a c8he}@sddlZddlZddlZddlZddlZddlmZddlmZddlmZddlm Z ddlm Z ddlm Z ddlm Z dd lm Z dd lmZdd lmZdd lmZmZdd lmZz4ddlZddlZddlmZmZmZmZmZmZWnHe y8ddl!m"Zddl#m$Ze%Ze&Ze'Ze(Ze)Ze)Ze*Z+Yn0zddl,m-Z-Wne ybdZ-Yn0ddl.Z.e.j/dddZ0e1e0dse0j.e0_2e0j2Z3dZ4de4Z5de4Z6dZ7dZ8dddddZ9dde9:DZ;dd lme ?Z@d!d"ZAd#d$ZBd%d&ZCd'd(ZDd)d*ZEd+d,ZFd-d.ZGd/d0ZHd1d2ZIe(eJd3d4d5ZKeJd6d7d8ZLdd:d;ZMdd?ZOd@dAZPdBdCZQdDdEZRdFdGZSdHdIZTdJdKZUGdLdMdMZVdeJdNdOdPZWdQdRZXdSdTZYdUdVZZdWdXZ[e(dYdZd[Z\dd\d]Z]d^d_Z^d`daZ_dbdcZ`dddddifdddeZadfdgZbdhdiZcdjdkZddldmZedndoZfdpdqZgddrdsZhGdtduduZidvdwZjdxdyZkddzd{Zld|d}Zmed~krddZnn ddlomnZndS)N) up2dateUtils) up2dateErrors) up2dateAuth) rhnserver)pkgUtils) up2dateLog)rhnreg_constants)hardware)convertPackagesFromHashToList) getPlatform)ustrsstr) raise_with_tb)ListType TupleType StringType UnicodeTypeDictTypeDictionaryType)supportzrhn-client-toolsT)fallbackugettextz/etc/sysconfig/rhnz%s/rhn_register_remindz%s/hw-activation-codez/etc/pki/consumer/cert.pemz/etc/sysconfig/rhn/jwt.tokenZ shared_prosharedsoloadmin)zCloudLinux OS Shared ProzCloudLinux OS SharedzCloudLinux OS SolozCloudLinux OS AdmincCsi|]\}}||qSr).0kvrr9/usr/lib/python3.9/site-packages/up2date_client/rhnreg.py Gsr )configcCs"tdtjtjBrd}d}t|tjtjBsNtdtjtjBrNd}d}td|tjrt|tjtjBrtd|td|n ttd n~td tjtjBrtd n ttd d }t|tjtjBstdtjtjBrd}td|}|rtd|dS)Nz/usr/sbin/rhnsdz/usr/lib/systemd/systemz/usr/bin/systemctlz/bin/systemctlz/lib/systemd/systemz%s/rhnsd.servicez%s enable rhnsd > /dev/nullz%s start rhnsd > /dev/nullz,Warning: unable to enable rhnsd with systemdz/sbin/chkconfigz$/sbin/chkconfig rhnsd on > /dev/nullz.Warning: unable to enable rhnsd with chkconfigz /sbin/servicez/usr/sbin/servicez%s rhnsd status > /dev/nullz%s rhnsd start > /dev/null)osaccessR_OKX_OKsystemprint_)Zsystemd_system_unitdirZsystemd_systemctlZ service_pathrcrrr startRhnsdOs,  r*c Cstdp d}t|tjsiSt|d}|}i}|D]V}|}|dkrNq8z|d\}}Wn tyt t |Yn0|||<q8|S)NZ oemInfoFilez/etc/sysconfig/rhn/oeminfor:) cfgr"r#r$open readlinesstripsplit ValueErrorrrZOemInfoFileError)Z configFilefdLinfoikeyvaluerrr getOemInfops    r:cCs*tttjr"tt}|jdkSdSdS)z@ Returns true if system is registred using subscription manager rFN)r"r# RHSM_FILEr$statst_size)Zstatinforrrrhsm_registereds  r>cCsttdtjSNZ systemIdPath)r"r#r.r$rrrr registeredsr@cCs$tttjs ttd}|dS)Nzw+)r"r# REMIND_FILEr$r/close)r4rrrcreateSystemRegisterRemindFiles rCcCstttjrttdSN)r"r#rAr$unlinkrrrrremoveSystemRegisterRemindFilesrFcCstj|}t|tjsdSt|tjrPzt||dWnYdS0t|tjtj Bt dd}t |d}z| t |W|n |0dS)z; Write a file to disk that is not readable by other users. Fz.saveZ0600wT)r"pathdirnamer#W_OKF_OKrenamer/O_WRONLYO_CREATintfdopenwriter rB)Z secure_fileZ file_contentsZdir_namer4Zfd_filerrr_write_secure_files  rScCs"ttd|}|rtt|Sr?)rSr.rFupdateRhsmStatus)systemIdresrrr writeSystemIds rWc Csxd}t}|durdSz6t|}|}||dj}t|dd}Wn$ttj fyrt dYdS0|S)Nz'//member[name='system_id']/value/stringrz@systemID file doesn't