upstream/oracle/pkg-gate: src/sysrepo.py@7f1c7dd5254f (annotated)

2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	1	#!/usr/bin/python2.6
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	2	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	3	# CDDL HEADER START
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	4	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	5	# The contents of this file are subject to the terms of the
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	6	# Common Development and Distribution License (the "License").
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	7	# You may not use this file except in compliance with the License.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	8	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	9	# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	10	# or http://www.opensolaris.org/os/licensing.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	11	# See the License for the specific language governing permissions
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	12	# and limitations under the License.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	13	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	14	# When distributing Covered Code, include this CDDL HEADER in each
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	15	# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	16	# If applicable, add the following below this CDDL HEADER, with the
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	17	# fields enclosed by brackets "[]" replaced with your own identifying
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	18	# information: Portions Copyright [yyyy] [name of copyright owner]
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	19	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	20	# CDDL HEADER END
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	21	#
2644 434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	22	# Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	23
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	24	import atexit
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	25	import errno
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	26	import getopt
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	27	import gettext
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	28	import hashlib
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	29	import locale
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	30	import logging
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	31	import os
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	32	import shutil
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	33	import socket
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	34	import sys
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	35	import traceback
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	36	import urllib2
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	37	import warnings
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	38
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	39	from mako.template import Template
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	40
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	41	from pkg.client import global_settings
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	42	from pkg.misc import msg, PipeError
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	43
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	44	import pkg
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	45	import pkg.catalog
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	46	import pkg.client.api
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	47	import pkg.client.progress as progress
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	48	import pkg.client.api_errors as apx
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	49	import pkg.misc as misc
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	50	import pkg.portable as portable
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	51	import pkg.p5p as p5p
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	52
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	53	logger = global_settings.logger
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	54	orig_cwd = None
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	55
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	56	PKG_CLIENT_NAME = "pkg.sysrepo"
2612 7bf2387ebd19 18958 Error message concerning /var/pkg/lock & lack of privileges could be improved Saurabh Vyas <saurabh.vyas@oracle.com> parents: 2569 diff changeset	57	CLIENT_API_VERSION = 71
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	58	pkg.client.global_settings.client_name = PKG_CLIENT_NAME
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	59
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	60	# exit codes
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	61	EXIT_OK = 0
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	62	EXIT_OOPS = 1
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	63	EXIT_BADOPT = 2
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	64
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	65	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	66	# This is a simple python script, run from the method script that starts
2335 33734ca16f74 18254 system repository package should be renamed Brock Pytlik <brock.pytlik@oracle.com> parents: 2319 diff changeset	67	# svc:/application/pkg/system-repository:default.
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	68	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	69	# It writes an Apache configuration that is used to serve responses to pkg
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	70	# clients querying the system repository, as well as providing http/https proxy
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	71	# services to those clients, accessing external repositories.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	72	# file:// repositories on the system running the system repository are also
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	73	# exposed to pkg clients, via Alias directives.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	74	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	75	# See src/util/apache2/sysrepo/*.mako for the templates used to create the
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	76	# Apache configuration.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	77	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	78	# The following filesystem locations are used:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	79	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	80	# variable default install path description
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	81	# --------- --------------------- ------------
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	82	# runtime_dir system/volatile/pkg/sysrepo runtime .conf, htdocs, pid files
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	83	# template_dir etc/pkg/sysrepo mako templates
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	84	# log_dir var/log/pkg/sysrepo log files
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	85	# cache_dir var/cache/pkg/sysrepo apache proxy cache
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	86	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	87	# all of the above can be modified with command line arguments.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	88	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	89
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	90	SYSREPO_CRYPTO_FILENAME = "crypto.txt"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	91	SYSREPO_HTTP_TEMPLATE = "sysrepo_httpd.conf.mako"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	92	SYSREPO_HTTP_FILENAME = "sysrepo_httpd.conf"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	93
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	94	SYSREPO_PUB_TEMPLATE = "sysrepo_publisher_response.mako"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	95	SYSREPO_PUB_FILENAME = "index.html"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	96
