X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=NodeUpdate.py;h=b555437362595140fd22f01973784ed8a7d0800e;hb=a60eb2c1c02b4d9e1c72395b8f580f29588601ca;hp=33ea1f5de92fb1a9be46aad8f9bbe06cbe4da414;hpb=20b61e188758ca2107c21b8c7b72e3b1c477b2bd;p=nodeupdate.git diff --git a/NodeUpdate.py b/NodeUpdate.py index 33ea1f5..b555437 100644 --- a/NodeUpdate.py +++ b/NodeUpdate.py @@ -55,13 +55,19 @@ import string NODEUPDATE_PID_FILE= "/var/run/NodeUpdate.pid" # variables for cron file creation -TARGET_SCRIPT = '/usr/local/planetlab/bin/NodeUpdate.py' +TARGET_SCRIPT = '(echo && date && echo && /usr/local/planetlab/bin/NodeUpdate.py start) >>/var/log/NodeUpdate.log 2>&1' TARGET_DESC = 'Update node RPMs periodically' TARGET_USER = 'root' +TARGET_SHELL = '/bin/bash' CRON_FILE = '/etc/cron.d/NodeUpdate.cron' YUM_PATH = "/usr/bin/yum" +RPM_PATH = "/bin/rpm" + +RPM_GPG_PATH = "/etc/pki/rpm-gpg" + + # location of file containing http/https proxy info, if needed PROXY_FILE = '/etc/planetlab/http_proxy' @@ -73,6 +79,16 @@ REBOOT_FLAG = '/etc/planetlab/update-reboot' # location of directory containing boot server ssl certs SSL_CERT_DIR='/mnt/cdrom/bootme/cacert/' +# file containing list of extra groups to attempt to update, +# if necessary. +EXTRA_GROUPS_FILE= '/etc/planetlab/extra-node-groups' + +# file containing a list of rpms that we should attempt to delete +# before we updating everything else. this list is not +# removed with 'yum remove', because that could accidently remove +# dependency rpms that were not intended to be deleted. +DELETE_RPM_LIST_FILE= '/etc/planetlab/delete-rpm-list' + # print out a message only if we are displaying output def Message(Str): @@ -85,16 +101,21 @@ def Error(Str): print Str -# create an entry in /etc/cron.d so we run periodically -# we will be run once an hour at a 0-59 random offset +# create an entry in /etc/cron.d so we run periodically. +# we will be run once a day at a 0-59 minute random offset +# into a 0-23 random hour def UpdateCronFile(): try: + randomMinute= Random().randrange( 0, 59, 1 ); + randomHour= Random().randrange( 0, 23, 1 ); f = open( CRON_FILE, 'w' ); f.write( "# %s\n" % (TARGET_DESC) ); f.write( "MAILTO=%s\n" % (TARGET_USER) ); - f.write( "%s * * * * %s %s\n\n" % (randomMinute, TARGET_USER, TARGET_SCRIPT) ); + f.write( "SHELL=%s\n" % (TARGET_SHELL) ); + f.write( "%s %s * * * %s %s\n\n" % + (randomMinute, randomHour, TARGET_USER, TARGET_SCRIPT) ); f.close() print( "Created new cron.d entry." ) @@ -135,6 +156,14 @@ class NodeUpdate: return 0 + def InstallKeys( self ): + Message( "\nRemoving any existing GPG signing keys from the RPM database" ) + os.system( "%s --allmatches -e gpg-pubkey" % RPM_PATH ) + + Message( "\nInstalling all GPG signing keys in %s" % RPM_GPG_PATH ) + os.system( "%s --import %s/*" % (RPM_PATH, RPM_GPG_PATH) ) + + def ClearRebootFlag( self ): os.system( "/bin/rm -rf %s" % REBOOT_FLAG ) @@ -146,20 +175,70 @@ class NodeUpdate: if self.doReboot == 0: Message( "\nIgnoring any reboot flags set by RPMs" ); + + Message( "\nChecking if yum supports SSL certificate checks" ) + if os.system( "%s --help | grep -q sslcertdir" % YUM_PATH ) == 0: + Message( "Yes, using --sslcertdir option" ) + sslcertdir = "--sslcertdir=" + SSL_CERT_DIR + else: + Message( "No, not using --sslcertdir option" ) + sslcertdir = "" Message( "\nUpdating PlanetLab group" ) - os.system( "%s --sslcertdir=%s -y groupupdate \"PlanetLab\"" % - (YUM_PATH,SSL_CERT_DIR) ) + os.system( "%s %s -y groupupdate \"PlanetLab\"" % + (YUM_PATH, sslcertdir) ) Message( "\nUpdating rest of system" ) - os.system( "%s --sslcertdir=%s -y update" % - (YUM_PATH,SSL_CERT_DIR) ) - + os.system( "%s %s -y update" % + (YUM_PATH, sslcertdir) ) + + Message( "\nChecking for extra groups to update" ) + if os.access(EXTRA_GROUPS_FILE, os.R_OK) and \ + os.path.isfile(EXTRA_GROUPS_FILE): + extra_groups_contents= file(EXTRA_GROUPS_FILE).read() + extra_groups_contents= string.strip(extra_groups_contents) + if extra_groups_contents == "": + Message( "No extra groups found in file." ) + else: + for group in string.split(extra_groups_contents,"\n"): + Message( "\nUpdating %s group" % group ) + os.system( "%s %s -y groupupdate \"%s\"" % + (YUM_PATH, sslcertdir, group) ) + else: + Message( "No extra groups file found" ) + if os.access(REBOOT_FLAG, os.R_OK) and os.path.isfile(REBOOT_FLAG) and self.doReboot: Message( "\nAt least one update requested the system be rebooted" ) self.ClearRebootFlag() os.system( "/sbin/shutdown -r now" ) + + + def RemoveRPMS( self ): + + Message( "\nLooking for RPMs to be deleted." ) + if os.access(DELETE_RPM_LIST_FILE, os.R_OK) and \ + os.path.isfile(DELETE_RPM_LIST_FILE): + rpm_list_contents= file(DELETE_RPM_LIST_FILE).read() + rpm_list_contents= string.strip(rpm_list_contents) + + if rpm_list_contents == "": + Message( "No RPMs listed in file to delete." ) + return + + rpm_list= string.join(string.split(rpm_list_contents)) + + Message( "Deleting these RPMs:" ) + Message( rpm_list_contents ) + + rc= os.system( "%s -ev %s" % (RPM_PATH, rpm_list) ) + + if rc != 0: + Error( "Unable to delete RPMs, continuing. rc=%d" % rc ) + else: + Message( "RPMs deleted successfully." ) + else: + Message( "No RPMs list file found." ) @@ -203,7 +282,7 @@ if __name__ == "__main__": pid= string.strip(file(NODEUPDATE_PID_FILE).readline()) if pid <> "": if os.system("/bin/kill -0 %s > /dev/null 2>&1" % pid) == 0: - print "It appears we are already running, exiting." + Message( "It appears we are already running, exiting." ) sys.exit(1) # write out our process id @@ -214,9 +293,13 @@ if __name__ == "__main__": nodeupdate= NodeUpdate(doReboot) if not nodeupdate: - print "Unable to initialize." + Error( "Unable to initialize." ) else: - nodeupdate.CheckForUpdates() + nodeupdate.RemoveRPMS() + nodeupdate.InstallKeys() + nodeupdate.CheckForUpdates() + Message( "\nUpdate complete." ) # remove the PID file os.unlink( NODEUPDATE_PID_FILE ) +