lorax/src/pylorax/api/config.py

#
# Copyright (C) 2017  Red Hat, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
import configparser
import grp
import os
import pwd

from pylorax.sysutils import joinpaths

class ComposerConfig(configparser.ConfigParser):
    def get_default(self, section, option, default):
        try:
            return self.get(section, option)
        except configparser.Error:
            return default


def configure(conf_file="/etc/lorax/composer.conf", root_dir="/", test_config=False):
    """lorax-composer configuration

    :param conf_file: Path to the config file overriding the default settings
    :type conf_file: str
    :param root_dir: Directory to prepend to paths, defaults to /
    :type root_dir: str
    :param test_config: Set to True to skip reading conf_file
    :type test_config: bool
    """
    conf = ComposerConfig()

    # set defaults
    conf.add_section("composer")
    conf.set("composer", "share_dir", os.path.realpath(joinpaths(root_dir, "/usr/share/lorax/")))
    conf.set("composer", "lib_dir", os.path.realpath(joinpaths(root_dir, "/var/lib/lorax/composer/")))
    conf.set("composer", "repo_dir", os.path.realpath(joinpaths(root_dir, "/var/lib/lorax/composer/repos.d/")))
    conf.set("composer", "dnf_conf", os.path.realpath(joinpaths(root_dir, "/var/tmp/composer/dnf.conf")))
    conf.set("composer", "dnf_root", os.path.realpath(joinpaths(root_dir, "/var/tmp/composer/dnf/root/")))
    conf.set("composer", "cache_dir", os.path.realpath(joinpaths(root_dir, "/var/tmp/composer/cache/")))
    conf.set("composer", "tmp", os.path.realpath(joinpaths(root_dir, "/var/tmp/")))

    conf.add_section("users")
    conf.set("users", "root", "1")

    # Enable all available repo files by default
    conf.add_section("repos")
    conf.set("repos", "use_system_repos", "1")
    conf.set("repos", "enabled", "*")

    conf.add_section("dnf")

    if not test_config:
        # read the config file
        if os.path.isfile(conf_file):
            conf.read(conf_file)

    return conf

def make_owned_dir(p_dir, uid, gid):
    """Make a directory and its parents, setting owner and group

    :param p_dir: path to directory to create
    :type p_dir: string
    :param uid: uid of owner
    :type uid: int
    :param gid: gid of owner
    :type gid: int
    :returns: list of errors
    :rtype: list of str

    Check to make sure it does not have o+rw permissions and that it is owned by uid:gid
    """
    errors = []
    if not os.path.isdir(p_dir):
        # Make sure no o+rw permissions are set
        orig_umask = os.umask(0o006)
        os.makedirs(p_dir, 0o771)
        os.chown(p_dir, uid, gid)
        os.umask(orig_umask)
    else:
        p_stat = os.stat(p_dir)
        if p_stat.st_mode & 0o006 != 0:
            errors.append("Incorrect permissions on %s, no o+rw permissions are allowed." % p_dir)

        if p_stat.st_gid != gid or p_stat.st_uid != 0:
            gr_name = grp.getgrgid(gid).gr_name
            u_name = pwd.getpwuid(uid)
            errors.append("%s should be owned by %s:%s" % (p_dir, u_name, gr_name))

    return errors

def make_dnf_dirs(conf, uid, gid):
    """Make any missing dnf directories owned by user:group

    :param conf: The configuration to use
    :type conf: ComposerConfig
    :param uid: uid of owner
    :type uid: int
    :param gid: gid of owner
    :type gid: int
    :returns: list of errors
    :rtype: list of str
    """
    errors = []
    for p in ["dnf_conf", "repo_dir", "cache_dir", "dnf_root"]:
        p_dir = os.path.abspath(conf.get("composer", p))
        if p == "dnf_conf":
            p_dir = os.path.dirname(p_dir)
        errors.extend(make_owned_dir(p_dir, uid, gid))