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	97	SYSREPO_HTDOCS_DIRNAME = "htdocs"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	98
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	99	SYSREPO_VERSIONS_DIRNAME = ["versions", "0"]
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	100	SYSREPO_SYSPUB_DIRNAME = ["syspub", "0"]
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	101	SYSREPO_PUB_DIRNAME = ["publisher", "0"]
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	102
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	103	# static string with our versions response
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	104	SYSREPO_VERSIONS_STR = """\
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	105	pkg-server %s
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	106	publisher 0
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	107	versions 0
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	108	catalog 1
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	109	file 1
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	110	syspub 0
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	111	manifest 0
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	112	""" % pkg.VERSION
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	113
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	114	SYSREPO_USER = "pkg5srv"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	115	SYSREPO_GROUP = "pkg5srv"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	116
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	117	class SysrepoException(Exception):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	118	def __unicode__(self):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	119	# To workaround python issues 6108 and 2517, this provides a
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	120	# a standard wrapper for this class' exceptions so that they
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	121	# have a chance of being stringified correctly.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	122	return str(self)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	123
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	124	@atexit.register
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	125	def cleanup():
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	126	"""To be called at program finish."""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	127	pass
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	128
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	129	def error(text, cmd=None):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	130	"""Emit an error message prefixed by the command name """
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	131
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	132	if cmd:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	133	text = "%s: %s" % (cmd, text)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	134	pkg_cmd = "pkg.sysrepo "
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	135	else:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	136	pkg_cmd = "pkg.sysrepo: "
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	137
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	138	# If we get passed something like an Exception, we can convert
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	139	# it down to a string.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	140	text = str(text)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	141
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	142	# If the message starts with whitespace, assume that it should come
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	143	# before the command-name prefix.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	144	text_nows = text.lstrip()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	145	ws = text[:len(text) - len(text_nows)]
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	146
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	147	# This has to be a constant value as we can't reliably get our actual
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	148	# program name on all platforms.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	149	logger.error(ws + pkg_cmd + text_nows)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	150
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	151	def usage(usage_error=None, cmd=None, retcode=EXIT_BADOPT):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	152	"""Emit a usage message and optionally prefix it with a more
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	153	specific error message. Causes program to exit.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	154	"""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	155
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	156	if usage_error:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	157	error(usage_error, cmd=cmd)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	158
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	159	msg(_("""\
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	160	Usage:
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	161	pkg.sysrepo -p <port> [-R image_root] [ -c cache_dir] [-h hostname]
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	162	[-l logs_dir] [-r runtime_dir] [-s cache_size] [-t template_dir]
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	163	[-T http_timeout] [-w http_proxy] [-W https_proxy]
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	164	"""))
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	165	sys.exit(retcode)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	166
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	167	def _get_image(image_dir):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	168	"""Return a pkg.client.api.ImageInterface for the provided
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	169	image directory."""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	170
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	171	cdir = os.getcwd()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	172	if not image_dir:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	173	image_dir = "/"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	174	api_inst = None
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	175	tracker = progress.QuietProgressTracker()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	176	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	177	api_inst = pkg.client.api.ImageInterface(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	178	image_dir, CLIENT_API_VERSION,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	179	tracker, None, PKG_CLIENT_NAME)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	180
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	181	if api_inst.root != image_dir:
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	182	msg(_("Problem getting image at %s") % image_dir)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	183	except Exception, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	184	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	185	_("Unable to get image at %(dir)s: %(reason)s") %
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	186	{"dir": image_dir,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	187	"reason": str(err)})
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	188
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	189	# restore the current directory, which ImageInterace had changed
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	190	os.chdir(cdir)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	191	return api_inst
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	192
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	193	def _follow_redirects(uri_list, http_timeout):
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	194	""" Follow HTTP redirects from servers. Needed so that we can create
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	195	RewriteRules for all repository URLs that pkg clients may encounter."""
