one channel and was given any type of system slot so it will get updates. In other words, returns True if the system will be getting at least basic updates. r)rrr)rrrrhasBaseAndUpdatess z$RegistrationResult.hasBaseAndUpdatescCs&|dkrtjdtjS|j|SdS)Nvirtualization_host )rVIRTZ VIRT_FAILEDr)rslotrrrrsz,RegistrationResult._getFailedSlotDescriptioncCs$|dkrtjS|dkrtjS|SdS)NZenterprise_entitledr)rZ MANAGEMENTr)rrrrrrs z&RegistrationResult._getSlotDescription)N)__name__ __module__ __qualname__rrVrrrrrrrrrrrrrrs  r)human_readablec CsFd}tjj|sdSt| }|jjd}|r4|St|SQRXdS)Nz/opt/cloudlinux/cl_editionrr)r!rFrbr-rr/_human_readable_to_product)rZedition_cache_filefZ raw_editionrrrgetServerEditions  rcCslddlm}m}tjjds"td}||d||d}dd|jD\}}|rVtt|d d j d S) Nr)rdPIPEz/opt/cloudlinux/venv/binzZ/opt/cloudlinux/venv/bin/python3 -c "from clcommon.cpapi import cpusers; print(cpusers())"T)shellrirjcSsg|]}|jjqSr)decoder/)rr[rrrrsz.get_users_count_from_cllib..z, ) rardrr!rFrbr1rerr0)rdrrgZprocessoutputerrorsrrrget_users_count_from_cllibs rcCsddlm}|}t|jS)Nr)ClPwd)Zup2date_client.clpwdrrZ get_uid_dict)rpwdrrrget_users_count_generics rc Cs*y t}Wntk r$t}YnX|S)N)r Exceptionr)Z users_countrrrcountServerUsers s   rc CsTy t|}WnPtjk rH}ztd|jtjdWYdd}~Xntjk r\dSXt}|d}||krxdS|rtdj t |t |dtdtjd|sPtj j stdtdt |dt |d }d dd }|j |} | dk rHt} | | kr4td ||d | dtjdn|d||d}t|dS)Nz%sreditionzWARNING: Automatic registration in yum transactions is only available when edition matches the provided license. Your current edition is {current_edition} and your license is {new_edition}.)Zcurrent_editionZ new_editionz0Run clnreg_ks manually to complete registration.aError: interactive input required for edition migration, but tool is running in non-interactive mode. Please try running the tool again in interactive shell or add `--migrate-silently` flag to accept allquestions and perform the edition migration silently.za edition installed on your server does not match license you are trying to register server with: zh. Migration is required. You may lose access to the services which are not supported by the new edition.)rrz@The license you are trying to register with allows a maximum of z% hosting accounts which is less than z) users detected on this server. Aborting.zG Also, the license you are trying to register with allows a maximum of zM hosting accounts. Make sure that your system complies with this requirement.)checkKeyrrrr&errmsgruexitrorr_product_to_human_readablestdinisattygetr_askConfirmation) activationKeyZ strictEditionZsilentMigrationZlicenseInformationeZcurrentEditionZlicenseEditionmessageZedition_to_users_limitZlicense_users_limitZusers_on_serverrrrcheckLicenseKey(sB       r)confirmationMessagecCs2t|td}|jdkr.tdtjddS)zS Prints message and makes sure that client is ready for edition migration. z Do you want to continue? [N/y]: yzAborted.rN)r&inputrrur)rZresponserrrrfs  rc Cs|dkr|dkstd|tjtjtjd}tj}|dk rJ||d<|rlx|jD]\}} | ||<qXW|rz||d<n||d<||d<|dk r||d<n(tj j d rd ntj j d rd nd |d<t drt t j|d<tj} | jj|} | S)ziWrapper for the old xmlrpc to register a system. Activates subscriptions if a reg num is given. Nz)username and password usage is deprecated)Z profile_nameZ os_releaseZ release_nameZ architecturer]r_rrrz/etc/cloudlinux-edition-solorz/etc/cloudlinux-edition-adminrrsupportsSMBIOSsmbios)AssertionErrorr getVersion getOSReleasegetArchrrVitemsr!rFrbr,_encode_charactersr get_smbiosrrmrZ new_system) rr profileNamer_otherrZ auth_dictZ system_id_xmlr6itemrretrrrregisterSystemrs2     rcCstj}|jj|}|S)zG Check the activation key and return it's edition and customer )rrmrZ license_check)rrrrrrrs rcCsly,tj}|j|dddd}tj|dd}Wntjk rBdSXy |jWntjk rfYnXdS)Nzcom.redhat.SubscriptionManagerz/EntitlementStatusF)Z introspectz0com.redhat.SubscriptionManager.EntitlementStatus)Zdbus_interface)dbusZ SystemBusZProxyObjectClassZ InterfaceZ DBusExceptionZ check_status)ZbusZ validity_objZvalidity_ifacerrrrQs   rQc Cstj}tj}tj}tj}d}y|jj|||||}Wn@tj k r|t j d}|j dkrvt tj|jnYnX|S)Nrc)rrmrrrZ getReleaserZavailable_eus_channels xmlrpclibZFaultrurvZ faultCoderrZ DelayErrorZ faultString)rrrZ server_archZserver_versionZserver_releaseZavailableChannelsrrrrgetAvailableChannelss    rc Cs$|dkr i}|r6|dkst|dks(t|dk sZtn$|dk sBt|dk sNt|dksZtx|jD]}|dksdtqdWtdrttj|d<tj}|r|jj |t j t j t j ||}n$|jj|t j t j t j |||}tjd |t|d |d |d |d |d|d|d} | S)aUses the new xmlrpcs to register a system. Returns a dict instead of just system id. The main differences between this and registerSystem and that this doesn't do activation and does child channel subscriptions if possible. See the documentation for the xmlrpc handlers in backend for more detail. If nothing is going to be in other, it can be {} or None. New in RHEL 5. Nregistration_numberorg_id virt_uuidrchannelrrz Returned: %sr]rZfailed_channelsZ system_slotsZfailed_system_slotsZuniversal_activation_key)r)rrrrr)rrr,rr rrrmrZnew_system_activation_keyrrrrZnew_system_user_passrY log_debugr) rrrZpackagesrrr6rr4r[rrrregisterSystem2sN       rcCstdS)NZ supportsEUS)r,rrrrserver_supports_eussrcCsdS)Nr)rRZ hardwareListrrr sendHardwaresrcCsdS)Nr)rRZ packageListrrr sendPackages,srcCstdk rtjdS)N)rZrefresh)rRrrr sendVirtInfo9srcCstj}t|jj|dS)N)rrmr&rZ list_packages)rRrrrr listPackages=srcCstj|\}}}}}}|dks&|dkrDd|}tj|\}}}}}}|d krVtjd|dksn|dksn|dkrrd}tj||||||f}|S) zzRaises up2dateErrors.InvalidProtocolError if the server url has a protocol specified and it's not http or https. Nr*zhttps://httpshttpzCYou specified an invalid protocol. Only https and http are allowed./z/XMLRPC)rr)urlparserZInvalidProtocolErrorZ urlunparse)serverZprotocolhostrFZ parametersZqueryZfragmentIdentifierrrrmakeNiceServerUrlAs rcCsdS)zdReturns 'hosted' if the url points to a known hosted server. Otherwise returns 'satellite'. Z satelliter)Z serverUrlrrr getServerTypeWsrc@sBeZdZdZdZiifddZddZddZd d Zd d Z d S)ActivationResultrrcCs||_||_||_||_dS)zschannels and systemSlots are dicts where the key/value pairs are label (string) / quantity (int). N)_status_regNumrr)rZstatusZregistrationNumberrrrrrrbszActivationResult.__init__cCs|jS)N)r)rrrr getStatusmszActivationResult.getStatuscCs|jS)N)r)rrrrgetRegistrationNumberpsz&ActivationResult.getRegistrationNumbercCs|jS)z7Returns a dict- the key/value pairs are label/quantity.)r)rrrrgetChannelsActivatedssz%ActivationResult.getChannelsActivatedcCs|jS)z7Returns a dict- the key/value pairs are label/quantity.)r)rrrrgetSystemSlotsActivatedwsz(ActivationResult.getSystemSlotsActivatedN) rrr ACTIVATED_NOW ALREADY_USEDrrrr r rrrrr^s rcGsg}x|D]}t|}|tkr(t|}nZ|tkrDtdd|D}n>|tkr\dd|D}n&|tksl|tkrtdd|j D}|j |q Wt |dkr|dSt|SdS) u All the data we gathered from dmi, bios, gudev are in utf-8, we need to convert characters beyond ord(127) - e.g ® to unicode. css|]}t|VqdS)N)r)rr5rrr sz%_encode_characters..cSsg|] }t|qSr)r)rr5rrrrsz&_encode_characters..cSsg|]\}}t||qSr)r)rnamevalrrrrsrrN) typerr rtuplerrrdictrrcr)argsr[rZ item_typerrrr{s   rcCsd}d}d}ytj}t|}Wn$tjdtjtjYnX|dk ry.t|||}|j t j krz|j }t |Wn>tjk rtjdYn tjk rtjdYnX|S)NzMThere was an error while reading the hardware info from the bios. Traceback: zsz$spawnRhnCheckForUI..z Warning: unable to run rhn_check) r!r"r#r$rardrmaprir.rjrYrZ)rdrrhrrrspawnRhnCheckForUIs rZdebcCsdS)z.On Debian no extra action for plugin is neededrr)rrrrrrr pluginEnablesr)r)F)F)NNNNNN)N)N)tr!rurrrWZup2date_clientrrrrrrrr Zup2date_client.rhnPackageInfor Zup2date_client.pkgplatformr Zrhn.i18nr r Zrhn.tbrrrtypesrrrrrr ImportErrorZ urllib.parseparseZ xmlrpc.clientZclientlistrbytesstrrrMrZvirtualizationrgettextZ translationthasattrrr'Z SYSID_DIRr?rr9rrr}rwrrrr ZinitUp2dateConfigr,ZinitLogrYr(r8r<r>rArCrPrTr^boolrkrlrxrrrrrrrrrrrrrrrrrrrQrrrrrrrrrrrrrrrZup2date_client.pmPluginrrrr s           $       !  E,? >  - ;   "