Sindbad~EG File Manager
# RHN Registration Client
# Copyright (c) 2000--2016 Red Hat, Inc.
# Authors:
# Adrian Likins <>
# Preston Brown <>
# Daniel Benamy <>
import os
import sys
import dbus
import base64
import libxml2
from up2date_client import up2dateUtils
from up2date_client import up2dateErrors
from up2date_client import up2dateAuth
from up2date_client import rhnserver
from up2date_client import pkgUtils
from up2date_client import up2dateLog
from up2date_client import rhnreg_constants
from up2date_client import hardware
from up2date_client.rhnPackageInfo import convertPackagesFromHashToList
from up2date_client.pkgplatform import getPlatform
from rhn.i18n import ustr, sstr
from rhn.tb import raise_with_tb
try: # python2
import urlparse
import xmlrpclib
from types import ListType, TupleType, StringType, UnicodeType, DictType, DictionaryType
except ImportError: # python3
import urllib.parse as urlparse
import xmlrpc.client as xmlrpclib
ListType = list
TupleType = tuple
StringType = bytes
UnicodeType = str
DictType = dict
DictionaryType = dict
long = int
from virtualization import support
except ImportError:
support = None
import gettext
t = gettext.translation('rhn-client-tools', fallback=True)
# Python 3 translations don't have a ugettext method
if not hasattr(t, 'ugettext'):
t.ugettext = t.gettext
_ = t.ugettext
# global variables
#SYSID_DIR = /tmp
SYSID_DIR = "/etc/sysconfig/rhn"
REMIND_FILE = "%s/rhn_register_remind" % SYSID_DIR
HW_CODE_FILE = "%s/hw-activation-code" % SYSID_DIR
RHSM_FILE = "/etc/pki/consumer/cert.pem"
JWT_TOKEN = '/etc/sysconfig/rhn/jwt.token'
_human_readable_to_product = {
'CloudLinux OS Shared Pro': 'shared_pro',
'CloudLinux OS Shared': 'shared',
'CloudLinux OS Solo': 'solo',
'CloudLinux OS Admin': 'admin',
_product_to_human_readable = {
v: k for k, v in _human_readable_to_product.items()}
from up2date_client import config
cfg = config.initUp2dateConfig()
log = up2dateLog.initLog()
def startRhnsd():
# successful registration. Try to start rhnsd if it isn't running.
if os.access("/usr/sbin/rhnsd", os.R_OK|os.X_OK):
# test for UsrMerge systemd environment
systemd_system_unitdir = "/usr/lib/systemd/system"
systemd_systemctl = "/usr/bin/systemctl"
if not os.access(systemd_systemctl, os.R_OK|os.X_OK):
if os.access("/bin/systemctl", os.R_OK|os.X_OK):
systemd_systemctl = "/bin/systemctl"
systemd_system_unitdir = "/lib/systemd/system"
if os.access("%s/rhnsd.service" % systemd_system_unitdir, os.R_OK):
# systemd
if os.access(systemd_systemctl, os.R_OK|os.X_OK):
os.system("%s enable rhnsd > /dev/null" % systemd_systemctl);
os.system("%s start rhnsd > /dev/null" % systemd_systemctl);
print(_("Warning: unable to enable rhnsd with systemd"))
# SysV init scripts
if os.access("/sbin/chkconfig", os.R_OK|os.X_OK):
os.system("/sbin/chkconfig rhnsd on > /dev/null");
print(_("Warning: unable to enable rhnsd with chkconfig"))
service_path = "/sbin/service"
if not os.access(service_path, os.R_OK|os.X_OK):
if os.access("/usr/sbin/service", os.R_OK|os.X_OK):
service_path = "/usr/sbin/service"
rc = os.system("%s rhnsd status > /dev/null" % service_path)
if rc:
os.system("%s rhnsd start > /dev/null" % service_path)
def getOemInfo():
configFile = cfg["oemInfoFile"] or "/etc/sysconfig/rhn/oeminfo"
if not os.access(configFile, os.R_OK):
return {}
fd = open(configFile, "r")
L = fd.readlines()
info = {}
for i in L:
i = i.strip()
if i == "":
(key, value) = i.split(':')
except ValueError:
info[key] = value.strip()
return info
def rhsm_registered():
""" Returns true if system is registred using subscription manager """
if os.access(RHSM_FILE, os.R_OK):
statinfo = os.stat(RHSM_FILE)
return statinfo.st_size > 0
return False