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	196
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	197	ret_uris = set(uri_list)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	198
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	199	class SysrepoRedirectHandler(urllib2.HTTPRedirectHandler):
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	200	""" A HTTPRedirectHandler that saves URIs we've been
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	201	redirected to along the path to our eventual destination."""
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	202	def __init__(self):
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	203	self.redirects = set()
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	204
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	205	def redirect_request(self, req, fp, code, msg, hdrs, newurl):
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	206	self.redirects.add(newurl)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	207	return urllib2.HTTPRedirectHandler.redirect_request(
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	208	self, req, fp, code, msg, hdrs, newurl)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	209
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	210	for uri in uri_list:
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	211	handler = SysrepoRedirectHandler()
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	212	opener = urllib2.build_opener(handler)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	213	if not uri.startswith("http:"):
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	214	ret_uris.update([uri])
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	215	continue
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	216
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	217	# otherwise, open a known url to check for redirects
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	218	try:
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	219	opener.open("%s/versions/0" % uri, None, http_timeout)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	220	ret_uris.update(set(
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	221	[item.replace("/versions/0", "").rstrip("/")
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	222	for item in handler.redirects]))
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	223	except urllib2.URLError, err:
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	224	# We need to log this, and carry on - the url
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	225	# could become available at a later date.
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	226	msg(_("WARNING: unable to access %(uri)s when checking "
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	227	"for redirects: %(err)s") % locals())
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	228	return sorted(list(ret_uris))
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	229
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	230	def _get_publisher_info(api_inst, http_timeout):
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	231	"""Returns information about the publishers configured for the given
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	232	ImageInterface.
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	233
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	234	The first item returned is a map of uris to tuples, (prefix, cert, key,
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	235	hash of the uri)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	236
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	237	The second item returned is a list of publisher prefixes which specify
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	238	no uris."""
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	239
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	240	# build a map of URI to (pub.prefix, cert, key, hash) tuples
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	241	uri_pub_map = {}
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	242	no_uri_pubs = []
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	243
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	244	for pub in api_inst.get_publishers():
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	245	if pub.disabled:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	246	continue
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	247
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	248	prefix = pub.prefix
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	249	repo = pub.repository
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	250	uri_list = _follow_redirects(
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	251	[repo_uri.uri.rstrip("/")
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	252	for repo_uri in repo.mirrors + repo.origins],
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	253	http_timeout)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	254
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	255	for uri in uri_list:
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	256	# we only support p5p files and directory-based
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	257	# repositories of >= version 4.
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	258	if uri.startswith("file:"):
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	259	urlresult = urllib2.urlparse.urlparse(uri)
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	260	if not os.path.exists(urlresult.path):
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	261	raise SysrepoException(
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	262	_("file repository %s does not "
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	263	"exist or is not accessible") % uri)
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	264	if os.path.isdir(urlresult.path) and \
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	265	not os.path.exists(os.path.join(
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	266	urlresult.path, "pkg5.repository")):
2367 49e71b6682c7 18297 system-repository needs to be enabled more Tim Foster <tim.s.foster@oracle.com> parents: 2339 diff changeset	267	raise SysrepoException(
49e71b6682c7 18297 system-repository needs to be enabled more Tim Foster <tim.s.foster@oracle.com> parents: 2339 diff changeset	268	_("file repository %s cannot be "
49e71b6682c7 18297 system-repository needs to be enabled more Tim Foster <tim.s.foster@oracle.com> parents: 2339 diff changeset	269	"proxied. Only file "
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	270	"repositories of version 4 or "
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	271	"later are supported.") % uri)
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	272	if not os.path.isdir(urlresult.path):
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	273	try:
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	274	p5p.Archive(urlresult.path)
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	275	except p5p.InvalidArchive:
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	276	raise SysrepoException(
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	277	_("unable to read p5p "
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	278	"archive file at %s") %
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	279	urlresult.path)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	280
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	281	hash = _uri_hash(uri)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	282	cert = repo_uri.ssl_cert
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	283	key = repo_uri.ssl_key
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	284	if uri in uri_pub_map:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	285	uri_pub_map[uri].append((prefix, cert, key,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	286	hash))