have system_id field or the file is broken) r getSystemIdlibxml2ZparseDocZxpathNewContextZ xpathEvalZcontentrP IndexErrorZ parserErrorloglog_me)Z xpath_strrUresultcontext system_idrrrextract_system_ids  ra)tokenallowTransitioncCsnddl}ddl}|jds dSdd|g}|r8|d||}|\}}|jdkrjt d||fdS)H Execute binary file which we use as hook for jwt token updates rN /opt/cloudlinux/venv/bin/python3z/usr/sbin/cl-pre-jwt-updatez --new-token--allow-transitionz7Pre jwt update hook failed with stdout=%s and stderr=%s subprocessr"rIexistsappendPopen communicate returncoder\r])rbrcrhr"cmdpstdoutstderrrrr_execute_pre_jwt_update_hooks      rr)rccCsjddl}ddl}|jds dSdg}|r4|d||}|\}}|jdkrft d||fdS)rdrNrez/usr/sbin/cl-post-jwt-updaterfz8Post jwt update hook failed with stdout=%s and stderr=%srg)rcrhr"rnrorprqrrr_execute_post_jwt_update_hooks     rsFc Cst}z|j|}WnFtjy.YdStjtjtjtj fy^t j t YdS0t||tt|t|dS)z Get a JWT token from CLN and save it to the file :param systemId: content of file `/etc/sysconfig/rhn/systemid` :return: None N)rZ RhnServerZup2dateZ getJWTTokenrUnknownMethodExceptionZAuthenticationTicketErrorZRhnUuidUniquenessErrorCommunicationErrorZ$AuthenticationOrAccountCreationErrorr\ log_exceptionsysexc_inforrrS JWT_TOKENrs)rUrcZ xmlrpm_serverr^rrrgetAndWriteJWTTokenToFiles   rzcCstt|dS)z=Returns True if the write is successful or False if it fails. )rS HW_CODE_FILE)hw_activation_coderrr writeHWCodesr~cCspz$tjdr"t\}}||fWSWnty6Yn0t\}}|durR||fSt\}}|durl||fSdS)a This function returns the UUID and virtualization type of this system, if it is a guest. Otherwise, it returns None. To figure this out, we'll use a number of heuristics (list in order of precedence): 1. Check /proc/xen/xsd_port. If exists, we know the system is a host; exit. 2. Check SMBIOS. If vendor='Xen' and UUID is non-zero, we know the system is a fully-virt guest; exit. 3. Check /sys/hypervisor/uuid. If exists and is non-zero, we know the system is a para-virt guest; exit. 4. If non of the above checks worked; we know we have a non-xen-enabled system; exit. z/proc/xen/xsd_portNNN)r"rIriget_fully_virt_infoIOErrorget_para_virt_info)uuid virt_typerrr get_virt_infos     rcCsVz>tdd}|}||ddd}d}||fWStyPYn0dS)z This function checks /sys/hypervisor/uuid to see if the system is a para-virt guest. It returns a (uuid, virt_type) tuple. z/sys/hypervisor/uuidr+-r,z Zparar)r/readrBlowerreplacerstripr)Z uuid_filerrrrrrCs   rcCs@t}t}|dkr8|dd}d}||fSdSdS)z This function looks in the SMBIOS area to determine if this is a fully-virt guest. It returns a (uuid, virt_type) tuple. Zxenrr,ZfullyrN)r Z dmi_vendorZdmi_system_uuidrr)ZvendorrrrrrrUs rcCstd|}t|tdkS)Nz0x%sr)evallong)rrrr _is_host_uuidcs rcCst}|jSrD)rRegistrationRhnServer registrationZwelcome_messagesrrr welcomeTextgsrcCst}|jdSrD)rrZ capabilitiesZvalidaterrrrgetCapsmsrcCst}|j||SrD)rrrZ reserve_user)usernamepasswordrrrr reserveUserrsrc@sfeZdZdddZddZddZdd Zd d Zd d ZddZ ddZ ddZ ddZ ddZ dS)RegistrationResultNcCsB||_||_||_||_||_t|dkr2||_nd|_||_dS)Nr) _systemId _channels_failedChannels _systemSlots_failedSystemSlotslen_universalActivationKeyrawDict)selfrUchannelsZfailedChannels systemSlotsZfailedSystemSlotsZuniversalActivationKeyrrrr__init__xs zRegistrationResult.