def registered():
return os.access(cfg['systemIdPath'], os.R_OK)
def createSystemRegisterRemindFile():
if not os.access(REMIND_FILE, os.R_OK):
# touch the file to tell the applet it needs to remind
# the user to register
fd = open(REMIND_FILE, "w+")
def removeSystemRegisterRemindFile():
if os.access(REMIND_FILE, os.R_OK):
def _write_secure_file(secure_file, file_contents):
""" Write a file to disk that is not readable by other users. """
dir_name = os.path.dirname(secure_file)
if not os.access(dir_name, os.W_OK):
return False
if os.access(secure_file, os.F_OK):
# already have file there; let's back it up
os.rename(secure_file, secure_file + '.save')
return False
fd =, os.O_WRONLY | os.O_CREAT, int('0600', 8))
fd_file = os.fdopen(fd, 'w')
return True
def writeSystemId(systemId):
res = _write_secure_file(cfg['systemIdPath'], systemId)
# newer registratio clients will create a file indicating that
# we need to remind the user to register, this removes it
if res:
return res
def extract_system_id():
xpath_str = "//member[name='system_id']/value/string"
systemId = up2dateAuth.getSystemId()
if systemId is None:
result = libxml2.parseDoc(systemId)
context = result.xpathNewContext()
system_id = context.xpathEval(xpath_str)[0].content
# remove `ID-` and convert to integer
system_id = int(system_id[3:])
except (IndexError, libxml2.parserError):
log.log_me('systemID file doesn\'t have system_id field or the file is broken')
return system_id
def _execute_pre_jwt_update_hook(token: str, allowTransition: bool):
Execute binary file which we use as hook for jwt token updates
import subprocess, os
# during cldeploy we don't have python or any other packages, so just exit
if not os.path.exists('/opt/cloudlinux/venv/bin/python3'):
cmd = ['/usr/sbin/cl-pre-jwt-update', '--new-token', token]
if allowTransition:
p = subprocess.Popen(cmd)
stdout, stderr = p.communicate()
if p.returncode != 0:
log.log_me("Pre jwt update hook failed with stdout=%s and stderr=%s" % (stdout, stderr))
def _execute_post_jwt_update_hook(allowTransition: bool):
Execute binary file which we use as hook for jwt token updates
import subprocess, os
# during cldeploy we don't have python or any other packages, so just exit
if not os.path.exists('/opt/cloudlinux/venv/bin/python3'):
cmd = ['/usr/sbin/cl-post-jwt-update']
if allowTransition:
p = subprocess.Popen(cmd)
stdout, stderr = p.communicate()
if p.returncode != 0:
log.log_me("Post jwt update hook failed with stdout=%s and stderr=%s" % (stdout, stderr))
def getAndWriteJWTTokenToFile(systemId, allowTransition = False):
Get a JWT token from CLN and save it to the file
:param systemId: content of file `/etc/sysconfig/rhn/systemid`
:return: None
xmlrpm_server = rhnserver.RhnServer()
result = xmlrpm_server.up2date.getJWTToken(systemId)
except up2dateErrors.UnknownMethodException:
# if CLN doesn't have this method we do nothing
except (up2dateErrors.AuthenticationTicketError,
_execute_pre_jwt_update_hook(result, allowTransition)
_write_secure_file(JWT_TOKEN, result)
def writeHWCode(hw_activation_code):
"""Returns True if the write is successful or False if it fails."""
return _write_secure_file(HW_CODE_FILE, hw_activation_code + '\n')
def get_virt_info():
This function returns the UUID and virtualization type of this system, if
it is a guest. Otherwise, it returns None. To figure this out, we'll
use a number of heuristics (list in order of precedence):
1. Check /proc/xen/xsd_port. If exists, we know the system is a
host; exit.
2. Check SMBIOS. If vendor='Xen' and UUID is non-zero, we know the
system is a fully-virt guest; exit.
3. Check /sys/hypervisor/uuid. If exists and is non-zero, we know
the system is a para-virt guest; exit.