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	287	else:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	288	uri_pub_map[uri] = [(prefix, cert, key, hash)]
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	289
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	290	if not repo.mirrors + repo.origins:
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	291	no_uri_pubs.append(prefix)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	292	return uri_pub_map, no_uri_pubs
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	293
2644 434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	294	def _chown_cache_dir(dir):
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	295	"""Sets ownership for cache directory as pkg5srv:bin"""
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	296
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	297	uid = portable.get_user_by_name(SYSREPO_USER, None, False)
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	298	gid = portable.get_group_by_name("bin", None, False)
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	299	try:
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	300	os.chown(dir, uid, gid)
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	301	except OSError, err:
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	302	if not os.environ.get("PKG5_TEST_ENV", None):
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	303	raise SysrepoException(
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	304	_("Unable to chown to %(user)s:%(group)s: "
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	305	"%(err)s") %
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	306	{"user": SYSREPO_USER, "group": "bin",
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	307	"err": err})
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	308
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	309	def _write_httpd_conf(runtime_dir, log_dir, template_dir, host, port, cache_dir,
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	310	cache_size, uri_pub_map, http_proxy, https_proxy):
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	311	"""Writes the apache configuration for the system repository."""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	312
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	313	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	314	# check our hostname
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	315	socket.gethostbyname(host)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	316
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	317	# check our directories
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	318	dirs = [runtime_dir, log_dir]
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	319	if cache_dir not in ["None", "memory"]:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	320	dirs.append(cache_dir)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	321	for dir in dirs + [template_dir]:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	322	if os.path.exists(dir) and not os.path.isdir(dir):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	323	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	324	_("%s is not a directory") % dir)
2644 434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	325
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	326	for dir in dirs:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	327	try:
2644 434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	328	os.makedirs(dir, 0755)
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	329	# set pkg5srv:bin as ownership for cache
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	330	# directory.
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	331	if dir == cache_dir:
434fe01f111b 7120902 var/cache/pkg/sysrepo recreated with broken perms abhinandan.ekande@oracle.com parents: 2612 diff changeset	332	_chown_cache_dir(dir)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	333	except OSError, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	334	if err.errno != errno.EEXIST:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	335	raise
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	336
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	337	# check our port
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	338	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	339	num = int(port)
2338 63a4d56416c6 18240 zone proxy needed johansen <johansen@opensolaris.org> parents: 2335 diff changeset	340	if num <= 0 or num >= 65535:
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	341	raise SysrepoException(_("invalid port: %s") %
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	342	port)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	343	except ValueError:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	344	raise SysrepoException(_("invalid port: %s") % port)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	345
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	346	# check our cache size
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	347	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	348	num = int(cache_size)
2338 63a4d56416c6 18240 zone proxy needed johansen <johansen@opensolaris.org> parents: 2335 diff changeset	349	if num <= 0:
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	350	raise SysrepoException(_("invalid cache size: "
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	351	"%s") % num)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	352	except ValueError:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	353	raise SysrepoException(_("invalid cache size: %s") %
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	354	cache_size)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	355
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	356	# check our proxy arguments - we can use a proxy to handle
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	357	# incoming http or https requests, but that proxy must use http.
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	358	for key, val in [("http_proxy", http_proxy),
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	359	("https_proxy", https_proxy)]:
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	360	if not val:
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	361	continue
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	362	try:
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	363	result = urllib2.urlparse.urlparse(val)
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	364	if result.scheme != "http":
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	365	raise Exception(
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	366	_("scheme must be http"))
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	367	if not result.netloc:
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	368	raise Exception("missing netloc")
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	369	except Exception, e:
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	370	raise SysrepoException(
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	371	_("invalid %(key)s: %(val)s: %(err)s") %
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	372	{"key": key, "val": val, "err": str(e)})
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	373
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	374	httpd_conf_template_path = os.path.join(template_dir,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	375	SYSREPO_HTTP_TEMPLATE)
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	376
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	377	# we're disabling unicode here because we want Mako to
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	378	# passthrough any filesystem path names, whatever the
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	379	# original encoding.
