import pwd
import sha
import string
-import urllib
+import threading
+import config
+import curlwrapper
import logger
import tools
-BOOT_SERVER = "plc-a.demo.vmware"
-
-
-def checksum(path):
- try:
- f = open(path)
- try: return sha.new(f.read()).digest()
- finally: f.close()
- except IOError: return None
-
-def system(cmd):
- if cmd:
- logger.log('cf: running command %s' % cmd)
- return os.system(cmd)
- else: return 0
-
-def conf_file(cf_rec):
- if not cf_rec['enabled']: return
- dest = cf_rec['dest']
- logger.log('cf: considering file %s' % dest)
- err_cmd = cf_rec['error_cmd']
- mode = string.atoi(cf_rec['file_permissions'], base=8)
- uid = pwd.getpwnam(cf_rec['file_owner'])[2]
- gid = grp.getgrnam(cf_rec['file_group'])[2]
- src, msg = urllib.urlretrieve('https://%s%s' % (BOOT_SERVER, cf_rec['source']))
- if not cf_rec['always_update'] and checksum(src) == checksum(dest):
- logger.log('cf: skipping file %s, always_update is false and checksums are identical' % dest)
- return
- if system(cf_rec['preinstall_cmd']):
- system(err_cmd)
- if not cf_rec['ignore_cmd_errors']: return
- logger.log('cf: installing file %s' % dest)
- os.chmod(src, mode)
- os.chown(src, uid, gid)
- os.rename(src, dest)
- if system(cf_rec['postinstall_cmd']): system(err_cmd)
-
-def GetSlivers_callback(data):
- def run():
- for d in data:
- for f in d['conf_files']:
- try: conf_file(f)
- except: logger.log_exc()
- tools.as_daemon_thread(run)
-
-def start(options): pass
+class conf_files:
+ def __init__(self):
+ self.cond = threading.Condition()
+ self.config = config.Config()
+ self.data = None
+
+ def checksum(self, path):
+ try:
+ f = open(path)
+ try: return sha.new(f.read()).digest()
+ finally: f.close()
+ except IOError: return None
+
+ def system(self, cmd):
+ if cmd:
+ logger.log('conf_files: running command %s' % cmd)
+ return os.system(cmd)
+ else: return 0
+
+ def update_conf_file(self, cf_rec):
+ if not cf_rec['enabled']: return
+ dest = cf_rec['dest']
+ logger.log('conf_files: considering file %s' % dest)
+ err_cmd = cf_rec['error_cmd']
+ mode = string.atoi(cf_rec['file_permissions'], base=8)
+ uid = pwd.getpwnam(cf_rec['file_owner'])[2]
+ gid = grp.getgrnam(cf_rec['file_group'])[2]
+ url = 'https://%s/%s' % (self.config.PLC_BOOT_HOST, cf_rec['source'])
+ contents = curlwrapper.retrieve(url)
+ logger.log('conf_files: retrieving url %s' % url)
+ if not cf_rec['always_update'] and sha.new(contents).digest() == self.checksum(dest):
+ logger.log('conf_files: skipping file %s, always_update is false and checksums are identical' % dest)
+ return
+ if self.system(cf_rec['preinstall_cmd']):
+ self.system(err_cmd)
+ if not cf_rec['ignore_cmd_errors']: return
+ logger.log('conf_files: installing file %s' % dest)
+ tools.write_file(dest, lambda f: f.write(contents), mode=mode, uidgid=(uid,gid))
+ if self.system(cf_rec['postinstall_cmd']): system(err_cmd)
+
+ def run(self):
+ while True:
+ self.cond.acquire()
+ while self.data == None: self.cond.wait()
+ data = self.data
+ self.data = None
+ self.cond.release()
+ for d in data:
+ for f in d['conf_files']:
+ try: self.update_conf_file(f)
+ except: logger.log_exc()
+
+ def callback(self, data):
+ if data != None:
+ self.cond.acquire()
+ self.data = data
+ self.cond.notify()
+ self.cond.release()
+
+main = conf_files()
+
+def GetSlivers_callback(data): main.callback(data)
+
+def start(options): tools.as_daemon_thread(main.run)
--- /dev/null
+from subprocess import PIPE, Popen
+
+
+class CurlException(Exception): pass
+
+def retrieve(url, postdata=None):
+ options = ('/usr/bin/curl', '--cacert', '/usr/boot/cacert.pem')
+ if postdata: options += ('--data', '@-')
+ p = Popen(options + (url,), stdin=PIPE, stdout=PIPE, stderr=PIPE)
+ if postdata: p.stdin.write(postdata)
+ p.stdin.close()
+ data = p.stdout.read()
+ err = p.stderr.read()
+ rc = p.wait()
+ if rc != 0: raise CurlException(err)
+ else: return data
"""Leverage curl to make XMLRPC requests that check the server's credentials."""
-from subprocess import PIPE, Popen
+import curlwrapper
import xmlrpclib
class CertificateCheckingSafeTransport(xmlrpclib.Transport):
def request(self, host, handler, request_body, verbose=0):
self.verbose = verbose
- p = Popen((CURL, '--cacert', '/usr/boot/cacert.pem', '--data', '@-', 'https://%s%s' % (host, handler)), stdin=PIPE, stdout=PIPE, stderr=PIPE)
- p.stdin.write(request_body)
- p.stdin.close()
- contents = p.stdout.read()
- p.stdout.close()
- error = p.stderr.read()
- p.stderr.close()
- rc = p.wait()
- if rc != 0: raise xmlrpclib.ProtocolError(host + handler, rc, error, '')
- return xmlrpclib.loads(contents)[0]
+ try:
+ contents = curlwrapper.retrieve('https://%s%s' % (host, handler), request_body)
+ return xmlrpclib.loads(contents)[0]
+ except curlwrapper.CurlException, e: raise xmlrpclib.ProtocolError(host + handler, -1, str(e), '')
class ServerProxy(xmlrpclib.ServerProxy):
def __init__(self, handler, *args, **kw_args): xmlrpclib.ServerProxy.__init__(self, handler, CertificateCheckingSafeTransport())
def sign(data):
"""Return <data> signed with the default GPG key."""
msg = dumps((data,))
- p = _popen_gpg('--armor', '--sign')
+ p = _popen_gpg('--armor', '--sign', '--keyring', '/etc/planetlab/secring.gpg', '--no-default-keyring')
p.stdin.write(msg)
p.stdin.close()
signed_msg = p.stdout.read()
write_file(PID_FILE, lambda f: f.write(str(os.getpid())))
return other_pid
-def write_file(filename, do_write):
+def write_file(filename, do_write, **kw_args):
"""Write file <filename> atomically by opening a temporary file, using <do_write> to write that file, and then renaming the temporary file."""
- os.rename(write_temp_file(do_write), filename)
+ os.rename(write_temp_file(do_write, **kw_args), filename)
-def write_temp_file(do_write):
+def write_temp_file(do_write, mode=None, uidgid=None):
fd, temporary_filename = tempfile.mkstemp()
+ if mode: os.chmod(temporary_filename, mode)
+ if uidgid: os.chown(temporary_filename, *uidgid)
f = os.fdopen(fd, 'w')
try: do_write(f)
finally: f.close()