4. If non of the above checks worked; we know we have a
non-xen-enabled system; exit.
# First, check whether /proc/xen/xsd_port exists. If so, we know this is
# a host system.
if os.path.exists("/proc/xen/xsd_port"):
# Ok, we know this is *at least* a host system. However, it may
# also be a fully-virt guest. Check for that next. If it is, we'll
# just report that instead since we only support one level of
# virtualization.
(uuid, virt_type) = get_fully_virt_info()
return (uuid, virt_type)
except IOError:
# Failed. Move on to next strategy.
# This is not a virt host system. Check if it's a fully-virt guest.
(uuid, virt_type) = get_fully_virt_info()
if uuid is not None:
return (uuid, virt_type)
# This is not a fully virt guest system. Check if it's a para-virt guest.
(uuid, virt_type) = get_para_virt_info()
if uuid is not None:
return (uuid, virt_type)
# If we got here, we have a system that does not have virtualization
# enabled.
return (None, None)
def get_para_virt_info():
This function checks /sys/hypervisor/uuid to see if the system is a
para-virt guest. It returns a (uuid, virt_type) tuple.
uuid_file = open('/sys/hypervisor/uuid', 'r')
uuid =
uuid = uuid.lower().replace('-', '').rstrip("\r\n")
virt_type = "para"
return (uuid, virt_type)
except IOError:
# Failed; must not be para-virt.
return (None, None)
def get_fully_virt_info():
This function looks in the SMBIOS area to determine if this is a
fully-virt guest. It returns a (uuid, virt_type) tuple.
vendor = hardware.dmi_vendor()
uuid = hardware.dmi_system_uuid()
if vendor.lower() == "xen":
uuid = uuid.lower().replace('-', '')
virt_type = "fully"
return (uuid, virt_type)
return (None, None)
def _is_host_uuid(uuid):
uuid = eval('0x%s' % uuid)
return long(uuid) == long(0)
def welcomeText():
s = rhnserver.RhnServer()
return s.registration.welcome_message()
def getCaps():
s = rhnserver.RhnServer()
# figure out if were missing any needed caps
def reserveUser(username, password):
s = rhnserver.RhnServer()
return s.registration.reserve_user(username, password)
class RegistrationResult:
def __init__(self, systemId, channels, failedChannels, systemSlots,
failedSystemSlots, universalActivationKey, rawDict=None):
# TODO Get rid of rawDict
self._systemId = systemId
self._channels = channels
self._failedChannels = failedChannels
self._systemSlots = systemSlots
self._failedSystemSlots = failedSystemSlots
if len(universalActivationKey) > 0:
self._universalActivationKey = universalActivationKey
self._universalActivationKey = None
self.rawDict = rawDict
def getSystemId(self):
return self._systemId
def getChannels(self):
return self._channels
def getFailedChannels(self):
return self._failedChannels
def getSystemSlots(self):
return self._systemSlots
def getSystemSlotDescriptions(self):
return [self._getSlotDescription(s) for s in self._systemSlots]
def getFailedSystemSlotDescriptions(self):
return [self._getFailedSlotDescription(s) for s in self._failedSystemSlots]
def getUniversalActivationKey(self):
"""Returns None if no universal activation key was used."""
return self._universalActivationKey
def hasBaseAndUpdates(self):