def make_queue_dirs(conf, gid):
    """Make any missing queue directories

    :param conf: The configuration to use
    :type conf: ComposerConfig
    :param gid: Group ID that has access to the queue directories
    :type gid: int
    :returns: list of errors
    :rtype: list of str
    """
    errors = []
    lib_dir = conf.get("composer", "lib_dir")
    for p in ["queue/run", "queue/new", "results"]:
        p_dir = joinpaths(lib_dir, p)
        errors.extend(make_owned_dir(p_dir, 0, gid))
    return errors
Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00			`#`
			`# Copyright (C) 2017 Red Hat, Inc.`
			`#`
			`# This program is free software; you can redistribute it and/or modify`
			`# it under the terms of the GNU General Public License as published by`
			`# the Free Software Foundation; either version 2 of the License, or`
			`# (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU General Public License`
			`# along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`#`
			`import configparser`
			`import grp`
			`import os`
Change make_dnf_dirs to be run as root It needs to be root in order to set the ownership and permissions on the directories that are under /var/lib/lorax/composer/ Refactor the directory creation into a utility function, and use a umask of 0o006 to ensure that the parent directories created do not have o+rw set on them (makedirs behavior is different between Python 3.6 and 3.7 so umask of 0 doesn't work consistently). 2018-10-10 18:27:10 +00:00			`import pwd`
Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00
			`from pylorax.sysutils import joinpaths`

Fix a DeprecationWarning SafeConfigParser is just a deprecated version of ConfigParser in python3, so use ConfigParser. 2018-09-07 17:16:26 +00:00			`class ComposerConfig(configparser.ConfigParser):`
Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00			`def get_default(self, section, option, default):`
			`try:`
			`return self.get(section, option)`
			`except configparser.Error:`
			`return default`


			`def configure(conf_file="/etc/lorax/composer.conf", root_dir="/", test_config=False):`
			`"""lorax-composer configuration`

			`:param conf_file: Path to the config file overriding the default settings`
			`:type conf_file: str`
			`:param root_dir: Directory to prepend to paths, defaults to /`
			`:type root_dir: str`
			`:param test_config: Set to True to skip reading conf_file`
			`:type test_config: bool`
			`"""`
			`conf = ComposerConfig()`

			`# set defaults`
			`conf.add_section("composer")`
			`conf.set("composer", "share_dir", os.path.realpath(joinpaths(root_dir, "/usr/share/lorax/")))`
			`conf.set("composer", "lib_dir", os.path.realpath(joinpaths(root_dir, "/var/lib/lorax/composer/")))`
Add support for user defined package sources API This lives under /api/v0/projects/source/* See the documentation for details 2018-05-29 19:22:34 +00:00			`conf.set("composer", "repo_dir", os.path.realpath(joinpaths(root_dir, "/var/lib/lorax/composer/repos.d/")))`
Convert lorax-composer yum base object to DNF This no longer uses the enabled configuration setting to select repos to use. It uses everything in the repo_dir, and if system repos have not been disabled it copies them into the repo_dir at startup, overwriting the previous copy. 2018-04-30 22:23:48 +00:00			`conf.set("composer", "dnf_conf", os.path.realpath(joinpaths(root_dir, "/var/tmp/composer/dnf.conf")))`
			`conf.set("composer", "dnf_root", os.path.realpath(joinpaths(root_dir, "/var/tmp/composer/dnf/root/")))`
Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00			`conf.set("composer", "cache_dir", os.path.realpath(joinpaths(root_dir, "/var/tmp/composer/cache/")))`
Pass the --tmp value into run_creator and cleanup after a crash Crashing can sometimes leave directories in /var/tmp/lmc-* so clean those up after run_creator is finished. 2018-05-10 17:58:43 +00:00			`conf.set("composer", "tmp", os.path.realpath(joinpaths(root_dir, "/var/tmp/")))`
Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00
			`conf.add_section("users")`
			`conf.set("users", "root", "1")`

			`# Enable all available repo files by default`
			`conf.add_section("repos")`
			`conf.set("repos", "use_system_repos", "1")`
			`conf.set("repos", "enabled", "*")`

Add --proxy to lorax-composer cmdline Overrides the [dnf] proxy setting in the config file. 2018-05-10 20:36:49 +00:00			`conf.add_section("dnf")`

Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00			`if not test_config:`
			`# read the config file`
			`if os.path.isfile(conf_file):`
			`conf.read(conf_file)`

			`return conf`

Change make_dnf_dirs to be run as root It needs to be root in order to set the ownership and permissions on the directories that are under /var/lib/lorax/composer/ Refactor the directory creation into a utility function, and use a umask of 0o006 to ensure that the parent directories created do not have o+rw set on them (makedirs behavior is different between Python 3.6 and 3.7 so umask of 0 doesn't work consistently). 2018-10-10 18:27:10 +00:00			`def make_owned_dir(p_dir, uid, gid):`
			`"""Make a directory and its parents, setting owner and group`

			`:param p_dir: path to directory to create`
			`:type p_dir: string`
			`:param uid: uid of owner`
			`:type uid: int`
			`:param gid: gid of owner`
			`:type gid: int`
			`:returns: list of errors`
			`:rtype: list of str`

