384 lines
13 KiB
Python
384 lines
13 KiB
Python
# vi: ts=4 expandtab
|
|
#
|
|
# Copyright (C) 2014 Harm Weites
|
|
#
|
|
# Author: Harm Weites <harm@weites.com>
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License version 3, as
|
|
# published by the Free Software Foundation.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
from StringIO import StringIO
|
|
|
|
import re
|
|
|
|
from cloudinit import distros
|
|
from cloudinit import helpers
|
|
from cloudinit import log as logging
|
|
from cloudinit import ssh_util
|
|
from cloudinit import util
|
|
|
|
from cloudinit.distros import net_util
|
|
from cloudinit.distros.parsers.resolv_conf import ResolvConf
|
|
|
|
LOG = logging.getLogger(__name__)
|
|
|
|
|
|
class Distro(distros.Distro):
|
|
rc_conf_fn = "/etc/rc.conf"
|
|
login_conf_fn = '/etc/login.conf'
|
|
login_conf_fn_bak = '/etc/login.conf.orig'
|
|
resolv_conf_fn = '/etc/resolv.conf'
|
|
ci_sudoers_fn = '/usr/local/etc/sudoers.d/90-cloud-init-users'
|
|
|
|
def __init__(self, name, cfg, paths):
|
|
distros.Distro.__init__(self, name, cfg, paths)
|
|
# This will be used to restrict certain
|
|
# calls from repeatly happening (when they
|
|
# should only happen say once per instance...)
|
|
self._runner = helpers.Runners(paths)
|
|
self.osfamily = 'freebsd'
|
|
|
|
# Updates a key in /etc/rc.conf.
|
|
def updatercconf(self, key, value):
|
|
LOG.debug("Checking %s for: %s = %s", self.rc_conf_fn, key, value)
|
|
conf = self.loadrcconf()
|
|
config_changed = False
|
|
if key not in conf:
|
|
LOG.debug("Adding key in %s: %s = %s", self.rc_conf_fn, key,
|
|
value)
|
|
conf[key] = value
|
|
config_changed = True
|
|
else:
|
|
for item in conf.keys():
|
|
if item == key and conf[item] != value:
|
|
conf[item] = value
|
|
LOG.debug("Changing key in %s: %s = %s", self.rc_conf_fn,
|
|
key, value)
|
|
config_changed = True
|
|
|
|
if config_changed:
|
|
LOG.info("Writing %s", self.rc_conf_fn)
|
|
buf = StringIO()
|
|
for keyval in conf.items():
|
|
buf.write('%s="%s"\n' % keyval)
|
|
util.write_file(self.rc_conf_fn, buf.getvalue())
|
|
|
|
# Load the contents of /etc/rc.conf and store all keys in a dict. Make sure
|
|
# quotes are ignored:
|
|
# hostname="bla"
|
|
def loadrcconf(self):
|
|
RE_MATCH = re.compile(r'^(\w+)\s*=\s*(.*)\s*')
|
|
conf = {}
|
|
lines = util.load_file(self.rc_conf_fn).splitlines()
|
|
for line in lines:
|
|
m = RE_MATCH.match(line)
|
|
if not m:
|
|
LOG.debug("Skipping line from /etc/rc.conf: %s", line)
|
|
continue
|
|
key = m.group(1).rstrip()
|
|
val = m.group(2).rstrip()
|
|
# Kill them quotes (not completely correct, aka won't handle
|
|
# quoted values, but should be ok ...)
|
|
if val[0] in ('"', "'"):
|
|
val = val[1:]
|
|
if val[-1] in ('"', "'"):
|
|
val = val[0:-1]
|
|
if len(val) == 0:
|
|
LOG.debug("Skipping empty value from /etc/rc.conf: %s", line)
|
|
continue
|
|
conf[key] = val
|
|
return conf
|
|
|
|
def readrcconf(self, key):
|
|
conf = self.loadrcconf()
|
|
try:
|
|
val = conf[key]
|
|
except KeyError:
|
|
val = None
|
|
return val
|
|
|
|
# NOVA will inject something like eth0, rewrite that to use the FreeBSD
|
|
# adapter. Since this adapter is based on the used driver, we need to
|
|
# figure out which interfaces are available. On KVM platforms this is
|
|
# vtnet0, where Xen would use xn0.
|
|
def getnetifname(self, dev):
|
|
LOG.debug("Translating network interface %s", dev)
|
|
if dev.startswith('lo'):
|
|
return dev
|
|
|
|
n = re.search('\d+$', dev)
|
|
index = n.group(0)
|
|
|
|
(out, err) = util.subp(['ifconfig', '-a'])
|
|
ifconfigoutput = [x for x in (out.strip()).splitlines() if len(x.split()) > 0]
|
|
for line in ifconfigoutput:
|
|
m = re.match('^\w+', line)
|
|
if m:
|
|
if m.group(0).startswith('lo'):