__init__cCs|jSrD)rrrrrrYszRegistrationResult.getSystemIdcCs|jSrDrrrrr getChannelsszRegistrationResult.getChannelscCs|jSrD)rrrrrgetFailedChannelssz$RegistrationResult.getFailedChannelscCs|jSrDrrrrrgetSystemSlotssz!RegistrationResult.getSystemSlotscsfddjDS)Ncsg|]}|qSr)_getSlotDescriptionrrrrr z@RegistrationResult.getSystemSlotDescriptions..rrrrrgetSystemSlotDescriptionssz,RegistrationResult.getSystemSlotDescriptionscsfddjDS)Ncsg|]}|qSr)_getFailedSlotDescriptionrrrrrrzFRegistrationResult.getFailedSystemSlotDescriptions..)rrrrrgetFailedSystemSlotDescriptionssz2RegistrationResult.getFailedSystemSlotDescriptionscCs|jS)z5Returns None if no universal activation key was used.)rrrrrgetUniversalActivationKeysz,RegistrationResult.getUniversalActivationKeycCst|jdkot|jdkS)zReturns True if the system was subscribed to at least one channel and was given any type of system slot so it will get updates. In other words, returns True if the system will be getting at least basic updates. r)rrrrrrrhasBaseAndUpdatess z$RegistrationResult.hasBaseAndUpdatescCs&|dkrtjdtjS||SdS)Nvirtualization_host )rVIRTZ VIRT_FAILEDrrZslotrrrrsz,RegistrationResult._getFailedSlotDescriptioncCs$|dkrtjS|dkrtjS|SdS)NZenterprise_entitledr)rZ MANAGEMENTrrrrrrs z&RegistrationResult._getSlotDescription)N)__name__ __module__ __qualname__rrYrrrrrrrrrrrrrrws  r)human_readablecCsld}tj|sdSt|<}|d}|rB|WdSt|WdS1s^0YdS)Nz/opt/cloudlinux/cl_editionrr{)r"rIrir/rr1_human_readable_to_product)rZedition_cache_filefZ raw_editionrrrgetServerEditions  rcCslddlm}m}tjds"td}||d||d}dd|D\}}|rVtt|d d  d S) NrrkPIPEz/opt/cloudlinux/venv/binzZ/opt/cloudlinux/venv/bin/python3 -c "from clcommon.cpapi import cpusers; print(cpusers())"T)shellrprqcSsg|]}|qSr)decoder1)rr^rrrrrz.get_users_count_from_cllib..z, ) rhrkrr"rIrir3rlrr2)rkrrnZprocessoutputerrorsrrrget_users_count_from_cllibs rcCsddlm}|}t|S)Nr)ClPwd)Zup2date_client.clpwdrrZ get_uid_dict)rpwdrrrget_users_count_generics rcCs(z t}Wnty"t}Yn0|SrD)r Exceptionr)Z users_countrrrcountServerUserss    rc CsVz t|}WnRtjyJ}z$td|jtdWYd}~nd}~0tjy^YdS0t}|d}||krzdS|rtdj t |t |dtdtd|sRtj stdtdt |dt |d }d dd }| |} | durJt} | | kr6td ||d | dtdn|d||d}t|dS)Nz%sreditionzWARNING: Automatic registration in yum transactions is only available when edition matches the provided license. Your current edition is {current_edition} and your license is {new_edition}.)Zcurrent_editionZ new_editionz0Run clnreg_ks manually to complete registration.aError: interactive input required for edition migration, but tool is running in non-interactive mode. Please try running the tool