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	380	httpd_conf_template = Template(
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	381	filename=httpd_conf_template_path,
7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	382	disable_unicode=True)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	383
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	384	# our template expects cache size expressed in Kb
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	385	httpd_conf_text = httpd_conf_template.render(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	386	sysrepo_log_dir=log_dir,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	387	sysrepo_runtime_dir=runtime_dir,
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	388	sysrepo_template_dir=template_dir,
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	389	uri_pub_map=uri_pub_map,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	390	ipv6_addr="::1",
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	391	host=host,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	392	port=port,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	393	cache_dir=cache_dir,
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	394	cache_size=int(cache_size) * 1024,
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	395	http_proxy=http_proxy,
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	396	https_proxy=https_proxy)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	397	httpd_conf_path = os.path.join(runtime_dir,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	398	SYSREPO_HTTP_FILENAME)
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	399	httpd_conf_file = file(httpd_conf_path, "wb")
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	400	httpd_conf_file.write(httpd_conf_text)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	401	httpd_conf_file.close()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	402	except socket.gaierror, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	403	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	404	_("Unable to write sysrepo_httpd.conf: %(host)s: "
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	405	"%(err)s") % locals())
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	406	except (OSError, IOError), err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	407	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	408	_("Unable to write sysrepo_httpd.conf: %s") % err)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	409
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	410	def _write_crypto_conf(runtime_dir, uri_pub_map):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	411	"""Writes the crypto.txt file, containing keys and certificates
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	412	in order for the system repository to proxy to https repositories."""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	413
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	414	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	415	crypto_path = os.path.join(runtime_dir, SYSREPO_CRYPTO_FILENAME)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	416	file(crypto_path, "w").close()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	417	os.chmod(crypto_path, 0600)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	418	written_crypto_content = False
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	419
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	420	for repo_list in uri_pub_map.values():
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	421	for (pub, cert_path, key_path, hash) in repo_list:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	422	if cert_path and key_path:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	423	crypto_file = file(crypto_path, "a")
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	424	crypto_file.writelines(file(cert_path))
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	425	crypto_file.writelines(file(key_path))
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	426	crypto_file.close()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	427	written_crypto_content = True
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	428
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	429	# Apache needs us to have some content in this file
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	430	if not written_crypto_content:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	431	crypto_file = file(crypto_path, "w")
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	432	crypto_file.write(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	433	"# this space intentionally left blank\n")
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	434	crypto_file.close()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	435	os.chmod(crypto_path, 0400)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	436	except OSError, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	437	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	438	_("unable to write crypto.txt file: %s") % err)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	439
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	440	def _write_publisher_response(uri_pub_map, htdocs_path, template_dir):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	441	"""Writes static html for all file-repository-based publishers that
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	442	is served as their publisher/0 responses. Responses for
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	443	non-file-based publishers are handled by rewrite rules in our
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	444	Apache configuration."""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	445
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	446	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	447	# build a version of our uri_pub_map, keyed by publisher
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	448	pub_uri_map = {}
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	449	for uri in uri_pub_map:
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	450	for (pub, cert, key, hash) in uri_pub_map[uri]:
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	451	if pub not in pub_uri_map:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	452	pub_uri_map[pub] = []
2677 7f1c7dd5254f 7140764 pkg.sysrepo should support p5p files Tim Foster <tim.s.foster@oracle.com> parents: 2644 diff changeset	453	pub_uri_map[pub].append((uri, cert, key, hash))
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	454
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	455	publisher_template_path = os.path.join(template_dir,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	456	SYSREPO_PUB_TEMPLATE)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	457	publisher_template = Template(filename=publisher_template_path)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	458
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	459	for pub in pub_uri_map:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	460	for (uri, cert_path, key_path, hash) in \
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	461	pub_uri_map[pub]:
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	462	if uri.startswith("file:"):
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	463	publisher_text = \
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	464	publisher_template.render(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	465	uri=uri, pub=pub)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	466	publisher_path = os.path.sep.join(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	467	[htdocs_path, pub, hash] +