|
|
continue
|
|
# Just settle with the first non-lo adapter we find, since it's
|
|
# rather unlikely there will be multiple nicdrivers involved.
|
|
bsddev = m.group(0)
|
|
break
|
|
|
|
# Replace the index with the one we're after.
|
|
bsddev = re.sub('\d+$', index, bsddev)
|
|
LOG.debug("Using network interface %s", bsddev)
|
|
return bsddev
|
|
|
|
def _read_system_hostname(self):
|
|
sys_hostname = self._read_hostname(filename=None)
|
|
return ('rc.conf', sys_hostname)
|
|
|
|
def _read_hostname(self, filename, default=None):
|
|
hostname = None
|
|
try:
|
|
hostname = self.readrcconf('hostname')
|
|
except IOError:
|
|
pass
|
|
if not hostname:
|
|
return default
|
|
return hostname
|
|
|
|
def _select_hostname(self, hostname, fqdn):
|
|
if not hostname:
|
|
return fqdn
|
|
return hostname
|
|
|
|
def _write_hostname(self, hostname, filename):
|
|
self.updatercconf('hostname', hostname)
|
|
|
|
def create_group(self, name, members):
|
|
group_add_cmd = ['pw', '-n', name]
|
|
if util.is_group(name):
|
|
LOG.warn("Skipping creation of existing group '%s'", name)
|
|
else:
|
|
try:
|
|
util.subp(group_add_cmd)
|
|
LOG.info("Created new group %s", name)
|
|
except Exception as e:
|
|
util.logexc(LOG, "Failed to create group %s", name)
|
|
raise e
|
|
|
|
if len(members) > 0:
|
|
for member in members:
|
|
if not util.is_user(member):
|
|
LOG.warn("Unable to add group member '%s' to group '%s'"
|
|
"; user does not exist.", member, name)
|
|
continue
|
|
try:
|
|
util.subp(['pw', 'usermod', '-n', name, '-G', member])
|
|
LOG.info("Added user '%s' to group '%s'", member, name)
|
|
except Exception:
|
|
util.logexc(LOG, "Failed to add user '%s' to group '%s'",
|
|
member, name)
|
|
|
|
def add_user(self, name, **kwargs):
|
|
if util.is_user(name):
|
|
LOG.info("User %s already exists, skipping.", name)
|
|
return False
|
|
|
|
adduser_cmd = ['pw', 'useradd', '-n', name]
|
|
log_adduser_cmd = ['pw', 'useradd', '-n', name]
|
|
|
|
adduser_opts = {
|
|
"homedir": '-d',
|
|
"gecos": '-c',
|
|
"primary_group": '-g',
|
|
"groups": '-G',
|
|
"passwd": '-h',
|
|
"shell": '-s',
|
|
"inactive": '-E',
|
|
}
|
|
adduser_flags = {
|
|
"no_user_group": '--no-user-group',
|
|
"system": '--system',
|
|
"no_log_init": '--no-log-init',
|
|
}
|
|
|
|
redact_opts = ['passwd']
|
|
|
|
for key, val in kwargs.iteritems():
|
|
if key in adduser_opts and val and isinstance(val, basestring):
|
|
adduser_cmd.extend([adduser_opts[key], val])
|
|
|
|
# Redact certain fields from the logs
|
|
if key in redact_opts:
|
|
log_adduser_cmd.extend([adduser_opts[key], 'REDACTED'])
|
|
else:
|
|
log_adduser_cmd.extend([adduser_opts[key], val])
|
|
|
|
elif key in adduser_flags and val:
|
|
adduser_cmd.append(adduser_flags[key])
|
|
log_adduser_cmd.append(adduser_flags[key])
|
|
|
|
if 'no_create_home' in kwargs or 'system' in kwargs:
|
|
adduser_cmd.append('-d/nonexistent')
|
|
log_adduser_cmd.append('-d/nonexistent')
|
|
else:
|
|
adduser_cmd.append('-d/usr/home/%s' % name)
|
|
adduser_cmd.append('-m')
|
|
log_adduser_cmd.append('-d/usr/home/%s' % name)
|
|
log_adduser_cmd.append('-m')
|
|
|
|
# Run the command
|
|
LOG.info("Adding user %s", name)
|
|
try:
|
|
util.subp(adduser_cmd, logstring=log_adduser_cmd)
|
|
except Exception as e:
|
|
util.logexc(LOG, "Failed to create user %s", name)
|
|
raise e
|
|
|
|
# TODO:
|
|
def set_passwd(self, user, passwd, hashed=False):
|
|
return False
|
|
|
|
def lock_passwd(self, name):
|
|
try:
|
|
util.subp(['pw', 'usermod', name, '-h', '-'])
|
|
except Exception as e:
|
|
util.logexc(LOG, "Failed to lock user %s", name)
|
|
raise e
|
|
|
|
def create_user(self, name, **kwargs):
|
|
self.add_user(name, **kwargs)
|
|
|
|
# Set password if plain-text password provided and non-empty
|
|
if 'plain_text_passwd' in kwargs and kwargs['plain_text_passwd']:
|
|
self.set_passwd(name, kwargs['plain_text_passwd'])