"""Returns True if the system was subscribed to at least one channel
and was given any type of system slot so it will get updates. In other
words, returns True if the system will be getting at least basic
# If it was subscribed to at least one channel, that must include a
# base channel.
return len(self._channels) > 0 and len(self._systemSlots) > 0
def _getFailedSlotDescription(self, slot):
if slot == 'virtualization_host':
return rhnreg_constants.VIRT + " " + rhnreg_constants.VIRT_FAILED
return self._getSlotDescription(slot)
def _getSlotDescription(self, slot):
if slot == 'enterprise_entitled':
return rhnreg_constants.MANAGEMENT
elif slot == 'virtualization_host':
return rhnreg_constants.VIRT
return slot
def getServerEdition(human_readable: bool = False):
edition_cache_file = '/opt/cloudlinux/cl_edition'
# edition cache does not exist only in the case when
# we did not register server yet
if not os.path.exists(edition_cache_file):
return 'shared'
with open(edition_cache_file) as f:
raw_edition ='\n')
if human_readable:
return raw_edition
return _human_readable_to_product[raw_edition]
def get_users_count_from_cllib():
from subprocess import Popen, PIPE
if not os.path.exists('/opt/cloudlinux/venv/bin'):
raise ValueError()
cmd = '/opt/cloudlinux/venv/bin/python3 -c "from clcommon.cpapi import cpusers; print(cpusers())"'
process = Popen(cmd, shell=True, stdout=PIPE, stderr=PIPE)
output, errors = [result.decode().strip() for result in process.communicate()]
if errors:
raise ValueError()
return len(output[1:-1].split(', '))
def get_users_count_generic():
from up2date_client.clpwd import ClPwd
pwd = ClPwd()
return len(pwd.get_uid_dict())
def countServerUsers():
users_count = get_users_count_from_cllib()
except Exception:
users_count = get_users_count_generic()
return users_count
def checkLicenseKey(activationKey, strictEdition, silentMigration):
licenseInformation = checkKey(activationKey)
except up2dateErrors.CommunicationError as e:
print("%s" % e.errmsg)
except up2dateErrors.UnknownMethodException:
currentEdition = getServerEdition()
licenseEdition = licenseInformation['edition']
if licenseEdition == currentEdition:
if strictEdition:
"WARNING: Automatic registration in yum transactions is "
"only available when edition matches the provided license. "
"Your current edition is {current_edition} and your license is {new_edition}.".format(
print("Run clnreg_ks manually to complete registration.")
if not silentMigration:
if not sys.stdin.isatty():
print('Error: interactive input required for edition migration, but tool '
'is running in non-interactive mode. Please try running the tool again '
'in interactive shell or add `--migrate-silently` flag to accept all'
'questions and perform the edition migration silently.')
message = (f"{_product_to_human_readable[currentEdition]} edition installed on your server "
f"does not match license you are trying to register server with: "
f"{_product_to_human_readable[licenseEdition]}. Migration is required. "
f"You may lose access to the services which are not supported by the new edition.")
edition_to_users_limit = {
'admin': 5,
'solo': 1
license_users_limit = edition_to_users_limit.get(licenseEdition)
if license_users_limit is not None:
users_on_server = countServerUsers()
if users_on_server > license_users_limit:
print(f"The license you are trying to register with allows a maximum of "
f"{edition_to_users_limit[licenseEdition]} hosting accounts which is less "
f"than {users_on_server} users detected on this server. Aborting.")
message = (f"{message} Also, the license you are trying to register with allows a maximum of "
f"{edition_to_users_limit[licenseEdition]} hosting accounts. "
f"Make sure that your system complies with this requirement.")
def _askConfirmation(confirmationMessage: str):
Prints message and makes sure that client is ready for edition migration.
response = input("Do you want to continue? [N/y]: ", )
if response.lower() != 'y':
def registerSystem(username = None, password = None,
profileName = None,
token = None, other = None, edition=None):
"""Wrapper for the old xmlrpc to register a system. Activates subscriptions
if a reg num is given.
assert username is None and password is None, \
"username and password usage is deprecated"
auth_dict = { "profile_name" : profileName,
"os_release" : up2dateUtils.getVersion(),
"release_name" : up2dateUtils.getOSRelease(),
"architecture" : up2dateUtils.getArch()
# send information about previous registration
system_id_xml = up2dateAuth.getSystemId()
if system_id_xml is not None:
auth_dict["system_id"] = system_id_xml
# dict of other bits to send
if other:
for (key, item) in other.items():
auth_dict[key] = item
if token:
auth_dict["token"] = token
auth_dict["username"] = username
auth_dict["password"] = password
if edition is not None:
auth_dict['edition'] = edition
auth_dict['edition'] = 'solo' \
if os.path.exists('/etc/cloudlinux-edition-solo') \
else 'admin' if os.path.exists('/etc/cloudlinux-edition-admin') else 'shared'
if cfg['supportsSMBIOS']:
auth_dict["smbios"] = _encode_characters(hardware.get_smbios())
s = rhnserver.RhnServer()
ret = s.registration.new_system(auth_dict)
return ret
def checkKey(activationKey):
Check the activation key and return it's edition and customer
s = rhnserver.RhnServer()
ret = s.registration.license_check(activationKey)
# {'customerId': 10000327, 'edition': 'solo'}
return ret
def updateRhsmStatus():
bus = dbus.SystemBus()
validity_obj = bus.ProxyObjectClass(bus, 'com.redhat.SubscriptionManager',
'/EntitlementStatus', introspect=False)
validity_iface = dbus.Interface(validity_obj,
except dbus.DBusException:
