diff --git a/confluent_client/confluent/client.py b/confluent_client/confluent/client.py index fae497ee..bee16f00 100644 --- a/confluent_client/confluent/client.py +++ b/confluent_client/confluent/client.py @@ -42,9 +42,9 @@ _attraliases = { } try: - input = raw_input + getinput = raw_input except NameError: - pass + getinput = input class NestedDict(dict): @@ -284,9 +284,9 @@ class Command(object): nodename = list(self.read( '/noderange/{0}/nodes/'.format(noderange)))[0].get('item', {}).get('href', None) nodename = nodename[:-1] - p = input('Command is about to affect node {0}, continue (y/n)? '.format(nodename)) + p = getinput('Command is about to affect node {0}, continue (y/n)? '.format(nodename)) else: - p = input('Command is about to affect {0} nodes, continue (y/n)? '.format(nsize)) + p = getinput('Command is about to affect {0} nodes, continue (y/n)? '.format(nsize)) if p.lower() != 'y': sys.stderr.write('Aborting at user request\n') sys.exit(1) @@ -401,7 +401,7 @@ class Command(object): if fingerprint == khf[hostid]: return else: - replace = input( + replace = getinput( "MISMATCHED CERTIFICATE DATA, ACCEPT NEW? (y/n):") if replace not in ('y', 'Y'): raise Exception("BAD CERTIFICATE") diff --git a/confluent_osdeploy/utils/copernicus.c b/confluent_osdeploy/utils/copernicus.c index 807f5dc1..ab989c0e 100644 --- a/confluent_osdeploy/utils/copernicus.c +++ b/confluent_osdeploy/utils/copernicus.c @@ -27,6 +27,20 @@ int add_uuid(char* destination, int maxsize) { return uuidsize + 6; } +int add_confluent_uuid(char* destination, int maxsize) { + int uuidf; + int uuidsize; + uuidf = open("/confluent_uuid", O_RDONLY); + if (uuidf < 1) { return 0; } + strncpy(destination, "/confluentuuid=", maxsize); + uuidsize = read(uuidf, destination + 15, maxsize - 15); + close(uuidf); + if (destination[uuidsize + 14] == '\n') { + destination[uuidsize + 14] = 0; + } + return uuidsize + 15; +} + void add_macs(char* destination, int maxsize) { struct ifaddrs *ifc, *ifa; struct sockaddr_ll *lla; @@ -105,6 +119,8 @@ int main(int argc, char* argv[]) { inet_pton(AF_INET, "239.255.255.250", &dst4.sin_addr); strncpy(msg, "M-SEARCH * HTTP/1.1\r\nST: urn:xcat.org:service:confluent:", 1024); offset = strnlen(msg, 1024); + add_confluent_uuid(msg + offset, 1024 - offset); + offset = strnlen(msg, 1024); add_uuid(msg + offset, 1024 - offset); offset = strnlen(msg, 1024); add_macs(msg + offset, 1024 - offset); diff --git a/confluent_server/bin/osdeploy b/confluent_server/bin/osdeploy index e849cfd8..44a46b29 100644 --- a/confluent_server/bin/osdeploy +++ b/confluent_server/bin/osdeploy @@ -121,6 +121,9 @@ def init_confluent_myname(): return mynamedone = True hasconfluentuser = None + neededuid = os.stat('/etc/confluent').st_uid + if neededuid == 0: + return try: hasconfluentuser = pwd.getpwnam('confluent') except KeyError: @@ -247,6 +250,17 @@ def initialize(cmdset): 'subject.') else: didsomething = False + if not os.path.exists('/etc/confluent'): + sys.stderr.write('Start confluent service prior to initializng OS deployment\n') + sys.exit(1) + if cmdset.t or cmdset.s or cmdset.a or cmdset.u: + neededuid = os.stat('/etc/confluent').st_uid + try: + os.makedirs('/var/lib/confluent') + os.chown('/var/lib/confluent', neededuid, -1) + except OSError as e: + if e.errno != 17: + raise if cmdset.u: didsomething = True if not glob.glob('/root/.ssh/*.pub'): @@ -258,14 +272,6 @@ def initialize(cmdset): sys.exit(1) init_confluent_myname() sshutil.initialize_root_key(False) - if cmdset.t or cmdset.s or cmdset.a or cmdset.u: - neededuid = os.stat('/etc/confluent').st_uid - try: - os.makedirs('/var/lib/confluent') - os.chown('/var/lib/confluent', neededuid, -1) - except OSError as e: - if e.errno != 17: - raise if cmdset.t: didsomething = True init_confluent_myname() @@ -315,6 +321,16 @@ def initialize(cmdset): opath = os.getcwd() os.chdir('/var/lib/confluent/public/site') totar = [] + if not os.path.exists('confluent_uuid'): + c = client.Command() + for rsp in c.read('/uuid'): + uuid = rsp.get('uuid', {}).get('value', None) + if uuid: + with open('confluent_uuid', 'w') as uuidout: + uuidout.write(uuid) + uuidout.write('\n') + totar.append('confluent_uuid') + topack.append('confluent_uuid') if os.path.exists('ssh'): totar.append('ssh') topack.append('ssh/') diff --git a/confluent_server/confluent/core.py b/confluent_server/confluent/core.py index fd9aa58e..741db4fa 100644 --- a/confluent_server/confluent/core.py +++ b/confluent_server/confluent/core.py @@ -158,7 +158,7 @@ def _merge_dict(original, custom): rootcollections = ['deployment/', 'discovery/', 'events/', 'networking/', 'noderange/', 'nodes/', 'nodegroups/', 'usergroups/' , - 'users/', 'version'] + 'users/', 'uuid', 'version'] class PluginRoute(object): @@ -1216,6 +1216,8 @@ def handle_path(path, operation, configmanager, inputdata=None, autostrip=True): configmanager, inputdata, operation, pathcomponents) elif pathcomponents[0] == 'version': return (msg.Attributes(kv={'version': confluent.__version__}),) + elif pathcomponents[0] == 'uuid': + return (msg.Attributes(kv={'uuid': cfm.get_global('confluent_uuid')}),) elif pathcomponents[0] == 'usergroups': # TODO: when non-administrator accounts exist, # they must only be allowed to see their own user diff --git a/confluent_server/confluent/main.py b/confluent_server/confluent/main.py index 3a429b54..5f35b2c8 100644 --- a/confluent_server/confluent/main.py +++ b/confluent_server/confluent/main.py @@ -272,6 +272,8 @@ def run(args): if not confluentuuid: confluentuuid = str(uuid.uuid4()) configmanager.set_global('confluent_uuid', confluentuuid) + if not configmanager._masterkey: + configmanager.init_masterkey() if dbgif: oumask = os.umask(0o077) try: diff --git a/confluent_server/confluent/osimage.py b/confluent_server/confluent/osimage.py index 6f015afb..7c8822e0 100644 --- a/confluent_server/confluent/osimage.py +++ b/confluent_server/confluent/osimage.py @@ -484,6 +484,10 @@ def check_rhel(isoinfo): ver = entry.split('-')[2] arch = entry.split('.')[-2] break + elif 'redhat-release-9' in entry: + ver = entry.split('-')[2] + arch = entry.split('.')[-2] + break else: if '.discinfo' in isoinfo[1]: prodinfo = isoinfo[1]['.discinfo'] diff --git a/confluent_server/confluent/pam.py b/confluent_server/confluent/pam.py index ed57fc8a..5316a565 100644 --- a/confluent_server/confluent/pam.py +++ b/confluent_server/confluent/pam.py @@ -242,10 +242,10 @@ if __name__ == "__main__": readline.set_pre_input_hook(hook) if sys.version_info >= (3,): - result = input(prompt) + getinput = input else: - result = raw_input(prompt) - + getinput = raw_input + result = getinput(prompt) readline.set_pre_input_hook() return result diff --git a/confluent_server/confluent/syncfiles.py b/confluent_server/confluent/syncfiles.py index d9586f44..b5d6c277 100644 --- a/confluent_server/confluent/syncfiles.py +++ b/confluent_server/confluent/syncfiles.py @@ -128,15 +128,34 @@ class SyncList(object): try: uid = pwd.getpwnam(optval).pw_uid except KeyError: - uid = None - optval = {'name': optval, 'id': uid} + try: + uid = int(optval) + optval = None + except ValueError: + uid = None + if optval: + optval = {'name': optval} + else: + optval = {} + if uid is not None: + optval['id'] = uid elif optname == 'group': try: gid = grp.getgrnam(optval).gr_gid except KeyError: - gid = None - optval = {'name': optval, 'id': gid} - entopts[optname] = optval + try: + gid = int(optval) + optval = None + except ValueError: + gid = None + if optval: + optval = {'name': optval} + else: + optval = {} + if gid is not None: + optval['id'] = gid + if optval: + entopts[optname] = optval currmap[k] = v targ = v if v else k for f in targ.split(): diff --git a/imgutil/imgutil b/imgutil/imgutil index b7e0b484..cb14a650 100644 --- a/imgutil/imgutil +++ b/imgutil/imgutil @@ -342,7 +342,7 @@ def create_yumconf(sourcedir, addrepos): if os.path.exists(sourcedir + '/repodata'): yumconf.write('[genimage-topdir]\n') yumconf.write('name=Local install repository\n') - yumconf.write('baseurl={0}\n'.format(sourcedir)) + yumconf.write('baseurl=file://{0}\n'.format(sourcedir)) yumconf.write('enabled=1\ngpgcheck=0\n\n') else: c = configparser.ConfigParser() @@ -904,21 +904,43 @@ def fingerprint_source(sourcepath, args): return oshandler def fingerprint_host_el(args, hostpath='/'): - try: - import rpm - except ImportError: - return None if hostpath[0] != '/': hostpath = os.path.join(os.getcwd(), hostpath) - ts = rpm.TransactionSet(hostpath) - rpms = ts.dbMatch('provides', 'system-release') - for inf in rpms: - if 'el8' not in inf.release and 'el7' not in inf.release: - continue - osname = inf.name.replace('-release', '').replace('-', '_') - if osname == 'centos_linux': - osname = 'centos' - return ElHandler(osname, inf.version, os.uname().machine, args) + try: + import rpm + ts = rpm.TransactionSet(hostpath) + rpms = ts.dbMatch('provides', 'system-release') + for inf in rpms: + if 'el8' not in inf.release and 'el7' not in inf.release: + continue + osname = inf.name + version = inf.version + release = inf.release + except ImportError: + try: + rver = subprocess.check_output('rpm --root {0} -q --whatprovides system-release'.format(hostpath).split()) + if not isinstance(rver, str): + rver = rver.decode('utf8') + for infline in subprocess.check_output('rpm -qi {0}'.format(rver).split()).decode('utf8').split('\n'): + if ':' not in infline: + continue + k, v = infline.split(':', 1) + k = k.strip() + v = v.strip() + if k == 'Name': + osname = v + elif k == 'Release': + release = v + elif k == 'Version': + version = v + except subprocess.SubprocessError: + return None + if 'el8' not in release and 'el7' not in release: + return None + osname = osname.replace('-release', '').replace('-', '_') + if osname == 'centos_linux': + osname = 'centos' + return ElHandler(osname, version, os.uname().machine, args) def fingerprint_host_deb(args, hostpath='/'):