			`Check to make sure it does not have o+rw permissions and that it is owned by uid:gid`
			`"""`
			`errors = []`
			`if not os.path.isdir(p_dir):`
			`# Make sure no o+rw permissions are set`
			`orig_umask = os.umask(0o006)`
			`os.makedirs(p_dir, 0o771)`
			`os.chown(p_dir, uid, gid)`
			`os.umask(orig_umask)`
			`else:`
			`p_stat = os.stat(p_dir)`
			`if p_stat.st_mode & 0o006 != 0:`
			`errors.append("Incorrect permissions on %s, no o+rw permissions are allowed." % p_dir)`

			`if p_stat.st_gid != gid or p_stat.st_uid != 0:`
			`gr_name = grp.getgrgid(gid).gr_name`
			`u_name = pwd.getpwuid(uid)`
			`errors.append("%s should be owned by %s:%s" % (p_dir, u_name, gr_name))`

			`return errors`

			`def make_dnf_dirs(conf, uid, gid):`
			`"""Make any missing dnf directories owned by user:group`
Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00
			`:param conf: The configuration to use`
			`:type conf: ComposerConfig`
Change make_dnf_dirs to be run as root It needs to be root in order to set the ownership and permissions on the directories that are under /var/lib/lorax/composer/ Refactor the directory creation into a utility function, and use a umask of 0o006 to ensure that the parent directories created do not have o+rw set on them (makedirs behavior is different between Python 3.6 and 3.7 so umask of 0 doesn't work consistently). 2018-10-10 18:27:10 +00:00			`:param uid: uid of owner`
			`:type uid: int`
			`:param gid: gid of owner`
			`:type gid: int`
			`:returns: list of errors`
			`:rtype: list of str`
Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00			`"""`
Change make_dnf_dirs to be run as root It needs to be root in order to set the ownership and permissions on the directories that are under /var/lib/lorax/composer/ Refactor the directory creation into a utility function, and use a umask of 0o006 to ensure that the parent directories created do not have o+rw set on them (makedirs behavior is different between Python 3.6 and 3.7 so umask of 0 doesn't work consistently). 2018-10-10 18:27:10 +00:00			`errors = []`
Convert lorax-composer yum base object to DNF This no longer uses the enabled configuration setting to select repos to use. It uses everything in the repo_dir, and if system repos have not been disabled it copies them into the repo_dir at startup, overwriting the previous copy. 2018-04-30 22:23:48 +00:00			`for p in ["dnf_conf", "repo_dir", "cache_dir", "dnf_root"]:`
Fix make_dnf_dirs It was chopping off an extra directory level due to realpath removing the trailing / from the paths when they are setup. 2018-05-29 23:41:43 +00:00			`p_dir = os.path.abspath(conf.get("composer", p))`
			`if p == "dnf_conf":`
			`p_dir = os.path.dirname(p_dir)`
Change make_dnf_dirs to be run as root It needs to be root in order to set the ownership and permissions on the directories that are under /var/lib/lorax/composer/ Refactor the directory creation into a utility function, and use a umask of 0o006 to ensure that the parent directories created do not have o+rw set on them (makedirs behavior is different between Python 3.6 and 3.7 so umask of 0 doesn't work consistently). 2018-10-10 18:27:10 +00:00			`errors.extend(make_owned_dir(p_dir, uid, gid))`
Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00
			`def make_queue_dirs(conf, gid):`
			`"""Make any missing queue directories`

			`:param conf: The configuration to use`
			`:type conf: ComposerConfig`
			`:param gid: Group ID that has access to the queue directories`
			`:type gid: int`
			`:returns: list of errors`
			`:rtype: list of str`
			`"""`
			`errors = []`
			`lib_dir = conf.get("composer", "lib_dir")`
			`for p in ["queue/run", "queue/new", "results"]:`
			`p_dir = joinpaths(lib_dir, p)`
Change make_dnf_dirs to be run as root It needs to be root in order to set the ownership and permissions on the directories that are under /var/lib/lorax/composer/ Refactor the directory creation into a utility function, and use a umask of 0o006 to ensure that the parent directories created do not have o+rw set on them (makedirs behavior is different between Python 3.6 and 3.7 so umask of 0 doesn't work consistently). 2018-10-10 18:27:10 +00:00			`errors.extend(make_owned_dir(p_dir, 0, gid))`
Use 2to3 to convert the python2 lorax-composer code to python3 2018-04-30 18:48:38 +00:00			`return errors`