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	468	SYSREPO_PUB_DIRNAME)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	469	os.makedirs(publisher_path)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	470	publisher_file = file(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	471	os.path.sep.join([publisher_path,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	472	SYSREPO_PUB_FILENAME]), "w")
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	473	publisher_file.write(publisher_text)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	474	publisher_file.close()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	475	except OSError, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	476	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	477	_("unable to write publisher response: %s") % err)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	478
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	479	def _write_versions_response(htdocs_path):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	480	"""Writes a static versions/0 response for the system repository."""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	481
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	482	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	483	versions_path = os.path.join(htdocs_path,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	484	os.path.sep.join(SYSREPO_VERSIONS_DIRNAME))
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	485	os.makedirs(versions_path)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	486
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	487	versions_file = file(os.path.join(versions_path, "index.html"),
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	488	"w")
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	489	versions_file.write(SYSREPO_VERSIONS_STR)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	490	versions_file.close()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	491	except OSError, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	492	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	493	_("Unable to write versions response: %s") % err)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	494
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	495	def _write_sysrepo_response(api_inst, htdocs_path, uri_pub_map, no_uri_pubs):
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	496	"""Writes a static syspub/0 response for the system repository."""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	497
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	498	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	499	sysrepo_path = os.path.join(htdocs_path,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	500	os.path.sep.join(SYSREPO_SYSPUB_DIRNAME))
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	501	os.makedirs(sysrepo_path)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	502	pub_prefixes = [
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	503	info[0]
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	504	for uri in uri_pub_map.keys()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	505	for info in uri_pub_map[uri]
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	506	]
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	507	pub_prefixes.extend(no_uri_pubs)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	508	api_inst.write_syspub(os.path.join(sysrepo_path, "index.html"),
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	509	pub_prefixes, 0)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	510	except (OSError, apx.ApiException), err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	511	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	512	_("Unable to write syspub response: %s") % err)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	513
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	514	def _uri_hash(uri):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	515	"""Returns a string hash of the given URI"""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	516	return hashlib.sha1(uri).hexdigest()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	517
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	518	def _chown_runtime_dir(runtime_dir):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	519	"""Change the ownership of all files under runtime_dir to our sysrepo
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	520	user/group"""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	521
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	522	uid = portable.get_user_by_name(SYSREPO_USER, None, False)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	523	gid = portable.get_group_by_name(SYSREPO_GROUP, None, False)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	524	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	525	misc.recursive_chown_dir(runtime_dir, uid, gid)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	526	except OSError, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	527	if not os.environ.get("PKG5_TEST_ENV", None):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	528	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	529	_("Unable to chown to %(user)s:%(group)s: "
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	530	"%(err)s") %
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	531	{"user": SYSREPO_USER, "group": SYSREPO_GROUP,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	532	"err": err})
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	533
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	534	def cleanup_conf(runtime_dir=None):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	535	"""Destroys an old configuration."""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	536	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	537	shutil.rmtree(runtime_dir, ignore_errors=True)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	538	except OSError, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	539	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	540	_("Unable to cleanup old configuration: %s") % err)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	541
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	542	def refresh_conf(image_root="/", port=None, runtime_dir=None,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	543	log_dir=None, template_dir=None, host="127.0.0.1", cache_dir=None,
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	544	cache_size=1024, http_timeout=3, http_proxy=None, https_proxy=None):
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	545	"""Creates a new configuration for the system repository.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	546	That is, it copies /var/pkg/pkg5.image file the htdocs
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	547	directory and creates an apache .conf file.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	548
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	549	TODO: a way to map only given zones to given publishers
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	550	"""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	551	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	552	ret = EXIT_OK
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	553	cleanup_conf(runtime_dir=runtime_dir)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	554	try:
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	555	http_timeout = int(http_timeout)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	556	except ValueError, err:
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	557	raise SysrepoException(
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	558	_("invalid value for http_timeout: %s") % err)
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	559	if http_timeout < 1:
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	560	raise SysrepoException(
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	561	_("http_timeout must a positive integer"))
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	562	try:
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	563	api_inst = _get_image(image_root)
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	564	uri_pub_map, no_uri_pubs = _get_publisher_info(api_inst,
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	565	http_timeout)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	566	except SysrepoException, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	567	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	568	_("unable to get publisher information: %s") %
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	569	err)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	570	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	571	htdocs_path = os.path.join(runtime_dir,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	572	SYSREPO_HTDOCS_DIRNAME)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	573	os.makedirs(htdocs_path)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	574	except OSError, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	575	raise SysrepoException(
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	576	_("unable to create htdocs dir: %s") % err)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	577
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	578	_write_httpd_conf(runtime_dir, log_dir, template_dir, host,
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	579	port, cache_dir, cache_size, uri_pub_map, http_proxy,
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	580	https_proxy)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	581	_write_crypto_conf(runtime_dir, uri_pub_map)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	582	_write_publisher_response(uri_pub_map, htdocs_path,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	583	template_dir)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	584	_write_versions_response(htdocs_path)
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	585	_write_sysrepo_response(api_inst, htdocs_path, uri_pub_map,
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	586	no_uri_pubs)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	587	_chown_runtime_dir(runtime_dir)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	588	except SysrepoException, err:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	589	error(err)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	590	ret = EXIT_OOPS
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	591	return ret
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	592
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	593	def main_func():
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	594	global_settings.client_name = PKG_CLIENT_NAME
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	595
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	596	global orig_cwd
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	597
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	598	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	599	orig_cwd = os.getcwd()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	600	except OSError, e:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	601	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	602	orig_cwd = os.environ["PWD"]
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	603	if not orig_cwd or orig_cwd[0] != "/":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	604	orig_cwd = None
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	605	except KeyError:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	606	orig_cwd = None
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	607
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	608	# some sensible defaults
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	609	host = "127.0.0.1"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	610	port = None
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	611	# an empty image_root means we don't get '//' in the below
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	612	# _get_image() deals with "" in a sane manner.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	613	image_root = ""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	614	cache_dir = "%s/var/cache/pkg/sysrepo" % image_root
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	615	cache_size = "1024"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	616	template_dir = "%s/etc/pkg/sysrepo" % image_root
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	617	runtime_dir = "%s/var/run/pkg/sysrepo" % image_root
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	618	log_dir = "%s/var/log/pkg/sysrepo" % image_root
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	619	http_timeout = 4
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	620	http_proxy = None
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	621	https_proxy = None
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	622
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	623	try:
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	624	opts, pargs = getopt.getopt(sys.argv[1:],
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	625	"c:h:l:p:r:R:s:t:T:w:W:?", ["help"])
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	626	for opt, arg in opts:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	627	if opt == "-c":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	628	cache_dir = arg
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	629	elif opt == "-h":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	630	host = arg
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	631	elif opt == "-l":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	632	log_dir = arg
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	633	elif opt == "-p":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	634	port = arg
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	635	elif opt == "-r":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	636	runtime_dir = arg
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	637	elif opt == "-R":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	638	image_root = arg
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	639	elif opt == "-s":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	640	cache_size = arg
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	641	elif opt == "-t":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	642	template_dir = arg
2448 2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	643	elif opt == "-T":
2a649d8c190d 18272 pkg.sysrepo can't proxy publishers that are redirected Tim Foster <tim.s.foster@oracle.com> parents: 2446 diff changeset	644	http_timeout = arg
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	645	elif opt == "-w":
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	646	http_proxy = arg
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	647	elif opt == "-W":
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	648	https_proxy = arg
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	649	else:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	650	usage()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	651
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	652	except getopt.GetoptError, e:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	653	usage(_("illegal global option -- %s") % e.opt)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	654
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	655	if not port:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	656	usage(_("required port option missing."))
