X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FMethods%2FGetBootMedium.py;h=d5565255ec879bf208ef72dd3de7de923b05a528;hb=9918af35bd1c1a651eefc1b0d398c28b66371092;hp=0dc06d63e6082eca7a3db3ebe5c2d66fa5c9a176;hpb=c7d2939e74dad73b11a411f842305aeb6d6b7f44;p=plcapi.git diff --git a/PLC/Methods/GetBootMedium.py b/PLC/Methods/GetBootMedium.py index 0dc06d6..d556525 100644 --- a/PLC/Methods/GetBootMedium.py +++ b/PLC/Methods/GetBootMedium.py @@ -1,3 +1,4 @@ +# $Id$ import random import base64 import os @@ -9,30 +10,9 @@ from PLC.Parameter import Parameter, Mixed from PLC.Auth import Auth from PLC.Nodes import Node, Nodes -from PLC.NodeNetworks import NodeNetwork, NodeNetworks -from PLC.NodeNetworkSettings import NodeNetworkSetting, NodeNetworkSettings - -# -# xxx todo -# Thierry on june 5 2007 -# -# it turns out that having either apache (when invoked through xmlrpc) -# or root (when running plcsh directly) run this piece of code is -# problematic. In fact although we try to create intermediate dirs -# with mode 777, what happens is that root's umask in the plc chroot -# jail is set to 0022. -# -# the bottom line is, depending on who (apache or root) runs this for -# the first time, we can access denied issued (when root comes first) -# so probably we'd better implement a scheme where files are stored -# directly under /var/tmp or something -# -# in addition the sequels of a former run (e.g. with a non-empty -# filename) can prevent subsequent runs if the file is not properly -# cleaned up after use, which is generally the case if someone invokes -# this through plcsh and does not clean up -# so maybe a dedicated cleanup method could be useful just in case -# +from PLC.Interfaces import Interface, Interfaces +from PLC.InterfaceSettings import InterfaceSetting, InterfaceSettings +from PLC.NodeTags import NodeTags # could not define this in the class.. boot_medium_actions = [ 'node-preview', @@ -43,6 +23,18 @@ boot_medium_actions = [ 'node-preview', 'generic-usb', ] +# compute a new key +# xxx used by GetDummyBoxMedium +def compute_key(): + # Generate 32 random bytes + bytes = random.sample(xrange(0, 256), 32) + # Base64 encode their string representation + key = base64.b64encode("".join(map(chr, bytes))) + # Boot Manager cannot handle = in the key + # XXX this sounds wrong, as it might prevent proper decoding + key = key.replace("=", "") + return key + class GetBootMedium(Method): """ This method is a redesign based on former, supposedly dedicated, @@ -50,7 +42,7 @@ class GetBootMedium(Method): As compared with its ancestor, this method provides a much more detailed detailed interface, that allows to - (*) either just preview the node config file (in which case + (*) either just preview the node config file -- in which case the node key is NOT recomputed, and NOT provided in the output (*) or regenerate the node config file for storage on a floppy that is, exactly what the ancestor method used todo, @@ -70,8 +62,6 @@ class GetBootMedium(Method): Apart for the preview mode, this method generates a new node key for the specified node, effectively invalidating any old boot medium. - Non-admins can only generate files for nodes at their sites. - In addition, two return mechanisms are supported. (*) The default behaviour is that the file's content is returned as a base64-encoded string. This is how the ancestor method used to work. @@ -89,15 +79,29 @@ class GetBootMedium(Method): - %s : a file suffix appropriate in the context (.txt, .iso or the like) - %v : the bootcd version string (e.g. 4.0) - %p : the PLC name + - %f : the nodefamily + - %a : arch With the file-based return mechanism, the method returns the full pathname - of the result file; it is the caller's responsability to remove - this file after use. - - Security: - When the user's role is not admin, the provided directory *must* be under - the %d area - - Housekeeping: + of the result file; + ** WARNING ** + It is the caller's responsability to remove this file after use. + + Options: an optional array of keywords. + options are not supported for generic images + Currently supported are + - 'partition' - for USB actions only + - 'cramfs' + - 'serial' or 'serial:' + console_spec (or 'default') is passed as-is to bootcd/build.sh + it is expected to be a colon separated string denoting + tty - baudrate - parity - bits + e.g. ttyS0:115200:n:8 + + Security: + - Non-admins can only generate files for nodes at their sites. + - Non-admins, when they provide a filename, *must* specify it in the %d area + + Housekeeping: Whenever needed, the method stores intermediate files in a private area, typically not located under the web server's accessible area, and are cleaned up by the method. @@ -112,15 +116,15 @@ class GetBootMedium(Method): Node.fields['hostname']), Parameter (str, "Action mode, expected in " + "|".join(boot_medium_actions)), Parameter (str, "Empty string for verbatim result, resulting file full path otherwise"), + Parameter ([str], "Options"), ] - returns = Parameter(str, "Node boot medium, either inlined, or filename, depending to the filename parameter") + returns = Parameter(str, "Node boot medium, either inlined, or filename, depending on the filename parameter") - BOOTCDDIR = "/usr/share/bootcd/" - BOOTCDBUILD = "/usr/share/bootcd/build.sh" - GENERICDIR = "/var/www/html/download/" - NODEDIR = "/var/tmp/bootmedium/results" - WORKDIR = "/var/tmp/bootmedium/work" + BOOTCDDIR = "/usr/share/bootcd-@NODEFAMILY@/" + BOOTCDBUILD = "/usr/share/bootcd-@NODEFAMILY@/build.sh" + GENERICDIR = "/var/www/html/download-@NODEFAMILY@/" + WORKDIR = "/var/tmp/bootmedium" DEBUG = False # uncomment this to preserve temporary area and bootcustom logs #DEBUG = True @@ -149,10 +153,10 @@ class GetBootMedium(Method): # Get node networks for this node primary = None - nodenetworks = NodeNetworks(self.api, node['nodenetwork_ids']) - for nodenetwork in nodenetworks: - if nodenetwork['is_primary']: - primary = nodenetwork + interfaces = Interfaces(self.api, node['interface_ids']) + for interface in interfaces: + if interface['is_primary']: + primary = interface break if primary is None: raise PLCInvalidArgument, "No primary network configured on %s"%node['hostname'] @@ -160,12 +164,7 @@ class GetBootMedium(Method): ( host, domain ) = self.split_hostname (node) if renew_key: - # Generate 32 random bytes - bytes = random.sample(xrange(0, 256), 32) - # Base64 encode their string representation - node['key'] = base64.b64encode("".join(map(chr, bytes))) - # XXX Boot Manager cannot handle = in the key - node['key'] = node['key'].replace("=", "") + node['key'] = compute_key() # Save it node.sync() @@ -193,8 +192,8 @@ class GetBootMedium(Method): file += 'HOST_NAME="%s"\n' % host file += 'DOMAIN_NAME="%s"\n' % domain - # define various nodenetwork settings attached to the primary nodenetwork - settings = NodeNetworkSettings (self.api, {'nodenetwork_id':nodenetwork['nodenetwork_id']}) + # define various interface settings attached to the primary interface + settings = InterfaceSettings (self.api, {'interface_id':interface['interface_id']}) categories = set() for setting in settings: @@ -202,53 +201,99 @@ class GetBootMedium(Method): categories.add(setting['category']) for category in categories: - category_settings = NodeNetworkSettings(self.api,{'nodenetwork_id':nodenetwork['nodenetwork_id'], + category_settings = InterfaceSettings(self.api,{'interface_id':interface['interface_id'], 'category':category}) if category_settings: file += '### Category : %s\n'%category for setting in category_settings: file += '%s_%s="%s"\n'%(category.upper(),setting['name'].upper(),setting['value']) - for nodenetwork in nodenetworks: - if nodenetwork['method'] == 'ipmi': - file += 'IPMI_ADDRESS="%s"\n' % nodenetwork['ip'] - if nodenetwork['mac']: - file += 'IPMI_MAC="%s"\n' % nodenetwork['mac'].lower() + for interface in interfaces: + if interface['method'] == 'ipmi': + file += 'IPMI_ADDRESS="%s"\n' % interface['ip'] + if interface['mac']: + file += 'IPMI_MAC="%s"\n' % interface['mac'].lower() break return file - def bootcd_version (self): + # see also InstallBootstrapFS in bootmanager that does similar things + def get_nodefamily (self, node): + # get defaults from the myplc build try: - f = open (self.BOOTCDDIR + "/build/version.txt") - version=f.readline().strip() - finally: - f.close() - return version + (pldistro,arch) = file("/etc/planetlab/nodefamily").read().strip().split("-") + except: + (pldistro,arch) = ("planetlab","i386") + + # with no valid argument, return system-wide defaults + if not node: + return (pldistro,arch) + + node_id=node['node_id'] + # cannot use accessors in the API itself + # the 'arch' tag type is assumed to exist, see db-config + arch_tags = NodeTags (self.api, {'tagname':'arch','node_id':node_id},['tagvalue']) + if arch_tags: + arch=arch_tags[0]['tagvalue'] + # ditto + pldistro_tags = NodeTags (self.api, {'tagname':'pldistro','node_id':node_id},['tagvalue']) + if pldistro_tags: + pldistro=pldistro_tags[0]['tagvalue'] + + return (pldistro,arch) - def cleandir (self,tempdir): - if not self.DEBUG: - os.system("rm -rf %s"%tempdir) + def bootcd_version (self): + try: + return file(self.BOOTCDDIR + "/build/version.txt").readline().strip() + except: + raise Exception,"Unknown boot cd version - probably wrong bootcd dir : %s"%self.BOOTCDDIR + + def cleantrash (self): + for file in self.trash: + if self.DEBUG: + print 'DEBUG -- preserving',file + else: + os.unlink(file) - def call(self, auth, node_id_or_hostname, action, filename): + def call(self, auth, node_id_or_hostname, action, filename, options = []): + self.trash=[] ### check action if action not in boot_medium_actions: raise PLCInvalidArgument, "Unknown action %s"%action - ### compute file suffix + ### compute file suffix and type if action.find("-iso") >= 0 : suffix=".iso" + type = "iso" elif action.find("-usb") >= 0: suffix=".usb" + type = "usb" else: suffix=".txt" + type = "txt" - ### compute a 8 bytes random number - tempbytes = random.sample (xrange(0,256), 8); - def hexa2 (c): - return chr((c>>4)+65) + chr ((c&16)+65) - temp = "".join(map(hexa2,tempbytes)) + # handle / caconicalize options + if type == "txt": + if options: + raise PLCInvalidArgument, "Options are not supported for node configs" + else: + # create a dict for build.sh + optdict={} + for option in options: + if option == "cramfs": + optdict['cramfs']=True + elif option == 'partition': + if type != "usb": + raise PLCInvalidArgument, "option 'partition' is for USB images only" + else: + type="usb_partition" + elif option == "serial": + optdict['serial']='default' + elif option.find("serial:") == 0: + optdict['serial']=option.replace("serial:","") + else: + raise PLCInvalidArgument, "unknown option %s"%option ### check node if needed if action.find("node-") == 0: @@ -257,25 +302,41 @@ class GetBootMedium(Method): raise PLCInvalidArgument, "No such node %r"%node_id_or_hostname node = nodes[0] nodename = node['hostname'] - + else: node = None - nodename = temp + # compute a 8 bytes random number + tempbytes = random.sample (xrange(0,256), 8); + def hexa2 (c): return chr((c>>4)+65) + chr ((c&16)+65) + nodename = "".join(map(hexa2,tempbytes)) + + # get nodefamily + (pldistro,arch) = self.get_nodefamily(node) + self.nodefamily="%s-%s"%(pldistro,arch) + # apply on globals + for attr in [ "BOOTCDDIR", "BOOTCDBUILD", "GENERICDIR" ]: + setattr(self,attr,getattr(self,attr).replace("@NODEFAMILY@",self.nodefamily)) ### handle filename - filename = filename.replace ("%d",self.NODEDIR) + # allow to set filename to None or any other empty value + if not filename: filename='' + filename = filename.replace ("%d",self.WORKDIR) filename = filename.replace ("%n",nodename) filename = filename.replace ("%s",suffix) filename = filename.replace ("%p",self.api.config.PLC_NAME) - # only if filename contains "%v", bootcd is maybe not avail ? - if filename.find("%v") >=0: - filename = filename.replace ("%v",self.bootcd_version()) + # let's be cautious + try: filename = filename.replace ("%f", self.nodefamily) + except: pass + try: filename = filename.replace ("%a", arch) + except: pass + try: filename = filename.replace ("%v",self.bootcd_version()) + except: pass ### Check filename location if filename != '': if 'admin' not in self.caller['roles']: - if ( filename.index(self.NODEDIR) != 0): - raise PLCInvalidArgument, "File %s not under %s"%(filename,self.NODEDIR) + if ( filename.index(self.WORKDIR) != 0): + raise PLCInvalidArgument, "File %s not under %s"%(filename,self.WORKDIR) ### output should not exist (concurrent runs ..) if os.path.exists(filename): @@ -283,15 +344,20 @@ class GetBootMedium(Method): ### we can now safely create the file, ### either we are admin or under a controlled location - if not os.path.exists(os.path.dirname(filename)): - try: - os.makedirs (os.path.dirname(filename),0777) - except: - raise PLCPermissionDenied, "Could not create dir %s"%os.path.dirname(filename) + filedir=os.path.dirname(filename) + # dirname does not return "." for a local filename like its shell counterpart + if filedir: + if not os.path.exists(filedir): + try: + os.makedirs (filedir,0777) + except: + raise PLCPermissionDenied, "Could not create dir %s"%filedir ### generic media if action == 'generic-iso' or action == 'generic-usb': + if options: + raise PLCInvalidArgument, "Options are not supported for generic images" # this raises an exception if bootcd is missing version = self.bootcd_version() generic_name = "%s-BootCD-%s%s"%(self.api.config.PLC_NAME, @@ -309,92 +375,89 @@ class GetBootMedium(Method): ### return the generic medium content as-is, just base64 encoded return base64.b64encode(file(generic_path).read()) - ### floppy preview - if action == 'node-preview': - floppy = self.floppy_contents (node,False) - if filename: - try: - file(filename,'w').write(floppy) - except: - raise PLCPermissionDenied, "Could not write into %s"%filename - return filename - else: - return floppy - - if action == 'node-floppy': - floppy = self.floppy_contents (node,True) - if filename: - try: - file(filename,'w').write(floppy) - except: - raise PLCPermissionDenied, "Could not write into %s"%filename - return filename - else: - return floppy + ### config file preview or regenerated + if action == 'node-preview' or action == 'node-floppy': + renew_key = (action == 'node-floppy') + floppy = self.floppy_contents (node,renew_key) + if filename: + try: + file(filename,'w').write(floppy) + except: + raise PLCPermissionDenied, "Could not write into %s"%filename + return filename + else: + return floppy ### we're left with node-iso and node-usb if action == 'node-iso' or action == 'node-usb': ### check we've got required material version = self.bootcd_version() - generic_name = "%s-BootCD-%s%s"%(self.api.config.PLC_NAME, - version, - suffix) - generic_path = "%s/%s" % (self.GENERICDIR,generic_name) - if not os.path.isfile(generic_path): - raise PLCAPIError, "Cannot locate generic medium %s"%generic_path if not os.path.isfile(self.BOOTCDBUILD): raise PLCAPIError, "Cannot locate bootcd/build.sh script %s"%self.BOOTCDBUILD - # need a temporary area - tempdir = "%s/%s"%(self.WORKDIR,nodename) - if not os.path.isdir(tempdir): + # create the workdir if needed + if not os.path.isdir(self.WORKDIR): try: - os.makedirs(tempdir,0777) + os.makedirs(self.WORKDIR,0777) + os.chmod(self.WORKDIR,0777) except: - raise PLCPermissionDenied, "Could not create dir %s"%tempdir + raise PLCPermissionDenied, "Could not create dir %s"%self.WORKDIR try: # generate floppy config - floppy = self.floppy_contents(node,True) + floppy_text = self.floppy_contents(node,True) # store it - node_floppy = "%s/%s"%(tempdir,nodename) + floppy_file = "%s/%s.txt"%(self.WORKDIR,nodename) try: - file(node_floppy,"w").write(floppy) + file(floppy_file,"w").write(floppy_text) except: - raise PLCPermissionDenied, "Could not write into %s"%node_floppy + raise PLCPermissionDenied, "Could not write into %s"%floppy_file + + self.trash.append(floppy_file) + + node_image = "%s/%s%s"%(self.WORKDIR,nodename,suffix) - node_image = "%s/%s"%(tempdir,nodename) + # make build's arguments + serial_arg="" + if "cramfs" in optdict: type += "_cramfs" + if "serial" in optdict: serial_arg = "-s %s"%optdict['serial'] + log_file="%s.log"%node_image # invoke build.sh - build_command = '%s -f "%s" -O "%s" -t "%s" &> %s.log' % (self.BOOTCDBUILD, - node_floppy, - node_image, - suffix[1:], - node_image) + build_command = '%s -f "%s" -o "%s" -t "%s" %s &> %s' % (self.BOOTCDBUILD, + floppy_file, + node_image, + type, + serial_arg, + log_file) if self.DEBUG: print 'build command:',build_command ret=os.system(build_command) if ret != 0: - raise PLCPermissionDenied,"build.sh failed to create node-specific medium" + raise PLCAPIError,"bootcd/build.sh failed\n%s\n%s"%( + build_command,file(log_file).read()) - node_image += suffix + self.trash.append(log_file) if not os.path.isfile (node_image): raise PLCAPIError,"Unexpected location of build.sh output - %s"%node_image - # cache result + # handle result if filename: ret=os.system("mv %s %s"%(node_image,filename)) if ret != 0: + self.trash.append(node_image) + self.cleantrash() raise PLCAPIError, "Could not move node image %s into %s"%(node_image,filename) - self.cleandir(tempdir) + self.cleantrash() return filename else: result = file(node_image).read() - self.cleandir(tempdir) + self.trash.append(node_image) + self.cleantrash() return base64.b64encode(result) except: - self.cleandir(tempdir) + self.cleantrash() raise # we're done here, or we missed something