# we can't connect to dbus. it's not running, likely from a minimal
# install. we can't do anything here, so just ignore it.
except dbus.DBusException:
# the call timed out, or something similar. we don't really care
# about a timely reply or what the result might be, we just want
# the method to run. So we can safely ignore this.
def getAvailableChannels(username, password):
s = rhnserver.RhnServer()
server_arch = up2dateUtils.getArch()
server_version = up2dateUtils.getVersion()
server_release = up2dateUtils.getRelease()
availableChannels = None
availableChannels = s.registration.available_eus_channels(
username, password,
server_arch, server_version,
except xmlrpclib.Fault:
f = sys.exc_info()[1]
if f.faultCode == 99:
return availableChannels
def registerSystem2(username = None, password = None,
profileName = None, packages = None,
activationKey = None, other = {}):
"""Uses the new xmlrpcs to register a system. Returns a dict instead of just
system id.
The main differences between this and registerSystem and that this doesn't
do activation and does child channel subscriptions if possible. See the
documentation for the xmlrpc handlers in backend for more detail.
If nothing is going to be in other, it can be {} or None.
New in RHEL 5.
if other is None:
other = {}
if activationKey:
assert username is None
assert password is None
assert activationKey is not None
assert username is not None
assert password is not None
assert activationKey is None
for key in other.keys():
assert key in ['registration_number',
if cfg['supportsSMBIOS']:
other["smbios"] = _encode_characters(hardware.get_smbios())
s = rhnserver.RhnServer()
if activationKey:
info = s.registration.new_system_activation_key(profileName,
info = s.registration.new_system_user_pass(profileName,
log.log_debug("Returned:\n%s" % info)
result = RegistrationResult(info['system_id'],
info['channels'], info['failed_channels'],
info['system_slots'], info['failed_system_slots'],
return result
def server_supports_eus():
return cfg["supportsEUS"]
# pylint: disable=unused-argument
def sendHardware(systemId, hardwareList):
# The endpoint that is called in this function (registration.add_hw_profile)
# is disabled on the CLN side, and does not do anything.
# Therefore, we can safely disable this function.
# Original code preserved below in case we ever need to re-enable this function.
# def remove_ip6addr(x):
# if x['class'] == 'NETINFO' and 'ip6addr' in x:
# del x['ip6addr']
# return x
# s = rhnserver.RhnServer()
# if not s.capabilities.hasCapability('ipv6', 1):
# hardwareList = [remove_ip6addr(i) for i in hardwareList]
# s.registration.add_hw_profile(systemId, _encode_characters(hardwareList))
# pylint: disable=unused-argument
def sendPackages(systemId, packageList):
# The endpoint that is called in this function (registration.add_packages)
# is disabled on the CLN side, and does not do anything.
# Therefore, we can safely disable this function.
# Original code preserved below in case we ever need to re-enable this function.
# s = rhnserver.RhnServer()
# if not s.capabilities.hasCapability('xmlrpc.packages.extended_profile', 2):
# # for older satellites and hosted - convert to old format
# packageList = convertPackagesFromHashToList(packageList)
# s.registration.add_packages(systemId, packageList)
def sendVirtInfo(systemId):
if support is not None:
def listPackages(systemId):
s = rhnserver.RhnServer()
def makeNiceServerUrl(server):
"""Raises up2dateErrors.InvalidProtocolError if the server url has a
protocol specified and it's not http or https.
protocol, host, path, parameters, query, fragmentIdentifier = urlparse.urlparse(server)
if protocol is None or protocol == '':
server = 'https://' + server
# We must call it again because if there wasn't a protocol the
# host will be in path
protocol, host, path, parameters, query, fragmentIdentifier = urlparse.urlparse(server)
if protocol not in ['https', 'http']:
raise up2dateErrors.InvalidProtocolError("You specified an invalid "
"protocol. Only https and "
"http are allowed.")