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	657
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	658	ret = refresh_conf(image_root=image_root, log_dir=log_dir,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	659	host=host, port=port, runtime_dir=runtime_dir,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	660	template_dir=template_dir, cache_dir=cache_dir,
2479 2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	661	cache_size=cache_size, http_timeout=http_timeout,
2d6f9d6cb05b 18701 sysrepo needs http/https proxy support Tim Foster <tim.s.foster@oracle.com> parents: 2453 diff changeset	662	http_proxy=http_proxy, https_proxy=https_proxy)
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	663	return ret
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	664
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	665	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	666	# Establish a specific exit status which means: "python barfed an exception"
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	667	# so that we can more easily detect these in testing of the CLI commands.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	668	#
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	669	def handle_errors(func, args, *kwargs):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	670	"""Catch exceptions raised by the main program function and then print
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	671	a message and/or exit with an appropriate return code.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	672	"""
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	673
2569 1f9f50d0cde3 18977 pkg stack traces should tell customers to report issues to service Shawn Walker <shawn.walker@oracle.com> parents: 2550 diff changeset	674	traceback_str = misc.get_traceback_message()
2310 ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	675
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	676	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	677	# Out of memory errors can be raised as EnvironmentErrors with
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	678	# an errno of ENOMEM, so in order to handle those exceptions
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	679	# with other errnos, we nest this try block and have the outer
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	680	# one handle the other instances.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	681	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	682	__ret = func(args, *kwargs)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	683	except (MemoryError, EnvironmentError), __e:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	684	if isinstance(__e, EnvironmentError) and \
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	685	__e.errno != errno.ENOMEM:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	686	raise
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	687	error("\n" + misc.out_of_memory())
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	688	__ret = EXIT_OOPS
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	689	except SystemExit, __e:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	690	raise __e
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	691	except (PipeError, KeyboardInterrupt):
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	692	# Don't display any messages here to prevent possible further
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	693	# broken pipe (EPIPE) errors.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	694	__ret = EXIT_OOPS
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	695	except apx.VersionException, __e:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	696	error(_("The sysrepo command appears out of sync with the "
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	697	"libraries provided\nby pkg:/package/pkg. The client "
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	698	"version is %(client)s while the library\nAPI version is "
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	699	"%(api)s.") % {'client': __e.received_version,
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	700	'api': __e.expected_version
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	701	})
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	702	__ret = EXIT_OOPS
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	703	except:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	704	traceback.print_exc()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	705	error(traceback_str)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	706	__ret = 99
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	707	return __ret
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	708
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	709
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	710	if __name__ == "__main__":
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	711	misc.setlocale(locale.LC_ALL, "", error)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	712	gettext.install("pkg", "/usr/share/locale")
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	713
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	714	# Make all warnings be errors.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	715	warnings.simplefilter('error')
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	716
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	717	__retval = handle_errors(main_func)
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	718	try:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	719	logging.shutdown()
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	720	except IOError:
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	721	# Ignore python's spurious pipe problems.
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	722	pass
ce10607d5332 11684 desire option to not propagate certs to non-global zones Brock Pytlik <brock.pytlik@oracle.com> parents: diff changeset	723	sys.exit(__retval)

author	Tim Foster <tim.s.foster@oracle.com>
	Wed, 23 May 2012 09:49:43 +1200
changeset 2677	7f1c7dd5254f
parent 2644	434fe01f111b
child 2678	5386f65ff099
permissions	-rwxr-xr-x