|
|
|
|
# Default locking down the account. 'lock_passwd' defaults to True.
|
|
# lock account unless lock_password is False.
|
|
if kwargs.get('lock_passwd', True):
|
|
self.lock_passwd(name)
|
|
|
|
# Configure sudo access
|
|
if 'sudo' in kwargs:
|
|
self.write_sudo_rules(name, kwargs['sudo'])
|
|
|
|
# Import SSH keys
|
|
if 'ssh_authorized_keys' in kwargs:
|
|
keys = set(kwargs['ssh_authorized_keys']) or []
|
|
ssh_util.setup_user_keys(keys, name, options=None)
|
|
|
|
def _write_network(self, settings):
|
|
entries = net_util.translate_network(settings)
|
|
nameservers = []
|
|
searchdomains = []
|
|
dev_names = entries.keys()
|
|
for (device, info) in entries.iteritems():
|
|
# Skip the loopback interface.
|
|
if device.startswith('lo'):
|
|
continue
|
|
|
|
dev = self.getnetifname(device)
|
|
|
|
LOG.info('Configuring interface %s', dev)
|
|
|
|
if info.get('bootproto') == 'static':
|
|
LOG.debug('Configuring dev %s with %s / %s', dev,
|
|
info.get('address'), info.get('netmask'))
|
|
# Configure an ipv4 address.
|
|
ifconfig = (info.get('address') + ' netmask ' +
|
|
info.get('netmask'))
|
|
|
|
# Configure the gateway.
|
|
self.updatercconf('defaultrouter', info.get('gateway'))
|
|
|
|
if 'dns-nameservers' in info:
|
|
nameservers.extend(info['dns-nameservers'])
|
|
if 'dns-search' in info:
|
|
searchdomains.extend(info['dns-search'])
|
|
else:
|
|
ifconfig = 'DHCP'
|
|
|
|
self.updatercconf('ifconfig_' + dev, ifconfig)
|
|
|
|
# Try to read the /etc/resolv.conf or just start from scratch if that
|
|
# fails.
|
|
try:
|
|
resolvconf = ResolvConf(util.load_file(self.resolv_conf_fn))
|
|
resolvconf.parse()
|
|
except IOError:
|
|
util.logexc(LOG, "Failed to parse %s, use new empty file",
|
|
self.resolv_conf_fn)
|
|
resolvconf = ResolvConf('')
|
|
resolvconf.parse()
|
|
|
|
# Add some nameservers
|
|
for server in nameservers:
|
|
try:
|
|
resolvconf.add_nameserver(server)
|
|
except ValueError:
|
|
util.logexc(LOG, "Failed to add nameserver %s", server)
|
|
|
|
# And add any searchdomains.
|
|
for domain in searchdomains:
|
|
try:
|
|
resolvconf.add_search_domain(domain)
|
|
except ValueError:
|
|
util.logexc(LOG, "Failed to add search domain %s", domain)
|
|
util.write_file(self.resolv_conf_fn, str(resolvconf), 0644)
|
|
|
|
return dev_names
|
|
|
|
def apply_locale(self, locale, out_fn=None):
|
|
# Adjust the locals value to the new value
|
|
newconf = StringIO()
|
|
for line in util.load_file(self.login_conf_fn).splitlines():
|
|
newconf.write(re.sub(r'^default:',
|
|
r'default:lang=%s:' % locale, line))
|
|
newconf.write("\n")
|
|
|
|
# Make a backup of login.conf.
|
|
util.copy(self.login_conf_fn, self.login_conf_fn_bak)
|
|
|
|
# And write the new login.conf.
|
|
util.write_file(self.login_conf_fn, newconf.getvalue())
|
|
|
|
try:
|
|
LOG.debug("Running cap_mkdb for %s", locale)
|
|
util.subp(['cap_mkdb', self.login_conf_fn])
|
|
except util.ProcessExecutionError:
|
|
# cap_mkdb failed, so restore the backup.
|
|
util.logexc(LOG, "Failed to apply locale %s", locale)
|
|
try:
|
|
util.copy(self.login_conf_fn_bak, self.login_conf_fn)
|
|
except IOError:
|
|
util.logexc(LOG, "Failed to restore %s backup",
|
|
self.login_conf_fn)
|
|
|
|
def _bring_up_interface(self, device_name):
|
|
if device_name.startswith('lo'):
|
|
return
|
|
dev = self.getnetifname(device_name)
|
|
cmd = ['/etc/rc.d/netif', 'start', dev]
|
|
LOG.debug("Attempting to bring up interface %s using command %s",
|
|
dev, cmd)
|
|
# This could return 1 when the interface has already been put UP by the
|
|
# OS. This is just fine.
|
|
(_out, err) = util.subp(cmd, rcs=[0, 1])
|
|
if len(err):
|
|
LOG.warn("Error running %s: %s", cmd, err)
|
|
|
|
def install_packages(self, pkglist):
|
|
return
|
|
|
|
def package_command(self, cmd, args=None, pkgs=None):
|
|
return
|
|
|
|
def set_timezone(self, tz):
|
|
return
|
|
|
|
def update_package_sources(self):
|
|
return
|