again in interactive shell or add `--migrate-silently` flag to accept allquestions and perform the edition migration silently.za edition installed on your server does not match license you are trying to register server with: zh. Migration is required. You may lose access to the services which are not supported by the new edition.)rrz@The license you are trying to register with allows a maximum of z% hosting accounts which is less than z) users detected on this server. Aborting.zG Also, the license you are trying to register with allows a maximum of zM hosting accounts. Make sure that your system complies with this requirement.)checkKeyrrur'errmsgrwexitrtrformat_product_to_human_readablestdinisattygetr_askConfirmation) activationKeyZ strictEditionZsilentMigrationZlicenseInformationeZcurrentEditionZlicenseEditionmessageZedition_to_users_limitZlicense_users_limitZusers_on_serverrrrcheckLicenseKeysX         r)confirmationMessagecCs2t|td}|dkr.tdtddS)zS Prints message and makes sure that client is ready for edition migration. z Do you want to continue? [N/y]: yzAborted.rN)r'inputrrwr)rZresponserrrrs  rc Cs|dur|dusJd|tttd}t}|durJ||d<|rh|D]\}} | ||<qV|rv||d<n||d<||d<|dur||d<n(tj d rd ntj d rd nd |d<t drt t |d<t} | j|} | S)ziWrapper for the old xmlrpc to register a system. Activates subscriptions if a reg num is given. Nz)username and password usage is deprecated)Z profile_nameZ os_releaseZ release_nameZ architecturer`rbrrrz/etc/cloudlinux-edition-solorz/etc/cloudlinux-edition-adminrrsupportsSMBIOSsmbios)r getVersion getOSReleasegetArchrrYitemsr"rIrir._encode_charactersr get_smbiosrrrZ new_system) rr profileNamerbotherrZ auth_dictZ system_id_xmlr8itemrretrrrregisterSystem)s:     rcCst}|j|}|S)zG Check the activation key and return it's edition and customer )rrrZ license_check)rrrrrrrXs rcCsjz,t}|j|dddd}tj|dd}WntjyBYdS0z |WntjydYn0dS)Nzcom.redhat.SubscriptionManagerz/EntitlementStatusF)Z introspectz0com.redhat.SubscriptionManager.EntitlementStatus)Zdbus_interface)dbusZ SystemBusZProxyObjectClassZ InterfaceZ DBusExceptionZ check_status)ZbusZ validity_objZvalidity_ifacerrrrTcs  rTcCst}t}t}t}d}z|j|||||}Wn>tj yzt d}|j dkrtt t|jnYn0|S)Nrc)rrrrrZ getReleaserZavailable_eus_channels xmlrpclibZFaultrwrxZ faultCoderrZ DelayErrorZ faultString)rrrZ server_archZserver_versionZserver_releaseZavailableChannelsrrrrgetAvailableChannelsxs"  rc Cs |dur i}|r6|dusJ|dus(J|dusZJn$|dusBJ|dusNJ|dusZJ|D]}|dvsbJqbtdrtt|d<t}|r|j|t t t ||}n$|j |t t t |||}td|t|d|d|d|d |d |d |d } | S) aUses the new xmlrpcs to register a system. Returns a dict instead of just system id. The main differences between this and registerSystem and that this doesn't do activation and does child channel subscriptions if possible. See the documentation for the xmlrpc handlers in backend for more detail. If nothing is going to be in other, it can be {} or None. New in RHEL 5. N)registration_numberorg_idZ virt_uuidrZchannelrrz Returned: %sr`rZfailed_channelsZ system_slotsZfailed_system_slotsZuniversal_activation_key)r)keysr.rr rrrrZnew_system_activation_keyrrrrZnew_system_user_passr\ log_debugr) rrrZpackagesrrr8rr6r^rrrregisterSystem2sL        rcCstdS)NZ supportsEUS)r.rrrrserver_supports_eussrcCsdSrDr)rUZ hardwareListrrr sendHardwaresrcCsdSrDr)rUZ packageListrrr sendPackagessrcCstdurtdSrD)rZrefresh)rUrrr sendVirtInfosrcCst}t|jj|dSrD)rrr'rZ list_packages)rUrrrr listPackagessrcCst|\}}}}}}|dus&|dkrDd|}t|\}}}}}}|dvrVtd|dusn|dksn|dkrrd}t||||||f}|S)zzRaises up2dateErrors.InvalidProtocolError if the server url has a protocol specified and it's not http or https. Nr,zhttps://)httpshttpzCYou specified an invalid protocol. Only https and http are allowed./z/XMLRPC)urlparserZInvalidProtocolError urlunparse)serverZprotocolhostrI parametersqueryZfragmentIdentifierrrrmakeNiceServerUrls rcCsdS)zdReturns 'hosted' if the url points to a known hosted server. Otherwise returns 'satellite'. Z satelliter)Z serverUrlrrr getServerTypesrc@sBeZdZdZdZiifddZddZddZd d Zd d Z d S)ActivationResultrrcCs||_||_||_||_dS)zschannels and systemSlots are dicts where the key/value pairs are label (string) / quantity (int). N)_status_regNumrr)rstatusZregistrationNumberrrrrrrszActivationResult.__init__cCs|jSrD)rrrrr getStatus$szActivationResult.getStatuscCs|jSrD)rrrrrgetRegistrationNumber'sz&ActivationResult.getRegistrationNumbercCs|jSz7Returns a dict- the key/value pairs are label/quantity.rrrrrgetChannelsActivated*sz%ActivationResult.getChannelsActivatedcCs|jSr rrrrrgetSystemSlotsActivated.sz(ActivationResult.getSystemSlotsActivatedN) rrr ACTIVATED_NOW ALREADY_USEDrrr r r rrrrrs rcGsg}|D]}t|}|tkr&t|}nZ|tkrBtdd|D}n>|tkrZdd|D}n&|tksj|tkrtdd| D}| |qt |dkr|dSt|SdS) u All the data we gathered from dmi, bios, gudev are in utf-8, we need to convert characters beyond ord(127) - e.g ® to unicode. css|]}t|VqdSrDrrr7rrr <rz%_encode_characters..cSsg|] }t|qSrrrrrrr>rz&_encode_characters..cSsg|]\}}t||qSrr)rnamevalrrrr@rrrN) typerr rtuplerrrdictrrjr)argsr^rZ item_typerrrr2s   rcCsd}d}d}zt}t|}Wn$tdtjtYn0|durz.t|||}| t j krz| }t |Wn:tjytdYntjytdYn0|S)NzMThere was an error while reading the hardware info from the bios. Traceback: zrz$spawnRhnCheckForUI..z Warning: unable to run rhn_check) r"r#r$r%rhrkrmaprpr0rqr\r])rkrrorrrspawnRhnCheckForUIs rZdebcCsdS)z.On Debian no extra action for plugin is needed)rrrrrrr pluginEnablesr)r)F)F)NNNNNN)N)N)pr"rwrbase64rZZup2date_clientrrrrrrrr Zup2date_client.rhnPackageInfor Zup2date_client.pkgplatformr Zrhn.i18nr r Zrhn.tbrrrtypesrrrrrr ImportError urllib.parseparseZ xmlrpc.clientZclientlistrbytesstrrrPrZvirtualizationrgettext translationthasattrrr(Z SYSID_DIRrAr|r;ryrrrr!ZinitUp2dateConfigr.ZinitLogr\r*r:r>r@rCrFrSrWraboolrrrsrzr~rrrrrrrrrrrrrrrrrTrrrrrrrrrrrrrrrZup2date_client.pmPluginrrrr s           $      !  ,? >  /  =   "