if path is None or path == '' or path == '/':
path = '/XMLRPC'
server = urlparse.urlunparse((protocol, host, path, parameters, query,
# TODO Raise an exception if url isn't valid
return server
def getServerType(serverUrl=None):
"""Returns 'hosted' if the url points to a known hosted server. Otherwise
returns 'satellite'.
return 'satellite'
class ActivationResult:
def __init__(self, status, registrationNumber, channels={}, systemSlots={}):
"""channels and systemSlots are dicts where the key/value pairs are
label (string) / quantity (int).
self._status = status
# TODO Validate reg num
self._regNum = registrationNumber
self._channels = channels
self._systemSlots = systemSlots
def getStatus(self):
return self._status
def getRegistrationNumber(self):
return self._regNum
def getChannelsActivated(self):
"""Returns a dict- the key/value pairs are label/quantity."""
return self._channels
def getSystemSlotsActivated(self):
"""Returns a dict- the key/value pairs are label/quantity."""
return self._systemSlots
def _encode_characters(*args):
""" All the data we gathered from dmi, bios, gudev are in utf-8,
we need to convert characters beyond ord(127) - e.g \xae to unicode.
for item in args:
item_type = type(item)
if item_type == StringType:
item = ustr(item)
elif item_type == TupleType:
item = tuple(_encode_characters(i) for i in item)
elif item_type == ListType:
item = [_encode_characters(i) for i in item]
elif item_type == DictType or item_type == DictionaryType:
item = dict([(_encode_characters(name, val)) for name, val in item.items()])
# else: numbers or UnicodeType - are safe
if len(result) == 1:
return result[0]
return tuple(result)
def _activate_hardware(login, password):
# Read the asset code from the hardware.
activateHWResult = None
hardwareInfo = None
hw_activation_code = None
hardwareInfo = hardware.get_hal_system_and_smbios()
hardwareInfo = _encode_characters(hardwareInfo)
log.log_me("There was an error while reading the hardware "
"info from the bios. Traceback:\n")
if hardwareInfo is not None:
activateHWResult = activateHardwareInfo(
login, password, hardwareInfo)
if activateHWResult.getStatus() == ActivationResult.ACTIVATED_NOW:
hw_activation_code = activateHWResult.getRegistrationNumber()
except up2dateErrors.NotEntitlingError:
log.log_debug('There are are no entitlements associated '
'with this hardware.')
except up2dateErrors.InvalidRegistrationNumberError:
log.log_debug('The hardware id was not recognized as valid.')
return hw_activation_code
def activateHardwareInfo(username, password, hardwareInfo, orgId=None):
"""Tries to activate an entitlement linked to the hardware info that we
read from the bios.
Returns an ActivationResult.
Can raise:
Invalid number.
Hardware info is not entitling.
Communication errors, etc
## import pprint
## pprint.pprint(hardwareInfo)
other = {}
if orgId:
other = {'org_id': orgId}
server = rhnserver.RhnServer()
result = server.registration.activate_hardware_info(username, password,
hardwareInfo, other)
statusCode = result['status_code']
regNum = result['registration_number']
log.log_debug('Server returned status code %s' % statusCode)
if statusCode == 0:
return ActivationResult(ActivationResult.ACTIVATED_NOW, regNum)
elif statusCode == 1:
return ActivationResult(ActivationResult.ALREADY_USED, regNum)
message = "The server returned unknown status code %s while activating" \
" the hardware info." % statusCode
raise up2dateErrors.CommunicationError(message)
def spawnRhnCheckForUI():
if os.access("/usr/sbin/rhn_check", os.R_OK|os.X_OK):
from subprocess import Popen, PIPE
p = Popen(["/usr/sbin/rhn_check"], stdin=PIPE, stdout=PIPE, \
map(lambda x:log.log_me(x), p.stdout.readlines() + \
log.log_me("Warning: unable to run rhn_check")
if getPlatform() == 'deb':
def pluginEnable():
"""On Debian no extra action for plugin is needed"""
return 1, 0
from up2date_client.pmPlugin import pluginEnable
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists