Ubuntu
walinuxagent package

Merge lp:~louis/ubuntu/precise/walinuxagent/walinuxagent-lp1079897 into lp:ubuntu/precise-proposed/walinuxagent

  1. Precise (12.04)
  2. walinuxagent-lp1079897
  3. Merge into precise-proposed
Proposed by Louis Bouchard
Status: Merged
Merge reported by: James Page
Merged at revision: not available
Proposed branch: lp:~louis/ubuntu/precise/walinuxagent/walinuxagent-lp1079897
Merge into: lp:ubuntu/precise-proposed/walinuxagent
Diff against target: 5628 lines (+269/-5041)
19 files modified
.pc/000_ubuntu_init_resolvconf.patch/waagent (+0/-2335)
.pc/001_ubuntu_agent_startup.patch/waagent (+0/-2395)
.pc/applied-patches (+0/-2)
Changelog (+12/-0)
debian/changelog (+34/-0)
debian/control (+10/-0)
debian/patches/000_resolv-conf.patch (+32/-0)
debian/patches/000_ubuntu_init_resolvconf.patch (+0/-153)
debian/patches/001-strip-init-d.patch (+36/-0)
debian/patches/001_ubuntu_agent_startup.patch (+0/-22)
debian/patches/series (+2/-2)
debian/postinst (+7/-2)
debian/preinst (+16/-0)
debian/prerm (+2/-3)
debian/rules (+3/-4)
debian/upstart (+24/-0)
debian/walinuxagent-data-saver.lintian-overrides (+10/-0)
debian/walinuxagent-data-saver.preinst (+16/-0)
waagent (+65/-123)
To merge this branch: bzr merge lp:~louis/ubuntu/precise/walinuxagent/walinuxagent-lp1079897
Reviewer Review Type Date Requested Status
Ubuntu Development Team Pending
Review via email: mp+136698@code.launchpad.net

Description of the change

Backport of the fix for LP: #1079897 from Raring

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== removed directory '.pc/000_ubuntu_init_resolvconf.patch'
2=== removed file '.pc/000_ubuntu_init_resolvconf.patch/waagent'
3--- .pc/000_ubuntu_init_resolvconf.patch/waagent 2012-06-22 09:10:22 +0000
4+++ .pc/000_ubuntu_init_resolvconf.patch/waagent 1970-01-01 00:00:00 +0000
5@@ -1,2335 +0,0 @@
6-#!/usr/bin/python
7-#
8-# Windows Azure Linux Agent
9-#
10-# Copyright 2012 Microsoft Corporation
11-#
12-# Licensed under the Apache License, Version 2.0 (the "License");
13-# you may not use this file except in compliance with the License.
14-# You may obtain a copy of the License at
15-#
16-# http://www.apache.org/licenses/LICENSE-2.0
17-#
18-# Unless required by applicable law or agreed to in writing, software
19-# distributed under the License is distributed on an "AS IS" BASIS,
20-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21-# See the License for the specific language governing permissions and
22-# limitations under the License.
23-#
24-# Requires Python 2.4+ and Openssl 1.0+
25-#
26-# Implements parts of RFC 2131, 1541, 1497 and
27-# http://msdn.microsoft.com/en-us/library/cc227282%28PROT.10%29.aspx
28-# http://msdn.microsoft.com/en-us/library/cc227259%28PROT.13%29.aspx
29-#
30-
31-import array
32-import base64
33-import httplib
34-import os
35-import os.path
36-import platform
37-import pwd
38-import re
39-import shutil
40-import socket
41-import SocketServer
42-import struct
43-import sys
44-import tempfile
45-import textwrap
46-import threading
47-import time
48-import traceback
49-import xml.dom.minidom
50-
51-GuestAgentName = "WALinuxAgent"
52-GuestAgentLongName = "Windows Azure Linux Agent"
53-GuestAgentVersion = "rd_wala.120504-1323"
54-ProtocolVersion = "2011-12-31"
55-
56-Config = None
57-LinuxDistro = "UNKNOWN"
58-Verbose = False
59-WaAgent = None
60-DiskActivated = False
61-Openssl = "openssl"
62-
63-PossibleEthernetInterfaces = ["seth0", "seth1", "eth0", "eth1"]
64-RulesFiles = [ "/lib/udev/rules.d/75-persistent-net-generator.rules",
65- "/etc/udev/rules.d/70-persistent-net.rules" ]
66-VarLibDhcpDirectories = ["/var/lib/dhclient", "/var/lib/dhcpcd", "/var/lib/dhcp"]
67-EtcDhcpClientConfFiles = ["/etc/dhcp/dhclient.conf", "/etc/dhcp3/dhclient.conf"]
68-LibDir = "/var/lib/waagent"
69-
70-# This lets us index into a string or an array of integers transparently.
71-def Ord(a):
72- if type(a) == type("a"):
73- a = ord(a)
74- return a
75-
76-def IsWindows():
77- return (platform.uname()[0] == "Windows")
78-
79-def IsLinux():
80- return (platform.uname()[0] == "Linux")
81-
82-def DetectLinuxDistro():
83- global LinuxDistro
84- if os.path.isfile("/etc/redhat-release"):
85- LinuxDistro = "RedHat"
86- return True
87- if os.path.isfile("/etc/lsb-release") and "Ubuntu" in GetFileContents("/etc/lsb-release"):
88- LinuxDistro = "Ubuntu"
89- return True
90- if os.path.isfile("/etc/debian_version"):
91- LinuxDistro = "Debian"
92- return True
93- if os.path.isfile("/etc/SuSE-release"):
94- LinuxDistro = "Suse"
95- return True
96- return False
97-
98-def IsRedHat():
99- return "RedHat" in LinuxDistro
100-
101-def IsUbuntu():
102- return "Ubuntu" in LinuxDistro
103-
104-def IsDebian():
105- return IsUbuntu() or "Debian" in LinuxDistro
106-
107-def IsSuse():
108- return "Suse" in LinuxDistro
109-
110-def UsesRpm():
111- return IsRedHat() or IsSuse()
112-
113-def UsesDpkg():
114- return IsDebian()
115-
116-def GetLastPathElement(path):
117- return path.rsplit('/', 1)[1]
118-
119-def GetFileContents(filepath):
120- file = None
121- try:
122- file = open(filepath)
123- except:
124- return None
125- if file == None:
126- return None
127- try:
128- return file.read()
129- finally:
130- file.close()
131-
132-def SetFileContents(filepath, contents):
133- file = open(filepath, "w")
134- try:
135- file.write(contents)
136- finally:
137- file.close()
138-
139-def AppendFileContents(filepath, contents):
140- file = open(filepath, "a")
141- try:
142- file.write(contents)
143- finally:
144- file.close()
145-
146-def ReplaceFileContentsAtomic(filepath, contents):
147- handle, temp = tempfile.mkstemp(dir = os.path.dirname(filepath))
148- try:
149- os.write(handle, contents)
150- finally:
151- os.close(handle)
152- try:
153- os.rename(temp, filepath)
154- return
155- except:
156- pass
157- os.remove(filepath)
158- os.rename(temp, filepath)
159-
160-def GetLineStartingWith(prefix, filepath):
161- for line in GetFileContents(filepath).split('\n'):
162- if line.startswith(prefix):
163- return line
164- return None
165-
166-def Run(a):
167- LogIfVerbose(a)
168- return os.system(a)
169-
170-def GetNodeTextData(a):
171- for b in a.childNodes:
172- if b.nodeType == b.TEXT_NODE:
173- return b.data
174-
175-def GetHome():
176- home = None
177- try:
178- home = GetLineStartingWith("HOME", "/etc/default/useradd").split('=')[1].strip()
179- except:
180- pass
181- if (home == None) or (home.startswith("/") == False):
182- home = "/home"
183- return home
184-
185-def ChangeOwner(filepath, user):
186- p = None
187- try:
188- p = pwd.getpwnam(user)
189- except:
190- pass
191- if p != None:
192- os.chown(filepath, p[2], p[3])
193-
194-def CreateDir(dirpath, user, mode):
195- try:
196- os.makedirs(dirpath, mode)
197- except:
198- pass
199- ChangeOwner(dirpath, user)
200-
201-def CreateAccount(user, password, expiration, thumbprint):
202- if IsWindows():
203- Log("Skipping CreateAccount on Windows")
204- return None
205- userentry = None
206- try:
207- userentry = pwd.getpwnam(user)
208- except:
209- pass
210- uidmin = None
211- try:
212- uidmin = int(GetLineStartingWith("UID_MIN", "/etc/login.defs").split()[1])
213- except:
214- pass
215- if uidmin == None:
216- uidmin = 100
217- if userentry != None and userentry[2] < uidmin:
218- Error("CreateAccount: " + user + " is a system user. Will not set password.")
219- return "Failed to set password for system user: " + user + " (0x06)."
220- if userentry == None:
221- command = "useradd -m " + user
222- if expiration != None:
223- command += " -e " + expiration.split('.')[0]
224- if Run(command):
225- Error("Failed to create user account: " + user)
226- return "Failed to create user account: " + user + " (0x07)."
227- else:
228- Log("CreateAccount: " + user + " already exists. Will update password.")
229- if password != None:
230- os.popen("chpasswd", "w").write(user + ":" + password + "\n")
231- try:
232- if password == None:
233- SetFileContents("/etc/sudoers.d/waagent", user + " ALL = (ALL) NOPASSWD: ALL\n")
234- else:
235- SetFileContents("/etc/sudoers.d/waagent", user + " ALL = (ALL) ALL\n")
236- os.chmod("/etc/sudoers.d/waagent", 0440)
237- except:
238- Error("CreateAccount: Failed to configure sudo access for user.")
239- return "Failed to configure sudo privileges (0x08)."
240- home = GetHome()
241- if thumbprint != None:
242- dir = home + "/" + user + "/.ssh"
243- CreateDir(dir, user, 0700)
244- pub = dir + "/id_rsa.pub"
245- prv = dir + "/id_rsa"
246- Run("ssh-keygen -y -f " + thumbprint + ".prv > " + pub)
247- SetFileContents(prv, GetFileContents(thumbprint + ".prv"))
248- for f in [pub, prv]:
249- os.chmod(f, 0600)
250- ChangeOwner(f, user)
251- SetFileContents(dir + "/authorized_keys", GetFileContents(pub))
252- ChangeOwner(dir + "/authorized_keys", user)
253- Log("Created user account: " + user)
254- return None
255-
256-def DeleteAccount(user):
257- if IsWindows():
258- Log("Skipping DeleteAccount on Windows")
259- return
260- userentry = None
261- try:
262- userentry = pwd.getpwnam(user)
263- except:
264- pass
265- if userentry == None:
266- Error("DeleteAccount: " + user + " not found.")
267- return
268- uidmin = None
269- try:
270- uidmin = int(GetLineStartingWith("UID_MIN", "/etc/login.defs").split()[1])
271- except:
272- pass
273- if uidmin == None:
274- uidmin = 100
275- if userentry[2] < uidmin:
276- Error("DeleteAccount: " + user + " is a system user. Will not delete account.")
277- return
278- Run("userdel -f -r " + user)
279- try:
280- os.remove("/etc/sudoers.d/waagent")
281- except:
282- pass
283- return
284-
285-def ReloadSshd():
286- name = None
287- if IsRedHat() or IsSuse():
288- name = "sshd"
289- if IsDebian():
290- name = "ssh"
291- if name == None:
292- return
293- if not Run("service " + name + " status | grep running"):
294- Run("service " + name + " reload")
295-
296-def IsInRangeInclusive(a, low, high):
297- return (a >= low and a <= high)
298-
299-def IsPrintable(ch):
300- return IsInRangeInclusive(ch, Ord('A'), Ord('Z')) or IsInRangeInclusive(ch, Ord('a'), Ord('z')) or IsInRangeInclusive(ch, Ord('0'), Ord('9'))
301-
302-def HexDump(buffer, size):
303- if size < 0:
304- size = len(buffer)
305- result = ""
306- for i in range(0, size):
307- if (i % 16) == 0:
308- result += "%06X: " % i
309- byte = struct.unpack("B", buffer[i])[0]
310- result += "%02X " % byte
311- if (i & 15) == 7:
312- result += " "
313- if ((i + 1) % 16) == 0 or (i + 1) == size:
314- j = i
315- while ((j + 1) % 16) != 0:
316- result += " "
317- if (j & 7) == 7:
318- result += " "
319- j += 1
320- result += " "
321- for j in range(i - (i % 16), i + 1):
322- byte = struct.unpack("B", buffer[j])[0]
323- k = '.'
324- if IsPrintable(byte):
325- k = chr(byte)
326- result += k
327- if (i + 1) != size:
328- result += "\n"
329- return result
330-
331-def ThrottleLog(counter):
332- # Log everything up to 10, every 10 up to 100, then every 100.
333- return (counter < 10) or ((counter < 100) and ((counter % 10) == 0)) or ((counter % 100) == 0)
334-
335-def Logger():
336- class T(object):
337- def __init__(self):
338- self.File = None
339-
340- self = T()
341-
342- def LogToFile(message):
343- FilePath = ["/var/log/waagent.log", "waagent.log"][IsWindows()]
344- if not os.path.isfile(FilePath) and self.File != None:
345- self.File.close()
346- self.File = None
347- if self.File == None:
348- self.File = open(FilePath, "a")
349- self.File.write(message + "\n")
350- self.File.flush()
351-
352- def Log(message):
353- LogWithPrefix("", message)
354-
355- def LogWithPrefix(prefix, message):
356- t = time.localtime()
357- t = "%04u/%02u/%02u %02u:%02u:%02u " % (t.tm_year, t.tm_mon, t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec)
358- t += prefix
359- for line in message.split('\n'):
360- line = t + line
361- print(line)
362- LogToFile(line)
363-
364- return Log, LogWithPrefix
365-
366-Log, LogWithPrefix = Logger()
367-
368-def NoLog(message):
369- pass
370-
371-def LogIfVerbose(message):
372- if Verbose == True:
373- Log(message)
374-
375-def LogWithPrefixIfVerbose(prefix, message):
376- if Verbose == True:
377- LogWithPrefix(prefix, message)
378-
379-def Warn(message):
380- LogWithPrefix("WARNING:", message)
381-
382-def Error(message):
383- LogWithPrefix("ERROR:", message)
384-
385-def ErrorWithPrefix(prefix, message):
386- LogWithPrefix("ERROR:" + prefix, message)
387-
388-def Linux_ioctl_GetIpv4Address(ifname):
389- import fcntl
390- s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
391- return socket.inet_ntoa(fcntl.ioctl(s.fileno(), 0x8915, struct.pack('256s', ifname[:15]))[20:24])
392-
393-def Linux_ioctl_GetInterfaceMac(ifname):
394- import fcntl
395- s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
396- info = fcntl.ioctl(s.fileno(), 0x8927, struct.pack('256s', ifname[:15]))
397- return ''.join(['%02X' % Ord(char) for char in info[18:24]])
398-
399-def GetIpv4Address():
400- if IsLinux():
401- for ifname in PossibleEthernetInterfaces:
402- try:
403- return Linux_ioctl_GetIpv4Address(ifname)
404- except IOError, e:
405- pass
406- else:
407- try:
408- return socket.gethostbyname(socket.gethostname())
409- except Exception, e:
410- ErrorWithPrefix("GetIpv4Address:", str(e))
411- ErrorWithPrefix("GetIpv4Address:", traceback.format_exc())
412-
413-def HexStringToByteArray(a):
414- b = ""
415- for c in range(0, len(a) / 2):
416- b += struct.pack("B", int(a[c * 2:c * 2 + 2], 16))
417- return b
418-
419-def GetMacAddress():
420- if IsWindows():
421- # Windows: Physical Address. . . . . . . . . : 00-15-17-79-00-7F\n
422- a = "ipconfig /all | findstr /c:\"Physical Address\" | findstr /v \"00-00-00-00-00-00-00\""
423- a = os.popen(a).read()
424- a = re.sub("\s+$", "", a)
425- a = re.sub(".+ ", "", a)
426- a = re.sub(":", "", a)
427- a = re.sub("-", "", a)
428- else:
429- for ifname in PossibleEthernetInterfaces:
430- try:
431- a = Linux_ioctl_GetInterfaceMac(ifname)
432- break
433- except IOError, e:
434- pass
435- return HexStringToByteArray(a)
436-
437-def DeviceForIdePort(n):
438- if n > 3:
439- return None
440- g0 = "00000000"
441- if n > 1:
442- g0 = "00000001"
443- n = n - 2
444- device = None
445- path="/sys/bus/vmbus/devices/"
446- for vmbus in os.listdir(path):
447- guid=GetFileContents(path + vmbus + "/device_id").lstrip('{').split('-')
448- if guid[0] == g0 and guid[1] == "000" + str(n):
449- for root, dirs, files in os.walk(path + vmbus):
450- if root.endswith("/block"):
451- device = dirs[0]
452- break
453- break
454- return device
455-
456-class Util(object):
457- def _HttpGet(self, url, headers):
458- LogIfVerbose("HttpGet(" + url + ")")
459- maxRetry = 2
460- if url.startswith("http://"):
461- url = url[7:]
462- url = url[url.index("/"):]
463- for retry in range(0, maxRetry + 1):
464- strRetry = str(retry)
465- log = [NoLog, Log][retry > 0]
466- log("retry HttpGet(" + url + "),retry=" + strRetry)
467- response = None
468- strStatus = "None"
469- try:
470- httpConnection = httplib.HTTPConnection(self.Endpoint)
471- if headers == None:
472- request = httpConnection.request("GET", url)
473- else:
474- request = httpConnection.request("GET", url, None, headers)
475- response = httpConnection.getresponse()
476- strStatus = str(response.status)
477- except:
478- pass
479- log("response HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
480- if response == None or response.status != httplib.OK:
481- Error("HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
482- if retry == maxRetry:
483- Log("return HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
484- return None
485- else:
486- Log("sleep 10 seconds HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
487- time.sleep(10)
488- else:
489- log("return HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
490- return response.read()
491-
492- def HttpGetWithoutHeaders(self, url):
493- return self._HttpGet(url, None)
494-
495- def HttpGetWithHeaders(self, url):
496- return self._HttpGet(url, {"x-ms-agent-name": GuestAgentName, "x-ms-version": ProtocolVersion})
497-
498- def HttpSecureGetWithHeaders(self, url, transportCert):
499- return self._HttpGet(url, {"x-ms-agent-name": GuestAgentName,
500- "x-ms-version": ProtocolVersion,
501- "x-ms-cipher-name": "DES_EDE3_CBC",
502- "x-ms-guest-agent-public-x509-cert": transportCert})
503-
504- def HttpPost(self, url, data):
505- LogIfVerbose("HttpPost(" + url + ")")
506- maxRetry = 2
507- for retry in range(0, maxRetry + 1):
508- strRetry = str(retry)
509- log = [NoLog, Log][retry > 0]
510- log("retry HttpPost(" + url + "),retry=" + strRetry)
511- response = None
512- strStatus = "None"
513- try:
514- httpConnection = httplib.HTTPConnection(self.Endpoint)
515- request = httpConnection.request("POST", url, data, {"x-ms-agent-name": GuestAgentName,
516- "Content-Type": "text/xml; charset=utf-8",
517- "x-ms-version": ProtocolVersion})
518- response = httpConnection.getresponse()
519- strStatus = str(response.status)
520- except:
521- pass
522- log("response HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
523- if response == None or (response.status != httplib.OK and response.status != httplib.ACCEPTED):
524- Error("HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
525- if retry == maxRetry:
526- Log("return HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
527- return None
528- else:
529- Log("sleep 10 seconds HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
530- time.sleep(10)
531- else:
532- log("return HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
533- return response
534-
535-def LoadBalancerProbeServer(port):
536-
537- class T(object):
538- def __init__(self, port):
539- enabled = Config.get("LBProbeResponder")
540- if enabled != None and enabled.lower().startswith("n"):
541- return
542- self.ProbeCounter = 0
543- self.server = SocketServer.TCPServer((GetIpv4Address(), port), TCPHandler)
544- self.server_thread = threading.Thread(target = self.server.serve_forever)
545- self.server_thread.setDaemon(True)
546- self.server_thread.start()
547-
548- def shutdown(self):
549- global EnableLoadBalancerProbes
550- if not EnableLoadBalancerProbes:
551- return
552- self.server.shutdown()
553-
554- class TCPHandler(SocketServer.BaseRequestHandler):
555- def GetHttpDateTimeNow(self):
556- # Date: Fri, 25 Mar 2011 04:53:10 GMT
557- return time.strftime("%a, %d %b %Y %H:%M:%S GMT", time.gmtime())
558-
559- def handle(self):
560- context.ProbeCounter = (context.ProbeCounter + 1) % 1000000
561- log = [NoLog, LogIfVerbose][ThrottleLog(context.ProbeCounter)]
562- strCounter = str(context.ProbeCounter)
563- if context.ProbeCounter == 1:
564- Log("Receiving LB probes.")
565- log("Received LB probe # " + strCounter)
566- self.request.recv(1024)
567- self.request.send("HTTP/1.1 200 OK\r\nContent-Length: 2\r\nContent-Type: text/html\r\nDate: " + self.GetHttpDateTimeNow() + "\r\n\r\nOK")
568-
569- context = T(port)
570- return context
571-
572-class ConfigurationProvider(object):
573- def __init__(self):
574- self.values = dict()
575- if os.path.isfile("/etc/waagent.conf") == False:
576- raise Exception("Missing configuration in /etc/waagent.conf")
577- try:
578- for line in GetFileContents("/etc/waagent.conf").split('\n'):
579- if not line.startswith("#") and "=" in line:
580- parts = line.split()[0].split('=')
581- value = parts[1].strip("\" ")
582- if value != "None":
583- self.values[parts[0]] = value
584- else:
585- self.values[parts[0]] = None
586- except:
587- Error("Unable to parse /etc/waagent.conf")
588- raise
589- return
590-
591- def get(self, key):
592- return self.values.get(key)
593-
594-class EnvMonitor(object):
595- def __init__(self):
596- self.shutdown = False
597- self.HostName = socket.gethostname()
598- self.server_thread = threading.Thread(target = self.monitor)
599- self.server_thread.setDaemon(True)
600- self.server_thread.start()
601- self.published = False
602-
603- def monitor(self):
604- publish = Config.get("Provisioning.MonitorHostName")
605- dhcpcmd = "pidof dhclient"
606- if IsSuse():
607- dhcpcmd = "pidof dhcpcd"
608- if IsDebian():
609- dhcpcmd = "pidof dhclient3"
610- dhcppid = os.popen(dhcpcmd).read()
611- while not self.shutdown:
612- for a in RulesFiles:
613- if os.path.isfile(a):
614- if os.path.isfile(GetLastPathElement(a)):
615- os.remove(GetLastPathElement(a))
616- shutil.move(a, ".")
617- Log("EnvMonitor: Moved " + a + " -> " + LibDir)
618- if publish != None and publish.lower().startswith("y"):
619- try:
620- if socket.gethostname() != self.HostName:
621- Log("EnvMonitor: Detected host name change: " + self.HostName + " -> " + socket.gethostname())
622- self.HostName = socket.gethostname()
623- WaAgent.UpdateAndPublishHostName(self.HostName)
624- dhcppid = os.popen(dhcpcmd).read()
625- self.published = True
626- except:
627- pass
628- else:
629- self.published = True
630- pid = ""
631- if not os.path.isdir("/proc/" + dhcppid.strip()):
632- pid = os.popen(dhcpcmd).read()
633- if pid != "" and pid != dhcppid:
634- Log("EnvMonitor: Detected dhcp client restart. Restoring routing table.")
635- WaAgent.RestoreRoutes()
636- dhcppid = pid
637- time.sleep(5)
638-
639- def SetHostName(self, name):
640- if socket.gethostname() == name:
641- self.published = True
642- else:
643- Run("hostname " + name)
644-
645- def IsNamePublished(self):
646- return self.published
647-
648- def shutdown(self):
649- self.shutdown = True
650- self.server_thread.join()
651-
652-class Certificates(object):
653-#
654-# <CertificateFile xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="certificates10.xsd">
655-# <Version>2010-12-15</Version>
656-# <Incarnation>2</Incarnation>
657-# <Format>Pkcs7BlobWithPfxContents</Format>
658-# <Data>MIILTAY...
659-# </Data>
660-# </CertificateFile>
661-#
662- def __init__(self):
663- self.reinitialize()
664-
665- def reinitialize(self):
666- self.Incarnation = None
667- self.Role = None
668-
669- def Parse(self, xmlText):
670- self.reinitialize()
671- SetFileContents("Certificates.xml", xmlText)
672- dom = xml.dom.minidom.parseString(xmlText)
673- for a in [ "CertificateFile", "Version", "Incarnation",
674- "Format", "Data", ]:
675- if not dom.getElementsByTagName(a):
676- Error("Certificates.Parse: Missing " + a)
677- return None
678- node = dom.childNodes[0]
679- if node.localName != "CertificateFile":
680- Error("Certificates.Parse: root not CertificateFile")
681- return None
682- SetFileContents("Certificates.p7m",
683- "MIME-Version: 1.0\n"
684- + "Content-Disposition: attachment; filename=\"Certificates.p7m\"\n"
685- + "Content-Type: application/x-pkcs7-mime; name=\"Certificates.p7m\"\n"
686- + "Content-Transfer-Encoding: base64\n\n"
687- + GetNodeTextData(dom.getElementsByTagName("Data")[0]))
688- if Run(Openssl + " cms -decrypt -in Certificates.p7m -inkey TransportPrivate.pem -recip TransportCert.pem | " + Openssl + " pkcs12 -nodes -password pass: -out Certificates.pem"):
689- Error("Certificates.Parse: Failed to extract certificates from CMS message.")
690- return self
691- # There may be multiple certificates in this package. Split them.
692- file = open("Certificates.pem")
693- pindex = 1
694- cindex = 1
695- output = open("temp.pem", "w")
696- for line in file.readlines():
697- output.write(line)
698- if line.startswith("-----END PRIVATE KEY-----") or line.startswith("-----END CERTIFICATE-----"):
699- output.close()
700- if line.startswith("-----END PRIVATE KEY-----"):
701- os.rename("temp.pem", str(pindex) + ".prv")
702- pindex += 1
703- else:
704- os.rename("temp.pem", str(cindex) + ".crt")
705- cindex += 1
706- output = open("temp.pem", "w")
707- output.close()
708- os.remove("temp.pem")
709- keys = dict()
710- index = 1
711- filename = str(index) + ".crt"
712- while os.path.isfile(filename):
713- thumbprint = os.popen(Openssl + " x509 -in " + filename + " -fingerprint -noout").read().rstrip().split('=')[1].replace(':', '').upper()
714- pubkey=os.popen(Openssl + " x509 -in " + filename + " -pubkey -noout").read()
715- keys[pubkey] = thumbprint
716- os.rename(filename, thumbprint + ".crt")
717- os.chmod(thumbprint + ".crt", 0600)
718- if IsRedHat():
719- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + thumbprint + ".crt")
720- index += 1
721- filename = str(index) + ".crt"
722- index = 1
723- filename = str(index) + ".prv"
724- while os.path.isfile(filename):
725- pubkey = os.popen(Openssl + " rsa -in " + filename + " -pubout").read()
726- os.rename(filename, keys[pubkey] + ".prv")
727- os.chmod(keys[pubkey] + ".prv", 0600)
728- if IsRedHat():
729- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + keys[pubkey] + ".prv")
730- index += 1
731- filename = str(index) + ".prv"
732- return self
733-
734-class SharedConfig(object):
735-#
736-# <SharedConfig version="1.0.0.0" goalStateIncarnation="1">
737-# <Deployment name="db00a7755a5e4e8a8fe4b19bc3b330c3" guid="{ce5a036f-5c93-40e7-8adf-2613631008ab}" incarnation="2">
738-# <Service name="MyVMRoleService" guid="{00000000-0000-0000-0000-000000000000}" />
739-# <ServiceInstance name="db00a7755a5e4e8a8fe4b19bc3b330c3.1" guid="{d113f4d7-9ead-4e73-b715-b724b5b7842c}" />
740-# </Deployment>
741-# <Incarnation number="1" instance="MachineRole_IN_0" guid="{a0faca35-52e5-4ec7-8fd1-63d2bc107d9b}" />
742-# <Role guid="{73d95f1c-6472-e58e-7a1a-523554e11d46}" name="MachineRole" settleTimeSeconds="10" />
743-# <LoadBalancerSettings timeoutSeconds="0" waitLoadBalancerProbeCount="8">
744-# <Probes>
745-# <Probe name="MachineRole" />
746-# <Probe name="55B17C5E41A1E1E8FA991CF80FAC8E55" />
747-# <Probe name="3EA4DBC19418F0A766A4C19D431FA45F" />
748-# </Probes>
749-# </LoadBalancerSettings>
750-# <OutputEndpoints>
751-# <Endpoint name="MachineRole:Microsoft.WindowsAzure.Plugins.RemoteAccess.Rdp" type="SFS">
752-# <Target instance="MachineRole_IN_0" endpoint="Microsoft.WindowsAzure.Plugins.RemoteAccess.Rdp" />
753-# </Endpoint>
754-# </OutputEndpoints>
755-# <Instances>
756-# <Instance id="MachineRole_IN_0" address="10.115.153.75">
757-# <FaultDomains randomId="0" updateId="0" updateCount="0" />
758-# <InputEndpoints>
759-# <Endpoint name="a" address="10.115.153.75:80" protocol="http" isPublic="true" loadBalancedPublicAddress="70.37.106.197:80" enableDirectServerReturn="false" isDirectAddress="false" disableStealthMode="false">
760-# <LocalPorts>
761-# <LocalPortRange from="80" to="80" />
762-# </LocalPorts>
763-# </Endpoint>
764-# <Endpoint name="Microsoft.WindowsAzure.Plugins.RemoteAccess.Rdp" address="10.115.153.75:3389" protocol="tcp" isPublic="false" enableDirectServerReturn="false" isDirectAddress="false" disableStealthMode="false">
765-# <LocalPorts>
766-# <LocalPortRange from="3389" to="3389" />
767-# </LocalPorts>
768-# </Endpoint>
769-# <Endpoint name="Microsoft.WindowsAzure.Plugins.RemoteForwarder.RdpInput" address="10.115.153.75:20000" protocol="tcp" isPublic="true" loadBalancedPublicAddress="70.37.106.197:3389" enableDirectServerReturn="false" isDirectAddress="false" disableStealthMode="false">
770-# <LocalPorts>
771-# <LocalPortRange from="20000" to="20000" />
772-# </LocalPorts>
773-# </Endpoint>
774-# </InputEndpoints>
775-# </Instance>
776-# </Instances>
777-# </SharedConfig>
778-#
779- def __init__(self):
780- self.reinitialize()
781-
782- def reinitialize(self):
783- self.Deployment = None
784- self.Incarnation = None
785- self.Role = None
786- self.LoadBalancerSettings = None
787- self.OutputEndpoints = None
788- self.Instances = None
789-
790- def Parse(self, xmlText):
791- self.reinitialize()
792- SetFileContents("SharedConfig.xml", xmlText)
793- dom = xml.dom.minidom.parseString(xmlText)
794- for a in [ "SharedConfig", "Deployment", "Service",
795- "ServiceInstance", "Incarnation", "Role", ]:
796- if not dom.getElementsByTagName(a):
797- Error("SharedConfig.Parse: Missing " + a)
798- return None
799- node = dom.childNodes[0]
800- if node.localName != "SharedConfig":
801- Error("SharedConfig.Parse: root not SharedConfig")
802- return None
803- program = Config.get("Role.TopologyConsumer")
804- if program != None:
805- os.spawnl(os.P_NOWAIT, program, program, LibDir + "/SharedConfig.xml")
806- return self
807-
808-class HostingEnvironmentConfig(object):
809-#
810-# <HostingEnvironmentConfig version="1.0.0.0" goalStateIncarnation="1">
811-# <StoredCertificates>
812-# <StoredCertificate name="Stored0Microsoft.WindowsAzure.Plugins.RemoteAccess.PasswordEncryption" certificateId="sha1:C093FA5CD3AAE057CB7C4E04532B2E16E07C26CA" storeName="My" configurationLevel="System" />
813-# </StoredCertificates>
814-# <Deployment name="db00a7755a5e4e8a8fe4b19bc3b330c3" guid="{ce5a036f-5c93-40e7-8adf-2613631008ab}" incarnation="2">
815-# <Service name="MyVMRoleService" guid="{00000000-0000-0000-0000-000000000000}" />
816-# <ServiceInstance name="db00a7755a5e4e8a8fe4b19bc3b330c3.1" guid="{d113f4d7-9ead-4e73-b715-b724b5b7842c}" />
817-# </Deployment>
818-# <Incarnation number="1" instance="MachineRole_IN_0" guid="{a0faca35-52e5-4ec7-8fd1-63d2bc107d9b}" />
819-# <Role guid="{73d95f1c-6472-e58e-7a1a-523554e11d46}" name="MachineRole" hostingEnvironmentVersion="1" software="" softwareType="ApplicationPackage" entryPoint="" parameters="" settleTimeSeconds="10" />
820-# <HostingEnvironmentSettings name="full" Runtime="rd_fabric_stable.110217-1402.RuntimePackage_1.0.0.8.zip">
821-# <CAS mode="full" />
822-# <PrivilegeLevel mode="max" />
823-# <AdditionalProperties><CgiHandlers></CgiHandlers></AdditionalProperties>
824-# </HostingEnvironmentSettings>
825-# <ApplicationSettings>
826-# <Setting name="__ModelData" value="&lt;m role=&quot;MachineRole&quot; xmlns=&quot;urn:azure:m:v1&quot;>&lt;r name=&quot;MachineRole&quot;>&lt;e name=&quot;a&quot; />&lt;e name=&quot;b&quot; />&lt;e name=&quot;Microsoft.WindowsAzure.Plugins.RemoteAccess.Rdp&quot; />&lt;e name=&quot;Microsoft.WindowsAzure.Plugins.RemoteForwarder.RdpInput&quot; />&lt;/r>&lt;/m>" />
827-# <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" value="DefaultEndpointsProtocol=http;AccountName=osimages;AccountKey=DNZQ..." />
828-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountEncryptedPassword" value="MIIBnQYJKoZIhvcN..." />
829-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountExpiration" value="2022-07-23T23:59:59.0000000-07:00" />
830-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountUsername" value="test" />
831-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.Enabled" value="true" />
832-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteForwarder.Enabled" value="true" />
833-# <Setting name="Certificate|Microsoft.WindowsAzure.Plugins.RemoteAccess.PasswordEncryption" value="sha1:C093FA5CD3AAE057CB7C4E04532B2E16E07C26CA" />
834-# </ApplicationSettings>
835-# <ResourceReferences>
836-# <Resource name="DiagnosticStore" type="directory" request="Microsoft.Cis.Fabric.Controller.Descriptions.ServiceDescription.Data.Policy" sticky="true" size="1" path="db00a7755a5e4e8a8fe4b19bc3b330c3.MachineRole.DiagnosticStore\" disableQuota="false" />
837-# </ResourceReferences>
838-# </HostingEnvironmentConfig>
839-#
840- def __init__(self):
841- self.reinitialize()
842-
843- def reinitialize(self):
844- self.StoredCertificates = None
845- self.Deployment = None
846- self.Incarnation = None
847- self.Role = None
848- self.HostingEnvironmentSettings = None
849- self.ApplicationSettings = None
850- self.Certificates = None
851- self.ResourceReferences = None
852-
853- def Parse(self, xmlText):
854- self.reinitialize()
855- SetFileContents("HostingEnvironmentConfig.xml", xmlText)
856- dom = xml.dom.minidom.parseString(xmlText)
857- for a in [ "HostingEnvironmentConfig", "Deployment", "Service",
858- "ServiceInstance", "Incarnation", "Role", ]:
859- if not dom.getElementsByTagName(a):
860- Error("HostingEnvironmentConfig.Parse: Missing " + a)
861- return None
862- node = dom.childNodes[0]
863- if node.localName != "HostingEnvironmentConfig":
864- Error("HostingEnvironmentConfig.Parse: root not HostingEnvironmentConfig")
865- return None
866- self.ApplicationSettings = dom.getElementsByTagName("Setting")
867- self.Certificates = dom.getElementsByTagName("StoredCertificate")
868- return self
869-
870- def DecryptPassword(self, e):
871- SetFileContents("password.p7m",
872- "MIME-Version: 1.0\n"
873- + "Content-Disposition: attachment; filename=\"password.p7m\"\n"
874- + "Content-Type: application/x-pkcs7-mime; name=\"password.p7m\"\n"
875- + "Content-Transfer-Encoding: base64\n\n"
876- + textwrap.fill(e, 64))
877- return os.popen(Openssl + " cms -decrypt -in password.p7m -inkey Certificates.pem -recip Certificates.pem").read()
878-
879- def ActivateResourceDisk(self):
880- global DiskActivated
881- if IsWindows():
882- DiskActivated = True
883- Log("Skipping ActivateResourceDisk on Windows")
884- return
885- format = Config.get("ResourceDisk.Format")
886- if format == None or format.lower().startswith("n"):
887- DiskActivated = True
888- return
889- device = DeviceForIdePort(1)
890- if device == None:
891- Error("ActivateResourceDisk: Unable to detect disk topology.")
892- return
893- device = "/dev/" + device
894- for entry in os.popen("mount").read().split():
895- if entry.startswith(device + "1"):
896- Log("ActivateResourceDisk: " + device + "1 is already mounted.")
897- DiskActivated = True
898- return
899- mountpoint = Config.get("ResourceDisk.MountPoint")
900- if mountpoint == None:
901- mountpoint = "/mnt/resource"
902- CreateDir(mountpoint, "root", 0755)
903- fs = Config.get("ResourceDisk.Filesystem")
904- if fs == None:
905- fs = "ext3"
906- if os.popen("sfdisk -q -c " + device + " 1").read().rstrip() == "7" and fs != "ntfs":
907- Run("sfdisk -c " + device + " 1 83")
908- Run("mkfs." + fs + " " + device + "1")
909- if Run("mount " + device + "1 " + mountpoint):
910- Error("ActivateResourceDisk: Failed to mount resource disk (" + device + "1).")
911- return
912- Log("Resource disk (" + device + "1) is mounted at " + mountpoint + " with fstype " + fs)
913- DiskActivated = True
914- swap = Config.get("ResourceDisk.EnableSwap")
915- if swap == None or swap.lower().startswith("n"):
916- return
917- sizeKB = int(Config.get("ResourceDisk.SwapSizeMB")) * 1024
918- if os.path.isfile(mountpoint + "/swapfile") and os.path.getsize(mountpoint + "/swapfile") != (sizeKB * 1024):
919- os.remove(mountpoint + "/swapfile")
920- if not os.path.isfile(mountpoint + "/swapfile"):
921- Run("dd if=/dev/zero of=" + mountpoint + "/swapfile bs=1024 count=" + str(sizeKB))
922- Run("mkswap " + mountpoint + "/swapfile")
923- if not Run("swapon " + mountpoint + "/swapfile"):
924- Log("Enabled " + str(sizeKB) + " KB of swap at " + mountpoint + "/swapfile")
925- else:
926- Error("ActivateResourceDisk: Failed to activate swap at " + mountpoint + "/swapfile")
927-
928- def Process(self):
929- if DiskActivated == False:
930- diskThread = threading.Thread(target = self.ActivateResourceDisk)
931- diskThread.start()
932- User = None
933- Pass = None
934- Expiration = None
935- Thumbprint = None
936- for b in self.ApplicationSettings:
937- sname = b.getAttribute("name")
938- svalue = b.getAttribute("value")
939- if sname == "Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountEncryptedPassword":
940- Pass = self.DecryptPassword(svalue)
941- elif sname == "Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountUsername":
942- User = svalue
943- elif sname == "Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountExpiration":
944- Expiration = svalue
945- elif sname == "Certificate|Microsoft.WindowsAzure.Plugins.RemoteAccess.PasswordEncryption":
946- Thumbprint = svalue.split(':')[1].upper()
947- if User != None and Pass != None:
948- if User != "root" and User != "" and Pass != "":
949- CreateAccount(User, Pass, Expiration, Thumbprint)
950- else:
951- Error("Not creating user account: user=" + User + " pass=" + Pass)
952- for c in self.Certificates:
953- cname = c.getAttribute("name")
954- csha1 = c.getAttribute("certificateId").split(':')[1].upper()
955- cpath = c.getAttribute("storeName")
956- clevel = c.getAttribute("configurationLevel")
957- if os.path.isfile(csha1 + ".prv"):
958- Log("Private key with thumbprint: " + csha1 + " was retrieved.")
959- if os.path.isfile(csha1 + ".crt"):
960- Log("Public cert with thumbprint: " + csha1 + " was retrieved.")
961- program = Config.get("Role.ConfigurationConsumer")
962- if program != None:
963- os.spawnl(os.P_NOWAIT, program, program, LibDir + "/HostingEnvironmentConfig.xml")
964-
965-class GoalState(Util):
966-#
967-# <GoalState xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="goalstate10.xsd">
968-# <Version>2010-12-15</Version>
969-# <Incarnation>1</Incarnation>
970-# <Machine>
971-# <ExpectedState>Started</ExpectedState>
972-# <LBProbePorts>
973-# <Port>16001</Port>
974-# </LBProbePorts>
975-# </Machine>
976-# <Container>
977-# <ContainerId>c6d5526c-5ac2-4200-b6e2-56f2b70c5ab2</ContainerId>
978-# <RoleInstanceList>
979-# <RoleInstance>
980-# <InstanceId>MachineRole_IN_0</InstanceId>
981-# <State>Started</State>
982-# <Configuration>
983-# <HostingEnvironmentConfig>http://10.115.153.40:80/machine/c6d5526c-5ac2-4200-b6e2-56f2b70c5ab2/MachineRole%5FIN%5F0?comp=config&amp;type=hostingEnvironmentConfig&amp;incarnation=1</HostingEnvironmentConfig>
984-# <SharedConfig>http://10.115.153.40:80/machine/c6d5526c-5ac2-4200-b6e2-56f2b70c5ab2/MachineRole%5FIN%5F0?comp=config&amp;type=sharedConfig&amp;incarnation=1</SharedConfig>
985-# <Certificates>http://10.115.153.40:80/machine/c6d5526c-5ac2-4200-b6e2-56f2b70c5ab2/MachineRole%5FIN%5F0?comp=certificates&amp;incarnation=1</Certificates>
986-# </Configuration>
987-# </RoleInstance>
988-# </RoleInstanceList>
989-# </Container>
990-# </GoalState>
991-#
992-# There is only one Role for VM images.
993-#
994-# Of primary interest is:
995-# Machine/ExpectedState -- this is how shutdown is requested
996-# LBProbePorts -- an http server needs to run here
997-# We also note Container/ContainerID and RoleInstance/InstanceId to form the health report.
998-# And of course, Incarnation
999-#
1000- def __init__(self, Agent):
1001- self.Agent = Agent
1002- self.Endpoint = Agent.Endpoint
1003- self.TransportCert = Agent.TransportCert
1004- self.reinitialize()
1005-
1006- def reinitialize(self):
1007- self.Incarnation = None # integer
1008- self.ExpectedState = None # "Started" or "Stopped"
1009- self.HostingEnvironmentConfigUrl = None
1010- self.HostingEnvironmentConfigXml = None
1011- self.HostingEnvironmentConfig = None
1012- self.SharedConfigUrl = None
1013- self.SharedConfigXml = None
1014- self.SharedConfig = None
1015- self.CertificatesUrl = None
1016- self.CertificatesXml = None
1017- self.Certificates = None
1018- self.RoleInstanceId = None
1019- self.ContainerId = None
1020- self.LoadBalancerProbePort = None # integer, ?list of integers
1021-
1022- def Parse(self, xmlText):
1023- self.reinitialize()
1024- node = xml.dom.minidom.parseString(xmlText).childNodes[0]
1025- if node.localName != "GoalState":
1026- Error("GoalState.Parse: root not GoalState")
1027- return None
1028- for a in node.childNodes:
1029- if a.nodeType == node.ELEMENT_NODE:
1030- if a.localName == "Incarnation":
1031- self.Incarnation = GetNodeTextData(a)
1032- elif a.localName == "Machine":
1033- for b in a.childNodes:
1034- if b.nodeType == node.ELEMENT_NODE:
1035- if b.localName == "ExpectedState":
1036- self.ExpectedState = GetNodeTextData(b)
1037- Log("ExpectedState: " + self.ExpectedState)
1038- elif b.localName == "LBProbePorts":
1039- for c in b.childNodes:
1040- if c.nodeType == node.ELEMENT_NODE and c.localName == "Port":
1041- self.LoadBalancerProbePort = int(GetNodeTextData(c))
1042- elif a.localName == "Container":
1043- for b in a.childNodes:
1044- if b.nodeType == node.ELEMENT_NODE:
1045- if b.localName == "ContainerId":
1046- self.ContainerId = GetNodeTextData(b)
1047- Log("ContainerId: " + self.ContainerId)
1048- elif b.localName == "RoleInstanceList":
1049- for c in b.childNodes:
1050- if c.localName == "RoleInstance":
1051- for d in c.childNodes:
1052- if d.nodeType == node.ELEMENT_NODE:
1053- if d.localName == "InstanceId":
1054- self.RoleInstanceId = GetNodeTextData(d)
1055- Log("RoleInstanceId: " + self.RoleInstanceId)
1056- elif d.localName == "State":
1057- pass
1058- elif d.localName == "Configuration":
1059- for e in d.childNodes:
1060- if e.nodeType == node.ELEMENT_NODE:
1061- if e.localName == "HostingEnvironmentConfig":
1062- self.HostingEnvironmentConfigUrl = GetNodeTextData(e)
1063- LogIfVerbose("HostingEnvironmentConfigUrl:" + self.HostingEnvironmentConfigUrl)
1064- self.HostingEnvironmentConfigXml = self.HttpGetWithHeaders(self.HostingEnvironmentConfigUrl)
1065- self.HostingEnvironmentConfig = HostingEnvironmentConfig().Parse(self.HostingEnvironmentConfigXml)
1066- elif e.localName == "SharedConfig":
1067- self.SharedConfigUrl = GetNodeTextData(e)
1068- LogIfVerbose("SharedConfigUrl:" + self.SharedConfigUrl)
1069- self.SharedConfigXml = self.HttpGetWithHeaders(self.SharedConfigUrl)
1070- self.SharedConfig = SharedConfig().Parse(self.SharedConfigXml)
1071- elif e.localName == "Certificates":
1072- self.CertificatesUrl = GetNodeTextData(e)
1073- LogIfVerbose("CertificatesUrl:" + self.CertificatesUrl)
1074- self.CertificatesXml = self.HttpSecureGetWithHeaders(self.CertificatesUrl, self.TransportCert)
1075- self.Certificates = Certificates().Parse(self.CertificatesXml)
1076- if self.Incarnation == None:
1077- Error("GoalState.Parse: Incarnation missing")
1078- return None
1079- if self.ExpectedState == None:
1080- Error("GoalState.Parse: ExpectedState missing")
1081- return None
1082- if self.RoleInstanceId == None:
1083- Error("GoalState.Parse: RoleInstanceId missing")
1084- return None
1085- if self.ContainerId == None:
1086- Error("GoalState.Parse: ContainerId missing")
1087- return None
1088- SetFileContents("GoalState." + self.Incarnation + ".xml", xmlText)
1089- return self
1090-
1091- def Process(self):
1092- self.HostingEnvironmentConfig.Process()
1093-
1094-class OvfEnv(object):
1095-#
1096-# <?xml version="1.0" encoding="utf-8"?>
1097-# <Environment xmlns="http://schemas.dmtf.org/ovf/environment/1" xmlns:oe="http://schemas.dmtf.org/ovf/environment/1" xmlns:wa="http://schemas.microsoft.com/windowsazure" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
1098-# <wa:ProvisioningSection>
1099-# <wa:Version>1.0</wa:Version>
1100-# <LinuxProvisioningConfigurationSet xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
1101-# <ConfigurationSetType>LinuxProvisioningConfiguration</ConfigurationSetType>
1102-# <HostName>HostName</HostName>
1103-# <UserName>UserName</UserName>
1104-# <UserPassword>UserPassword</UserPassword>
1105-# <DisableSshPasswordAuthentication>false</DisableSshPasswordAuthentication>
1106-# <SSH>
1107-# <PublicKeys>
1108-# <PublicKey>
1109-# <Fingerprint>EB0C0AB4B2D5FC35F2F0658D19F44C8283E2DD62</Fingerprint>
1110-# <Path>$HOME/UserName/.ssh/authorized_keys</Path>
1111-# </PublicKey>
1112-# </PublicKeys>
1113-# <KeyPairs>
1114-# <KeyPair>
1115-# <Fingerprint>EB0C0AB4B2D5FC35F2F0658D19F44C8283E2DD62</Fingerprint>
1116-# <Path>$HOME/UserName/.ssh/id_rsa</Path>
1117-# </KeyPair>
1118-# </KeyPairs>
1119-# </SSH>
1120-# </LinuxProvisioningConfigurationSet>
1121-# </wa:ProvisioningSection>
1122-# </Environment>
1123-#
1124- def __init__(self):
1125- self.reinitialize()
1126-
1127- def reinitialize(self):
1128- self.WaNs = "http://schemas.microsoft.com/windowsazure"
1129- self.OvfNs = "http://schemas.dmtf.org/ovf/environment/1"
1130- self.MajorVersion = 1
1131- self.MinorVersion = 0
1132- self.ComputerName = None
1133- self.AdminPassword = None
1134- self.UserName = None
1135- self.UserPassword = None
1136- self.DisableSshPasswordAuthentication = True
1137- self.SshPublicKeys = []
1138- self.SshKeyPairs = []
1139-
1140- def Parse(self, xmlText):
1141- self.reinitialize()
1142- dom = xml.dom.minidom.parseString(xmlText)
1143- if len(dom.getElementsByTagNameNS(self.OvfNs, "Environment")) != 1:
1144- Error("Unable to parse OVF XML.")
1145- section = None
1146- newer = False
1147- for p in dom.getElementsByTagNameNS(self.WaNs, "ProvisioningSection"):
1148- for n in p.childNodes:
1149- if n.localName == "Version":
1150- verparts = GetNodeTextData(n).split('.')
1151- major = int(verparts[0])
1152- minor = int(verparts[1])
1153- if major > self.MajorVersion:
1154- newer = True
1155- if major != self.MajorVersion:
1156- break
1157- if minor > self.MinorVersion:
1158- newer = True
1159- section = p
1160- if newer == True:
1161- Warn("Newer provisioning configuration detected. Please consider updating waagent.")
1162- if section == None:
1163- Error("Could not find ProvisioningSection with major version=" + str(self.MajorVersion))
1164- return None
1165- self.ComputerName = GetNodeTextData(section.getElementsByTagNameNS(self.WaNs, "HostName")[0])
1166- self.UserName = GetNodeTextData(section.getElementsByTagNameNS(self.WaNs, "UserName")[0])
1167- try:
1168- self.UserPassword = GetNodeTextData(section.getElementsByTagNameNS(self.WaNs, "UserPassword")[0])
1169- except:
1170- pass
1171- disableSshPass = section.getElementsByTagNameNS(self.WaNs, "DisableSshPasswordAuthentication")
1172- if len(disableSshPass) != 0:
1173- self.DisableSshPasswordAuthentication = (GetNodeTextData(disableSshPass[0]).lower() == "true")
1174- for pkey in section.getElementsByTagNameNS(self.WaNs, "PublicKey"):
1175- fp = None
1176- path = None
1177- for c in pkey.childNodes:
1178- if c.localName == "Fingerprint":
1179- fp = GetNodeTextData(c).upper()
1180- if c.localName == "Path":
1181- path = GetNodeTextData(c)
1182- self.SshPublicKeys += [[fp, path]]
1183- for keyp in section.getElementsByTagNameNS(self.WaNs, "KeyPair"):
1184- fp = None
1185- path = None
1186- for c in keyp.childNodes:
1187- if c.localName == "Fingerprint":
1188- fp = GetNodeTextData(c).upper()
1189- if c.localName == "Path":
1190- path = GetNodeTextData(c)
1191- self.SshKeyPairs += [[fp, path]]
1192- return self
1193-
1194- def PrepareDir(self, filepath):
1195- home = GetHome()
1196- # Expand HOME variable if present in path
1197- path = os.path.normpath(filepath.replace("$HOME", home))
1198- if (path.startswith("/") == False) or (path.endswith("/") == True):
1199- return None
1200- dir = path.rsplit('/', 1)[0]
1201- if dir != "":
1202- CreateDir(dir, "root", 0700)
1203- if path.startswith(os.path.normpath(home + "/" + self.UserName + "/")):
1204- ChangeOwner(dir, self.UserName)
1205- return path
1206-
1207- def NumberToBytes(self, i):
1208- result = []
1209- while i:
1210- result.append(chr(i&0xFF))
1211- i >>= 8
1212- result.reverse()
1213- return ''.join(result)
1214-
1215- def BitsToString(self, a):
1216- index=7
1217- s = ""
1218- c = 0
1219- for bit in a:
1220- c = c | (bit << index)
1221- index = index - 1
1222- if index == -1:
1223- s = s + struct.pack('>B', c)
1224- c = 0
1225- index = 7
1226- return s
1227-
1228- def OpensslToSsh(self, file):
1229- from pyasn1.codec.der import decoder as der_decoder
1230- try:
1231- f = open(file).read().replace('\n','').split("KEY-----")[1].split('-')[0]
1232- k=der_decoder.decode(self.BitsToString(der_decoder.decode(base64.b64decode(f))[0][1]))[0]
1233- n=k[0]
1234- e=k[1]
1235- keydata=""
1236- keydata += struct.pack('>I',len("ssh-rsa"))
1237- keydata += "ssh-rsa"
1238- keydata += struct.pack('>I',len(self.NumberToBytes(e)))
1239- keydata += self.NumberToBytes(e)
1240- keydata += struct.pack('>I',len(self.NumberToBytes(n)) + 1)
1241- keydata += "\0"
1242- keydata += self.NumberToBytes(n)
1243- except Exception, e:
1244- print("OpensslToSsh: Exception " + str(e))
1245- return None
1246- return "ssh-rsa " + base64.b64encode(keydata) + "\n"
1247-
1248- def Process(self):
1249- error = None
1250- WaAgent.EnvMonitor.SetHostName(self.ComputerName)
1251- if self.DisableSshPasswordAuthentication:
1252- filepath = "/etc/ssh/sshd_config"
1253- # Disable RFC 4252 and RFC 4256 authentication schemes.
1254- ReplaceFileContentsAtomic(filepath, "\n".join(filter(lambda a: not
1255- (a.startswith("PasswordAuthentication") or a.startswith("ChallengeResponseAuthentication")),
1256- GetFileContents(filepath).split('\n'))) + "PasswordAuthentication no\nChallengeResponseAuthentication no\n")
1257- Log("Disabled SSH password-based authentication methods.")
1258- if self.AdminPassword != None:
1259- os.popen("chpasswd", "w").write("root:" + self.AdminPassword + "\n")
1260- if self.UserName != None:
1261- error = CreateAccount(self.UserName, self.UserPassword, None, None)
1262- sel = os.popen("getenforce").read().startswith("Enforcing")
1263- if sel == True and IsRedHat():
1264- Run("setenforce 0")
1265- home = GetHome()
1266- for pkey in self.SshPublicKeys:
1267- if not os.path.isfile(pkey[0] + ".crt"):
1268- Error("PublicKey not found: " + pkey[0])
1269- error = "Failed to deploy public key (0x09)."
1270- continue
1271- path = self.PrepareDir(pkey[1])
1272- if path == None:
1273- Error("Invalid path: " + pkey[1] + " for PublicKey: " + pkey[0])
1274- error = "Invalid path for public key (0x03)."
1275- continue
1276- Run(Openssl + " x509 -in " + pkey[0] + ".crt -noout -pubkey > " + pkey[0] + ".pub")
1277- if IsRedHat():
1278- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + pkey[0] + ".pub")
1279- if IsUbuntu():
1280- # Only supported in new SSH releases
1281- Run("ssh-keygen -i -m PKCS8 -f " + pkey[0] + ".pub >> " + path)
1282- else:
1283- SshPubKey = self.OpensslToSsh(pkey[0] + ".pub")
1284- if SshPubKey != None:
1285- AppendFileContents(path, SshPubKey)
1286- else:
1287- Error("Failed: " + pkey[0] + ".crt -> " + path)
1288- error = "Failed to deploy public key (0x04)."
1289- if IsRedHat():
1290- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + path)
1291- if path.startswith(os.path.normpath(home + "/" + self.UserName + "/")):
1292- ChangeOwner(path, self.UserName)
1293- for keyp in self.SshKeyPairs:
1294- if not os.path.isfile(keyp[0] + ".prv"):
1295- Error("KeyPair not found: " + keyp[0])
1296- error = "Failed to deploy key pair (0x0A)."
1297- continue
1298- path = self.PrepareDir(keyp[1])
1299- if path == None:
1300- Error("Invalid path: " + keyp[1] + " for KeyPair: " + keyp[0])
1301- error = "Invalid path for key pair (0x05)."
1302- continue
1303- SetFileContents(path, GetFileContents(keyp[0] + ".prv"))
1304- os.chmod(path, 0600)
1305- Run("ssh-keygen -y -f " + keyp[0] + ".prv > " + path + ".pub")
1306- if IsRedHat():
1307- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + path)
1308- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + path + ".pub")
1309- if path.startswith(os.path.normpath(home + "/" + self.UserName + "/")):
1310- ChangeOwner(path, self.UserName)
1311- ChangeOwner(path + ".pub", self.UserName)
1312- if sel == True and IsRedHat():
1313- Run("setenforce 1")
1314- while not WaAgent.EnvMonitor.IsNamePublished():
1315- time.sleep(1)
1316- ReloadSshd()
1317- return error
1318-
1319-def UpdateAndPublishHostNameCommon(name):
1320- # RedHat
1321- if IsRedHat():
1322- filepath = "/etc/sysconfig/network"
1323- if os.path.isfile(filepath):
1324- ReplaceFileContentsAtomic(filepath, "HOSTNAME=" + name + "\n"
1325- + "\n".join(filter(lambda a: not a.startswith("HOSTNAME"), GetFileContents(filepath).split('\n'))))
1326-
1327- for ethernetInterface in PossibleEthernetInterfaces:
1328- filepath = "/etc/sysconfig/network-scripts/ifcfg-" + ethernetInterface
1329- if os.path.isfile(filepath):
1330- ReplaceFileContentsAtomic(filepath, "DHCP_HOSTNAME=" + name + "\n"
1331- + "\n".join(filter(lambda a: not a.startswith("DHCP_HOSTNAME"), GetFileContents(filepath).split('\n'))))
1332-
1333- # Debian
1334- if IsDebian():
1335- SetFileContents("/etc/hostname", name)
1336-
1337- for filepath in EtcDhcpClientConfFiles:
1338- if os.path.isfile(filepath):
1339- ReplaceFileContentsAtomic(filepath, "send host-name \"" + name + "\";\n"
1340- + "\n".join(filter(lambda a: not a.startswith("send host-name"), GetFileContents(filepath).split('\n'))))
1341-
1342- # Suse
1343- if IsSuse():
1344- SetFileContents("/etc/HOSTNAME", name)
1345-
1346-class Agent(Util):
1347- def __init__(self):
1348- self.GoalState = None
1349- self.Endpoint = None
1350- self.LoadBalancerProbeServer = None
1351- self.HealthReportCounter = 0
1352- self.TransportCert = ""
1353- self.EnvMonitor = None
1354- self.SendData = None
1355- self.DhcpResponse = None
1356-
1357- def CheckVersions(self):
1358- #<?xml version="1.0" encoding="utf-8"?>
1359- #<Versions>
1360- # <Preferred>
1361- # <Version>2010-12-15</Version>
1362- # </Preferred>
1363- # <Supported>
1364- # <Version>2010-12-15</Version>
1365- # <Version>2010-28-10</Version>
1366- # </Supported>
1367- #</Versions>
1368- global ProtocolVersion
1369- protocolVersionSeen = False
1370- node = xml.dom.minidom.parseString(self.HttpGetWithoutHeaders("/?comp=versions")).childNodes[0]
1371- if node.localName != "Versions":
1372- Error("CheckVersions: root not Versions")
1373- return False
1374- for a in node.childNodes:
1375- if a.nodeType == node.ELEMENT_NODE and a.localName == "Supported":
1376- for b in a.childNodes:
1377- if b.nodeType == node.ELEMENT_NODE and b.localName == "Version":
1378- v = GetNodeTextData(b)
1379- LogIfVerbose("Fabric supported wire protocol version: " + v)
1380- if v == ProtocolVersion:
1381- protocolVersionSeen = True
1382- if a.nodeType == node.ELEMENT_NODE and a.localName == "Preferred":
1383- v = GetNodeTextData(a.getElementsByTagName("Version")[0])
1384- LogIfVerbose("Fabric preferred wire protocol version: " + v)
1385- if ProtocolVersion < v:
1386- Warn("Newer wire protocol version detected. Please consider updating waagent.")
1387- if not protocolVersionSeen:
1388- Warn("Agent supported wire protocol version: " + ProtocolVersion + " was not advertised by Fabric.")
1389- ProtocolVersion = "2011-08-31"
1390- Log("Negotiated wire protocol version: " + ProtocolVersion)
1391- return True
1392-
1393- def Unpack(self, buffer, offset, range):
1394- result = 0
1395- for i in range:
1396- result = (result << 8) | Ord(buffer[offset + i])
1397- return result
1398-
1399- def UnpackLittleEndian(self, buffer, offset, length):
1400- return self.Unpack(buffer, offset, range(length - 1, -1, -1))
1401-
1402- def UnpackBigEndian(self, buffer, offset, length):
1403- return self.Unpack(buffer, offset, range(0, length))
1404-
1405- def HexDump3(self, buffer, offset, length):
1406- return ''.join(['%02X' % Ord(char) for char in buffer[offset:offset + length]])
1407-
1408- def HexDump2(self, buffer):
1409- return self.HexDump3(buffer, 0, len(buffer))
1410-
1411- def BuildDhcpRequest(self):
1412- #
1413- # typedef struct _DHCP {
1414- # UINT8 Opcode; /* op: BOOTREQUEST or BOOTREPLY */
1415- # UINT8 HardwareAddressType; /* htype: ethernet */
1416- # UINT8 HardwareAddressLength; /* hlen: 6 (48 bit mac address) */
1417- # UINT8 Hops; /* hops: 0 */
1418- # UINT8 TransactionID[4]; /* xid: random */
1419- # UINT8 Seconds[2]; /* secs: 0 */
1420- # UINT8 Flags[2]; /* flags: 0 or 0x8000 for broadcast */
1421- # UINT8 ClientIpAddress[4]; /* ciaddr: 0 */
1422- # UINT8 YourIpAddress[4]; /* yiaddr: 0 */
1423- # UINT8 ServerIpAddress[4]; /* siaddr: 0 */
1424- # UINT8 RelayAgentIpAddress[4]; /* giaddr: 0 */
1425- # UINT8 ClientHardwareAddress[16]; /* chaddr: 6 byte ethernet MAC address */
1426- # UINT8 ServerName[64]; /* sname: 0 */
1427- # UINT8 BootFileName[128]; /* file: 0 */
1428- # UINT8 MagicCookie[4]; /* 99 130 83 99 */
1429- # /* 0x63 0x82 0x53 0x63 */
1430- # /* options -- hard code ours */
1431- #
1432- # UINT8 MessageTypeCode; /* 53 */
1433- # UINT8 MessageTypeLength; /* 1 */
1434- # UINT8 MessageType; /* 1 for DISCOVER */
1435- # UINT8 End; /* 255 */
1436- # } DHCP;
1437- #
1438-
1439- # tuple of 244 zeros
1440- # (struct.pack_into would be good here, but requires Python 2.5)
1441- sendData = [0] * 244
1442-
1443- transactionID = os.urandom(4)
1444- macAddress = GetMacAddress()
1445-
1446- # Opcode = 1
1447- # HardwareAddressType = 1 (ethernet/MAC)
1448- # HardwareAddressLength = 6 (ethernet/MAC/48 bits)
1449- for a in range(0, 3):
1450- sendData[a] = [1, 1, 6][a]
1451-
1452- # fill in transaction id (random number to ensure response matches request)
1453- for a in range(0, 4):
1454- sendData[4 + a] = Ord(transactionID[a])
1455-
1456- LogIfVerbose("BuildDhcpRequest: transactionId:%s,%04X" % (self.HexDump2(transactionID), self.UnpackBigEndian(sendData, 4, 4)))
1457-
1458- # fill in ClientHardwareAddress
1459- for a in range(0, 6):
1460- sendData[0x1C + a] = Ord(macAddress[a])
1461-
1462- # DHCP Magic Cookie: 99, 130, 83, 99
1463- # MessageTypeCode = 53 DHCP Message Type
1464- # MessageTypeLength = 1
1465- # MessageType = DHCPDISCOVER
1466- # End = 255 DHCP_END
1467- for a in range(0, 8):
1468- sendData[0xEC + a] = [99, 130, 83, 99, 53, 1, 1, 255][a]
1469- return array.array("c", map(chr, sendData))
1470-
1471- def IntegerToIpAddressV4String(self, a):
1472- return "%u.%u.%u.%u" % ((a >> 24) & 0xFF, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF)
1473-
1474- def RouteAdd(self, net, mask, gateway):
1475- if IsWindows():
1476- return
1477- net = self.IntegerToIpAddressV4String(net)
1478- mask = self.IntegerToIpAddressV4String(mask)
1479- gateway = self.IntegerToIpAddressV4String(gateway)
1480- Run("/sbin/route add -net " + net + " netmask " + mask + " gw " + gateway)
1481-
1482- def HandleDhcpResponse(self, sendData, receiveBuffer):
1483- LogIfVerbose("HandleDhcpResponse")
1484- bytesReceived = len(receiveBuffer)
1485- if bytesReceived < 0xF6:
1486- Error("HandleDhcpResponse: Too few bytes received " + str(bytesReceived))
1487- return None
1488-
1489- LogIfVerbose("BytesReceived: " + hex(bytesReceived))
1490- LogWithPrefixIfVerbose("DHCP response:", HexDump(receiveBuffer, bytesReceived))
1491-
1492- # check transactionId, cookie, MAC address
1493- # cookie should never mismatch
1494- # transactionId and MAC address may mismatch if we see a response meant from another machine
1495-
1496- for offsets in [range(4, 4 + 4), range(0x1C, 0x1C + 6), range(0xEC, 0xEC + 4)]:
1497- for offset in offsets:
1498- sentByte = Ord(sendData[offset])
1499- receivedByte = Ord(receiveBuffer[offset])
1500- if sentByte != receivedByte:
1501- LogIfVerbose("HandleDhcpResponse: sent cookie:" + self.HexDump3(sendData, 0xEC, 4))
1502- LogIfVerbose("HandleDhcpResponse: rcvd cookie:" + self.HexDump3(receiveBuffer, 0xEC, 4))
1503- LogIfVerbose("HandleDhcpResponse: sent transactionID:" + self.HexDump3(sendData, 4, 4))
1504- LogIfVerbose("HandleDhcpResponse: rcvd transactionID:" + self.HexDump3(receiveBuffer, 4, 4))
1505- LogIfVerbose("HandleDhcpResponse: sent ClientHardwareAddress:" + self.HexDump3(sendData, 0x1C, 6))
1506- LogIfVerbose("HandleDhcpResponse: rcvd ClientHardwareAddress:" + self.HexDump3(receiveBuffer, 0x1C, 6))
1507- LogIfVerbose("HandleDhcpResponse: transactionId, cookie, or MAC address mismatch")
1508- return None
1509- endpoint = None
1510-
1511- #
1512- # Walk all the returned options, parsing out what we need, ignoring the others.
1513- # We need the custom option 245 to find the the endpoint we talk to,
1514- # as well as, to handle some Linux DHCP client incompatibilities,
1515- # options 3 for default gateway and 249 for routes. And 255 is end.
1516- #
1517-
1518- i = 0xF0 # offset to first option
1519- while i < bytesReceived:
1520- option = Ord(receiveBuffer[i])
1521- length = 0
1522- if (i + 1) < bytesReceived:
1523- length = Ord(receiveBuffer[i + 1])
1524- LogIfVerbose("DHCP option " + hex(option) + " at offset:" + hex(i) + " with length:" + hex(length))
1525- if option == 255:
1526- LogIfVerbose("DHCP packet ended at offset " + hex(i))
1527- break
1528- elif option == 249:
1529- # http://msdn.microsoft.com/en-us/library/cc227282%28PROT.10%29.aspx
1530- LogIfVerbose("Routes at offset:" + hex(i) + " with length:" + hex(length))
1531- if length < 5:
1532- Error("Data too small for option " + option)
1533- j = i + 2
1534- while j < (i + length + 2):
1535- maskLengthBits = Ord(receiveBuffer[j])
1536- maskLengthBytes = (((maskLengthBits + 7) & ~7) >> 3)
1537- mask = 0xFFFFFFFF & (0xFFFFFFFF << (32 - maskLengthBits))
1538- j += 1
1539- net = self.UnpackBigEndian(receiveBuffer, j, maskLengthBytes)
1540- net <<= (32 - maskLengthBytes * 8)
1541- net &= mask
1542- j += maskLengthBytes
1543- gateway = self.UnpackBigEndian(receiveBuffer, j, 4)
1544- j += 4
1545- self.RouteAdd(net, mask, gateway)
1546- if j != (i + length + 2):
1547- Error("HandleDhcpResponse: Unable to parse routes")
1548- elif option == 3 or option == 245:
1549- if i + 5 < bytesReceived:
1550- if length != 4:
1551- Error("HandleDhcpResponse: Endpoint or Default Gateway not 4 bytes")
1552- return None
1553- gateway = self.UnpackBigEndian(receiveBuffer, i + 2, 4)
1554- IpAddress = self.IntegerToIpAddressV4String(gateway)
1555- if option == 3:
1556- self.RouteAdd(0, 0, gateway)
1557- name = "DefaultGateway"
1558- else:
1559- endpoint = IpAddress
1560- name = "Windows Azure wire protocol endpoint"
1561- LogIfVerbose(name + ": " + IpAddress + " at " + hex(i))
1562- else:
1563- Error("HandleDhcpResponse: Data too small for option " + option)
1564- else:
1565- LogIfVerbose("Skipping DHCP option " + hex(option) + " at " + hex(i) + " with length " + hex(length))
1566- i += length + 2
1567- return endpoint
1568-
1569- def DoDhcpWork(self):
1570- #
1571- # Discover the wire server via DHCP option 245.
1572- # And workaround incompatibility with Windows Azure DHCP servers.
1573- #
1574- ShortSleep = False # Sleep 1 second before retrying DHCP queries.
1575-
1576- if not IsWindows():
1577- Run("iptables -D INPUT -p udp --dport 68 -j ACCEPT")
1578- Run("iptables -I INPUT -p udp --dport 68 -j ACCEPT")
1579-
1580- sleepDurations = [0, 5, 10, 30, 60, 60, 60, 60]
1581- maxRetry = len(sleepDurations)
1582- lastTry = (maxRetry - 1)
1583- for retry in range(0, maxRetry):
1584- try:
1585- strRetry = str(retry)
1586- prefix = "DoDhcpWork: try=" + strRetry
1587- LogIfVerbose(prefix)
1588- sendData = self.BuildDhcpRequest()
1589- LogWithPrefixIfVerbose("DHCP request:", HexDump(sendData, len(sendData)))
1590- sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
1591- sock.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
1592- sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
1593- if IsSuse():
1594- # This is required because sending after binding to 0.0.0.0 fails with
1595- # network unreachable when the default gateway is not set up.
1596- sock.bind((GetIpv4Address(), 68))
1597- else:
1598- sock.bind(("0.0.0.0", 68))
1599- sock.sendto(sendData, ("<broadcast>", 67))
1600- receiveBuffer = sock.recv(1024)
1601- sock.close()
1602- endpoint = self.HandleDhcpResponse(sendData, receiveBuffer)
1603- if endpoint == None:
1604- LogIfVerbose("DoDhcpWork: No endpoint found")
1605- if endpoint != None or retry == lastTry:
1606- if endpoint != None:
1607- self.SendData = sendData
1608- self.DhcpResponse = receiveBuffer
1609- if retry == lastTry:
1610- LogIfVerbose("DoDhcpWork: try=" + strRetry)
1611- return endpoint
1612- sleepDuration = [sleepDurations[retry % len(sleepDurations)], 1][ShortSleep]
1613- LogIfVerbose("DoDhcpWork: sleep=" + str(sleepDuration))
1614- time.sleep(sleepDuration)
1615- except Exception, e:
1616- ErrorWithPrefix(prefix, str(e))
1617- ErrorWithPrefix(prefix, traceback.format_exc())
1618- return None
1619-
1620- def UpdateAndPublishHostName(self, name):
1621- # Set hostname locally and publish to iDNS
1622- Log("Setting host name: " + name)
1623- UpdateAndPublishHostNameCommon(name)
1624- for ethernetInterface in PossibleEthernetInterfaces:
1625- if IsSuse():
1626- Run("ifrenew " + ethernetInterface)
1627- else:
1628- Run("ifdown " + ethernetInterface + " && ifup " + ethernetInterface)
1629- self.RestoreRoutes()
1630-
1631- def RestoreRoutes(self):
1632- if self.SendData != None and self.DhcpResponse != None:
1633- self.HandleDhcpResponse(self.SendData, self.DhcpResponse)
1634-
1635- def UpdateGoalState(self):
1636- goalStateXml = None
1637- maxRetry = 9
1638- log = NoLog
1639- for retry in range(1, maxRetry + 1):
1640- strRetry = str(retry)
1641- log("retry UpdateGoalState,retry=" + strRetry)
1642- goalStateXml = self.HttpGetWithHeaders("/machine/?comp=goalstate")
1643- if goalStateXml != None:
1644- break
1645- log = Log
1646- time.sleep(retry)
1647- if not goalStateXml:
1648- Error("UpdateGoalState failed.")
1649- return
1650- Log("Retrieved GoalState from Windows Azure Fabric.")
1651- self.GoalState = GoalState(self).Parse(goalStateXml)
1652- return self.GoalState
1653-
1654- def ReportReady(self):
1655- counter = (self.HealthReportCounter + 1) % 1000000
1656- self.HealthReportCounter = counter
1657- healthReport = ("<?xml version=\"1.0\" encoding=\"utf-8\"?><Health xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"><GoalStateIncarnation>"
1658- + self.GoalState.Incarnation
1659- + "</GoalStateIncarnation><Container><ContainerId>"
1660- + self.GoalState.ContainerId
1661- + "</ContainerId><RoleInstanceList><Role><InstanceId>"
1662- + self.GoalState.RoleInstanceId
1663- + "</InstanceId><Health><State>Ready</State></Health></Role></RoleInstanceList></Container></Health>")
1664- a = self.HttpPost("/machine?comp=health", healthReport)
1665- if a != None:
1666- return a.getheader("x-ms-latest-goal-state-incarnation-number")
1667- return None
1668-
1669- def ReportNotReady(self, status, desc):
1670- healthReport = ("<?xml version=\"1.0\" encoding=\"utf-8\"?><Health xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"><GoalStateIncarnation>"
1671- + self.GoalState.Incarnation
1672- + "</GoalStateIncarnation><Container><ContainerId>"
1673- + self.GoalState.ContainerId
1674- + "</ContainerId><RoleInstanceList><Role><InstanceId>"
1675- + self.GoalState.RoleInstanceId
1676- + "</InstanceId><Health><State>NotReady</State>"
1677- + "<Details><SubStatus>" + status + "</SubStatus><Description>" + desc + "</Description></Details>"
1678- + "</Health></Role></RoleInstanceList></Container></Health>")
1679- a = self.HttpPost("/machine?comp=health", healthReport)
1680- if a != None:
1681- return a.getheader("x-ms-latest-goal-state-incarnation-number")
1682- return None
1683-
1684- def ReportRoleProperties(self, thumbprint):
1685- roleProperties = ("<?xml version=\"1.0\" encoding=\"utf-8\"?><RoleProperties><Container>"
1686- + "<ContainerId>" + self.GoalState.ContainerId + "</ContainerId>"
1687- + "<RoleInstances><RoleInstance>"
1688- + "<Id>" + self.GoalState.RoleInstanceId + "</Id>"
1689- + "<Properties><Property name=\"CertificateThumbprint\" value=\"" + thumbprint + "\" /></Properties>"
1690- + "</RoleInstance></RoleInstances></Container></RoleProperties>")
1691- a = self.HttpPost("/machine?comp=roleProperties", roleProperties)
1692- Log("Posted Role Properties. CertificateThumbprint=" + thumbprint)
1693- return a
1694-
1695- def LoadBalancerProbeServer_Shutdown(self):
1696- if self.LoadBalancerProbeServer != None:
1697- self.LoadBalancerProbeServer.shutdown()
1698- self.LoadBalancerProbeServer = None
1699-
1700- def GenerateTransportCert(self):
1701- Run(Openssl + " req -x509 -nodes -subj /CN=LinuxTransport -days 32768 -newkey rsa:2048 -keyout TransportPrivate.pem -out TransportCert.pem")
1702- cert = ""
1703- for line in GetFileContents("TransportCert.pem").split('\n'):
1704- if not "CERTIFICATE" in line:
1705- cert += line.rstrip()
1706- return cert
1707-
1708- def Provision(self):
1709- if IsWindows():
1710- Log("Skipping Provision on Windows")
1711- return
1712- enabled = Config.get("Provisioning.Enabled")
1713- if enabled != None and enabled.lower().startswith("n"):
1714- return
1715- Log("Provisioning image started.")
1716- type = Config.get("Provisioning.SshHostKeyPairType")
1717- if type == None:
1718- type = "rsa"
1719- regenerateKeys = Config.get("Provisioning.RegenerateSshHostKeyPair")
1720- if regenerateKeys == None or regenerateKeys.lower().startswith("y"):
1721- Run("rm -f /etc/ssh/ssh_host_*key*")
1722- Run("ssh-keygen -N '' -t " + type + " -f /etc/ssh/ssh_host_" + type + "_key")
1723- ReloadSshd()
1724- SetFileContents(LibDir + "/provisioned", "")
1725- dvd = "/dev/hdc"
1726- if os.path.exists("/dev/sr0"):
1727- dvd = "/dev/sr0"
1728- if Run("fdisk -l " + dvd + " | grep Disk"):
1729- return
1730- CreateDir("/mnt/cdrom/secure", "root", 0700)
1731- if Run("mount " + dvd + " /mnt/cdrom/secure"):
1732- Error("Unable to provision: Failed to mount DVD.")
1733- return "Failed to retrieve provisioning data (0x01)."
1734- if not os.path.isfile("/mnt/cdrom/secure/ovf-env.xml"):
1735- Error("Unable to provision: Missing ovf-env.xml on DVD.")
1736- return "Failed to retrieve provisioning data (0x02)."
1737- ovfxml = GetFileContents("/mnt/cdrom/secure/ovf-env.xml")
1738- SetFileContents("ovf-env.xml", re.sub("<UserPassword>.*?<", "<UserPassword>*<", ovfxml))
1739- Run("umount /mnt/cdrom/secure")
1740- error = None
1741- if ovfxml != None:
1742- Log("Provisioning image using OVF settings in the DVD.")
1743- ovfobj = OvfEnv().Parse(ovfxml)
1744- if ovfobj != None:
1745- error = ovfobj.Process()
1746- # This is done here because regenerated SSH host key pairs may be potentially overwritten when processing the ovfxml
1747- fingerprint = os.popen("ssh-keygen -lf /etc/ssh/ssh_host_" + type + "_key.pub").read().rstrip().split()[1].replace(':','')
1748- self.ReportRoleProperties(fingerprint)
1749- delRootPass = Config.get("Provisioning.DeleteRootPassword")
1750- if delRootPass != None and delRootPass.lower().startswith("y"):
1751- DeleteRootPassword()
1752- Log("Provisioning image completed.")
1753- return error
1754-
1755- def Run(self):
1756- if IsLinux():
1757- SetFileContents("/var/run/waagent.pid", str(os.getpid()) + "\n")
1758-
1759- if GetIpv4Address() == None:
1760- Log("Waiting for network.")
1761- while(GetIpv4Address() == None):
1762- time.sleep(10)
1763-
1764- Log("IPv4 address: " + GetIpv4Address())
1765- Log("MAC address: " + ":".join(["%02X" % Ord(a) for a in GetMacAddress()]))
1766-
1767- # Consume Entropy in ACPI table provided by Hyper-V
1768- try:
1769- SetFileContents("/dev/random", GetFileContents("/sys/firmware/acpi/tables/OEM0"))
1770- except:
1771- pass
1772-
1773- Log("Probing for Windows Azure environment.")
1774- self.Endpoint = self.DoDhcpWork()
1775-
1776- if self.Endpoint == None:
1777- Log("Windows Azure environment not detected.")
1778- while True:
1779- time.sleep(60)
1780-
1781- Log("Discovered Windows Azure endpoint: " + self.Endpoint)
1782- if not self.CheckVersions():
1783- Error("Agent.CheckVersions failed")
1784- sys.exit(1)
1785-
1786- self.EnvMonitor = EnvMonitor()
1787-
1788- # Set SCSI timeout on root device
1789- try:
1790- timeout = Config.get("OS.RootDeviceScsiTimeout")
1791- if timeout != None:
1792- SetFileContents("/sys/block/" + DeviceForIdePort(0) + "/device/timeout", timeout)
1793- except:
1794- pass
1795-
1796- global Openssl
1797- Openssl = Config.get("OS.OpensslPath")
1798- if Openssl == None:
1799- Openssl = "openssl"
1800-
1801- self.TransportCert = self.GenerateTransportCert()
1802-
1803- incarnation = None # goalStateIncarnationFromHealthReport
1804- currentPort = None # loadBalancerProbePort
1805- goalState = None # self.GoalState, instance of GoalState
1806- provisioned = os.path.exists(LibDir + "/provisioned")
1807- program = Config.get("Role.StateConsumer")
1808- provisionError = None
1809- while True:
1810- if (goalState == None) or (incarnation == None) or (goalState.Incarnation != incarnation):
1811- goalState = self.UpdateGoalState()
1812-
1813- if provisioned == False:
1814- self.ReportNotReady("Provisioning", "Starting")
1815-
1816- goalState.Process()
1817-
1818- if provisioned == False:
1819- provisionError = self.Provision()
1820- provisioned = True
1821-
1822- #
1823- # only one port supported
1824- # restart server if new port is different than old port
1825- # stop server if no longer a port
1826- #
1827- goalPort = goalState.LoadBalancerProbePort
1828- if currentPort != goalPort:
1829- self.LoadBalancerProbeServer_Shutdown()
1830- currentPort = goalPort
1831- if currentPort != None:
1832- self.LoadBalancerProbeServer = LoadBalancerProbeServer(currentPort)
1833-
1834- if program != None and DiskActivated == True:
1835- os.spawnl(os.P_NOWAIT, program, program, "Ready")
1836- program = None
1837-
1838- if goalState.ExpectedState == "Stopped":
1839- program = Config.get("Role.StateConsumer")
1840- if program != None:
1841- Run(program + " Shutdown")
1842- self.EnvMonitor.shutdown()
1843- self.LoadBalancerProbeServer_Shutdown()
1844- command = ["/sbin/shutdown -hP now", "shutdown /s /t 5"][IsWindows()]
1845- Run(command)
1846- return
1847-
1848- sleepToReduceAccessDenied = 3
1849- time.sleep(sleepToReduceAccessDenied)
1850- i = None
1851- if provisionError != None:
1852- i = self.ReportNotReady("ProvisioningFailed", provisionError)
1853- else:
1854- i = self.ReportReady()
1855- if i != None:
1856- incarnation = i
1857- time.sleep(25 - sleepToReduceAccessDenied)
1858-
1859-Init_Suse = """\
1860-#! /bin/sh
1861-
1862-### BEGIN INIT INFO
1863-# Provides: WindowsAzureLinuxAgent
1864-# Required-Start: $network sshd
1865-# Required-Stop: $network sshd
1866-# Default-Start: 3 5
1867-# Default-Stop: 0 1 2 6
1868-# Description: Start the WindowsAzureLinuxAgent
1869-### END INIT INFO
1870-
1871-WAZD_BIN=/usr/sbin/waagent
1872-test -x $WAZD_BIN || exit 5
1873-
1874-case "$1" in
1875- start)
1876- echo "Starting WindowsAzureLinuxAgent"
1877- ## Start daemon with startproc(8). If this fails
1878- ## the echo return value is set appropriate.
1879-
1880- startproc -f $WAZD_BIN -daemon
1881- exit $?
1882- ;;
1883- stop)
1884- echo "Shutting down WindowsAzureLinuxAgent"
1885- ## Stop daemon with killproc(8) and if this fails
1886- ## set echo the echo return value.
1887-
1888- killproc -p /var/run/waagent.pid $WAZD_BIN
1889- exit $?
1890- ;;
1891- try-restart)
1892- ## Stop the service and if this succeeds (i.e. the
1893- ## service was running before), start it again.
1894- $0 status >/dev/null && $0 restart
1895- ;;
1896- restart)
1897- ## Stop the service and regardless of whether it was
1898- ## running or not, start it again.
1899- $0 stop
1900- $0 start
1901- ;;
1902- force-reload|reload)
1903- ;;
1904- status)
1905- echo -n "Checking for service WindowsAzureLinuxAgent "
1906- ## Check status with checkproc(8), if process is running
1907- ## checkproc will return with exit status 0.
1908-
1909- checkproc -p $WAZD_PIDFILE $WAZD_BIN
1910- exit $?
1911- ;;
1912- probe)
1913- ;;
1914- *)
1915- echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
1916- exit 1
1917- ;;
1918-esac
1919-"""
1920-
1921-Init_RedHat = """\
1922-#!/bin/bash
1923-#
1924-# Init file for WindowsAzureLinuxAgent.
1925-#
1926-# chkconfig: 2345 60 80
1927-# description: WindowsAzureLinuxAgent
1928-#
1929-
1930-# source function library
1931-. /etc/rc.d/init.d/functions
1932-
1933-RETVAL=0
1934-FriendlyName="WindowsAzureLinuxAgent"
1935-WAZD_BIN=/usr/sbin/waagent
1936-
1937-start()
1938-{
1939- echo -n $"Starting $FriendlyName: "
1940- $WAZD_BIN -daemon &
1941-}
1942-
1943-stop()
1944-{
1945- echo -n $"Stopping $FriendlyName: "
1946- killproc -p /var/run/waagent.pid $WAZD_BIN
1947- RETVAL=$?
1948- echo
1949- return $RETVAL
1950-}
1951-
1952-case "$1" in
1953- start)
1954- start
1955- ;;
1956- stop)
1957- stop
1958- ;;
1959- restart)
1960- stop
1961- start
1962- ;;
1963- reload)
1964- ;;
1965- report)
1966- ;;
1967- status)
1968- status $WAZD_BIN
1969- RETVAL=$?
1970- ;;
1971- *)
1972- echo $"Usage: $0 {start|stop|restart|status}"
1973- RETVAL=1
1974-esac
1975-exit $RETVAL
1976-"""
1977-
1978-Init_Debian = """\
1979-#!/bin/sh
1980-### BEGIN INIT INFO
1981-# Provides: WindowsAzureLinuxAgent
1982-# Required-Start: $network $syslog
1983-# Required-Stop: $network $syslog
1984-# Should-Start: $network $syslog
1985-# Should-Stop: $network $syslog
1986-# Default-Start: 2 3 4 5
1987-# Default-Stop: 0 1 6
1988-# Short-Description: WindowsAzureLinuxAgent
1989-# Description: WindowsAzureLinuxAgent
1990-### END INIT INFO
1991-
1992-. /lib/lsb/init-functions
1993-
1994-OPTIONS="-daemon"
1995-WAZD_BIN=/usr/sbin/waagent
1996-WAZD_PID=/var/run/waagent.pid
1997-
1998-case "$1" in
1999- start)
2000- log_begin_msg "Starting WindowsAzureLinuxAgent..."
2001- pid=$( pidofproc $WAZD_BIN )
2002- if [ -n "$pid" ] ; then
2003- log_begin_msg "Already running."
2004- log_end_msg 0
2005- exit 0
2006- fi
2007- start-stop-daemon --start --quiet --oknodo --background --exec $WAZD_BIN -- $OPTIONS
2008- log_end_msg $?
2009- ;;
2010-
2011- stop)
2012- log_begin_msg "Stopping WindowsAzureLinuxAgent..."
2013- start-stop-daemon --stop --quiet --oknodo --pidfile $WAZD_PID
2014- ret=$?
2015- rm -f $WAZD_PID
2016- log_end_msg $ret
2017- ;;
2018- force-reload)
2019- $0 restart
2020- ;;
2021- restart)
2022- $0 stop
2023- $0 start
2024- ;;
2025- status)
2026- status_of_proc $WAZD_BIN && exit 0 || exit $?
2027- ;;
2028- *)
2029- log_success_msg "Usage: /etc/init.d/waagent {start|stop|force-reload|restart|status}"
2030- exit 1
2031- ;;
2032-esac
2033-
2034-exit 0
2035-"""
2036-
2037-WaagentConf = """\
2038-#
2039-# Windows Azure Linux Agent Configuration
2040-#
2041-
2042-Role.StateConsumer=None # Specified program is invoked with "Ready" or "Shutdown".
2043- # Shutdown will be initiated only after the program returns. Windows Azure will
2044- # power off the VM if shutdown is not completed within ?? minutes.
2045-Role.ConfigurationConsumer=None # Specified program is invoked with XML file argument specifying role configuration.
2046-Role.TopologyConsumer=None # Specified program is invoked with XML file argument specifying role topology.
2047-
2048-Provisioning.Enabled=y #
2049-Provisioning.DeleteRootPassword=y # Password authentication for root account will be unavailable.
2050-Provisioning.RegenerateSshHostKeyPair=y # Generate fresh host key pair.
2051-Provisioning.SshHostKeyPairType=rsa # Supported values are "rsa", "dsa" and "ecdsa".
2052-Provisioning.MonitorHostName=y # Monitor host name changes and publish changes via DHCP requests.
2053-
2054-ResourceDisk.Format=y # Format if unformatted. If 'n', resource disk will not be mounted.
2055-ResourceDisk.Filesystem=ext4 #
2056-ResourceDisk.MountPoint=/mnt/resource #
2057-ResourceDisk.EnableSwap=n # Create and use swapfile on resource disk.
2058-ResourceDisk.SwapSizeMB=0 # Size of the swapfile.
2059-
2060-LBProbeResponder=y # Respond to load balancer probes if requested by Windows Azure.
2061-
2062-Logs.Verbose=n #
2063-
2064-OS.RootDeviceScsiTimeout=300 # Root device timeout in seconds.
2065-OS.OpensslPath=None # If "None", the system default version is used.
2066-"""
2067-
2068-WaagentLogrotate = """\
2069-/var/log/waagent.log {
2070- monthly
2071- rotate 6
2072- notifempty
2073- missingok
2074-}
2075-"""
2076-
2077-def AddToLinuxKernelCmdline(options):
2078- if os.path.isfile("/boot/grub/menu.lst"):
2079- Run("sed -i --follow-symlinks '/kernel/s|$| " + options + " |' /boot/grub/menu.lst")
2080- filepath = "/etc/default/grub"
2081- if os.path.isfile(filepath):
2082- filecontents = GetFileContents(filepath).split('\n')
2083- current = filter(lambda a: a.startswith("GRUB_CMDLINE_LINUX"), filecontents)
2084- ReplaceFileContentsAtomic(filepath,
2085- "\n".join(filter(lambda a: not a.startswith("GRUB_CMDLINE_LINUX"), filecontents))
2086- + current[0][:-1] + " " + options + "\"\n")
2087- Run("update-grub")
2088-
2089-def ApplyVNUMAWorkaround():
2090- VersionParts = platform.release().replace('-', '.').split('.')
2091- if int(VersionParts[0]) > 2:
2092- return
2093- if int(VersionParts[1]) > 6:
2094- return
2095- if int(VersionParts[2]) > 37:
2096- return
2097- AddToLinuxKernelCmdline("numa=off")
2098- # TODO: This is not ideal for offline installation.
2099- print("Your kernel version " + platform.release() + " has a NUMA-related bug: NUMA has been disabled.")
2100-
2101-def RevertVNUMAWorkaround():
2102- print("Automatic reverting of GRUB configuration is not yet supported. Please edit by hand.")
2103-
2104-def Install():
2105- if IsWindows():
2106- print("ERROR: -install invalid for Windows.")
2107- return 1
2108- os.chmod(sys.argv[0], 0755)
2109- SwitchCwd()
2110- requiredDeps = [ "/sbin/route", "/sbin/shutdown" ]
2111- if IsDebian():
2112- requiredDeps += [ "/usr/sbin/update-rc.d" ]
2113- if IsSuse():
2114- requiredDeps += [ "/sbin/insserv" ]
2115- for a in requiredDeps:
2116- if not os.path.isfile(a):
2117- Error("Missing required dependency: " + a)
2118- return 1
2119- missing = False
2120- for a in [ "ssh-keygen", "useradd", "openssl", "sfdisk",
2121- "fdisk", "mkfs", "chpasswd", "sed", "grep", "sudo" ]:
2122- if Run("which " + a + " > /dev/null 2>&1"):
2123- Warn("Missing dependency: " + a)
2124- missing = True
2125- if missing == True:
2126- Warn("Please resolve missing dependencies listed for full functionality.")
2127- if UsesRpm():
2128- if not Run("rpm --quiet -q NetworkManager"):
2129- Error(GuestAgentLongName + " is not compatible with NetworkManager.")
2130- return 1
2131- if Run("rpm --quiet -q python-pyasn1"):
2132- Error(GuestAgentLongName + " requires python-pyasn1.")
2133- return 1
2134- if UsesDpkg() and Run("dpkg -l network-manager | grep -q ^un"):
2135- Error(GuestAgentLongName + " is not compatible with network-manager.")
2136- return 1
2137- for a in RulesFiles:
2138- if os.path.isfile(a):
2139- if os.path.isfile(GetLastPathElement(a)):
2140- os.remove(GetLastPathElement(a))
2141- shutil.move(a, ".")
2142- Warn("Moved " + a + " -> " + LibDir + "/" + GetLastPathElement(a) )
2143- filename = "waagent"
2144- filepath = "/etc/init.d/" + filename
2145- distro = IsRedHat() + IsDebian() * 2 + IsSuse() * 3
2146- if distro == 0:
2147- Error("Unable to detect Linux Distribution.")
2148- return 1
2149- init = [[Init_RedHat, "chkconfig --add " + filename],
2150- [Init_Debian, "update-rc.d " + filename + " defaults"],
2151- [Init_Suse, "insserv " + filename]][distro - 1]
2152- SetFileContents(filepath, init[0])
2153- os.chmod(filepath, 0755)
2154- Run(init[1])
2155- if os.path.isfile("/etc/waagent.conf"):
2156- try:
2157- os.remove("/etc/waagent.conf.old")
2158- except:
2159- pass
2160- try:
2161- os.rename("/etc/waagent.conf", "/etc/waagent.conf.old")
2162- Warn("Existing /etc/waagent.conf has been renamed to /etc/waagent.conf.old")
2163- except:
2164- pass
2165- SetFileContents("/etc/waagent.conf", WaagentConf)
2166- SetFileContents("/etc/logrotate.d/waagent", WaagentLogrotate)
2167- filepath = "/etc/ssh/sshd_config"
2168- ReplaceFileContentsAtomic(filepath, "\n".join(filter(lambda a: not
2169- a.startswith("ClientAliveInterval"),
2170- GetFileContents(filepath).split('\n'))) + "ClientAliveInterval 180\n")
2171- Log("Configured SSH client probing to keep connections alive.")
2172- ApplyVNUMAWorkaround()
2173- return 0
2174-
2175-def Uninstall():
2176- if IsWindows():
2177- print("ERROR: -uninstall invalid for windows, see waagent_service.exe")
2178- return 1
2179- SwitchCwd()
2180- for a in RulesFiles:
2181- if os.path.isfile(GetLastPathElement(a)):
2182- try:
2183- shutil.move(GetLastPathElement(a), a)
2184- Warn("Moved " + LibDir + "/" + GetLastPathElement(a) + " -> " + a )
2185- except:
2186- pass
2187- filename = "waagent"
2188- a = IsRedHat() + IsDebian() * 2 + IsSuse() * 3
2189- if a == 0:
2190- Error("Unable to detect Linux Distribution.")
2191- return 1
2192- Run("service " + filename + " stop")
2193- cmd = ["chkconfig --del " + filename,
2194- "update-rc.d -f " + filename + " remove",
2195- "insserv -r " + filename][a - 1]
2196- Run(cmd)
2197- for f in os.listdir(LibDir) + ["/etc/init.d/" + filename, "/etc/waagent.conf", "/etc/logrotate.d/waagent", "/etc/sudoers.d/waagent"]:
2198- try:
2199- os.remove(f)
2200- except:
2201- pass
2202- RevertVNUMAWorkaround()
2203- return 0
2204-
2205-def DeleteRootPassword():
2206- SetFileContents("/etc/shadow-temp", "")
2207- os.chmod("/etc/shadow-temp", 0000)
2208- Run("(echo root:*LOCK*:14600:::::: && grep -v ^root /etc/shadow ) > /etc/shadow-temp")
2209- Run("mv -f /etc/shadow-temp /etc/shadow")
2210- Log("Root password deleted.")
2211-
2212-def Deprovision(force, deluser):
2213- if IsWindows():
2214- Run(os.environ["windir"] + "\\system32\\sysprep\\sysprep.exe /generalize")
2215- return 0
2216-
2217- SwitchCwd()
2218- ovfxml = GetFileContents("ovf-env.xml")
2219- ovfobj = None
2220- if ovfxml != None:
2221- ovfobj = OvfEnv().Parse(ovfxml)
2222-
2223- print("WARNING! The waagent service will be stopped.")
2224- print("WARNING! All SSH host key pairs will be deleted.")
2225- print("WARNING! Nameserver configuration in /etc/resolv.conf will be deleted.")
2226- print("WARNING! Cached DHCP leases will be deleted.")
2227-
2228- delRootPass = Config.get("Provisioning.DeleteRootPassword")
2229- if delRootPass != None and delRootPass.lower().startswith("y"):
2230- print("WARNING! root password will be disabled. You will not be able to login as root.")
2231-
2232- if ovfobj != None and deluser == True:
2233- print("WARNING! " + ovfobj.UserName + " account and entire home directory will be deleted.")
2234-
2235- if force == False and not raw_input('Do you want to proceed (y/n)? ').startswith('y'):
2236- return 1
2237-
2238- Run("service waagent stop")
2239-
2240- if deluser == True:
2241- DeleteAccount(ovfobj.UserName)
2242-
2243- # Remove SSH host keys
2244- regenerateKeys = Config.get("Provisioning.RegenerateSshHostKeyPair")
2245- if regenerateKeys == None or regenerateKeys.lower().startswith("y"):
2246- Run("rm -f /etc/ssh/ssh_host_*key*")
2247-
2248- # Remove root password
2249- if delRootPass != None and delRootPass.lower().startswith("y"):
2250- DeleteRootPassword()
2251-
2252- # Remove distribution specific networking configuration
2253-
2254- UpdateAndPublishHostNameCommon("localhost.localdomain")
2255-
2256- # RedHat, Suse, Debian
2257- for a in VarLibDhcpDirectories:
2258- Run("rm -f " + a + "/*")
2259-
2260- # Clear LibDir, remove nameserver and root bash history
2261- for f in os.listdir(LibDir) + ["/etc/resolv.conf", "/root/.bash_history", "/var/log/waagent.log"]:
2262- try:
2263- os.remove(f)
2264- except:
2265- pass
2266-
2267- return 0
2268-
2269-def SwitchCwd():
2270- if not IsWindows():
2271- CreateDir(LibDir, "root", 0700)
2272- os.chdir(LibDir)
2273-
2274-def Usage():
2275- print("usage: " + sys.argv[0] + " [-verbose] [-force] [-help|-install|-uninstall|-deprovision[+user]|-version|-serialconsole|-daemon]")
2276- return 0
2277-
2278-if GuestAgentVersion == "":
2279- print("WARNING! This is a non-standard agent that does not include a valid version string.")
2280-if IsLinux() and not DetectLinuxDistro():
2281- print("WARNING! Unable to detect Linux distribution. Some functionality may be broken.")
2282-
2283-if len(sys.argv) == 1:
2284- sys.exit(Usage())
2285-
2286-args = []
2287-force = False
2288-for a in sys.argv[1:]:
2289- if re.match("^([-/]*)(help|usage|\?)", a):
2290- sys.exit(Usage())
2291- elif re.match("^([-/]*)verbose", a):
2292- Verbose = True
2293- elif re.match("^([-/]*)force", a):
2294- force = True
2295- elif re.match("^([-/]*)(setup|install)", a):
2296- sys.exit(Install())
2297- elif re.match("^([-/]*)(uninstall)", a):
2298- sys.exit(Uninstall())
2299- else:
2300- args.append(a)
2301-
2302-Config = ConfigurationProvider()
2303-
2304-verbose = Config.get("Logs.Verbose")
2305-if verbose != None and verbose.lower().startswith("y"):
2306- Verbose = True
2307-
2308-daemon = False
2309-for a in args:
2310- if re.match("^([-/]*)deprovision\+user", a):
2311- sys.exit(Deprovision(force, True))
2312- elif re.match("^([-/]*)deprovision", a):
2313- sys.exit(Deprovision(force, False))
2314- elif re.match("^([-/]*)daemon", a):
2315- daemon = True
2316- elif re.match("^([-/]*)version", a):
2317- print(GuestAgentVersion + " running on " + LinuxDistro)
2318- sys.exit(0)
2319- elif re.match("^([-/]*)serialconsole", a):
2320- AddToLinuxKernelCmdline("console=ttyS0 earlyprintk=ttyS0")
2321- Log("Configured kernel to use ttyS0 as the boot console.")
2322- sys.exit(0)
2323- else:
2324- print("Invalid command line parameter:" + a)
2325- sys.exit(1)
2326-
2327-if daemon == False:
2328- sys.exit(Usage())
2329-
2330-try:
2331- SwitchCwd()
2332- Log(GuestAgentLongName + " Version: " + GuestAgentVersion)
2333- if IsLinux():
2334- Log("Linux Distribution Detected : " + LinuxDistro)
2335- WaAgent = Agent()
2336- WaAgent.Run()
2337-except Exception, e:
2338- Error(traceback.format_exc())
2339- Error("Exception: " + str(e))
2340- sys.exit(1)
2341
2342=== removed directory '.pc/001_ubuntu_agent_startup.patch'
2343=== removed file '.pc/001_ubuntu_agent_startup.patch/waagent'
2344--- .pc/001_ubuntu_agent_startup.patch/waagent 2012-06-22 09:10:22 +0000
2345+++ .pc/001_ubuntu_agent_startup.patch/waagent 1970-01-01 00:00:00 +0000
2346@@ -1,2395 +0,0 @@
2347-#!/usr/bin/python
2348-#
2349-# Windows Azure Linux Agent
2350-#
2351-# Copyright 2012 Microsoft Corporation
2352-#
2353-# Licensed under the Apache License, Version 2.0 (the "License");
2354-# you may not use this file except in compliance with the License.
2355-# You may obtain a copy of the License at
2356-#
2357-# http://www.apache.org/licenses/LICENSE-2.0
2358-#
2359-# Unless required by applicable law or agreed to in writing, software
2360-# distributed under the License is distributed on an "AS IS" BASIS,
2361-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2362-# See the License for the specific language governing permissions and
2363-# limitations under the License.
2364-#
2365-# Requires Python 2.4+ and Openssl 1.0+
2366-#
2367-# Implements parts of RFC 2131, 1541, 1497 and
2368-# http://msdn.microsoft.com/en-us/library/cc227282%28PROT.10%29.aspx
2369-# http://msdn.microsoft.com/en-us/library/cc227259%28PROT.13%29.aspx
2370-#
2371-
2372-import array
2373-import base64
2374-import httplib
2375-import os
2376-import os.path
2377-import platform
2378-import pwd
2379-import re
2380-import shutil
2381-import socket
2382-import SocketServer
2383-import struct
2384-import sys
2385-import tempfile
2386-import textwrap
2387-import threading
2388-import time
2389-import traceback
2390-import xml.dom.minidom
2391-
2392-GuestAgentName = "WALinuxAgent"
2393-GuestAgentLongName = "Windows Azure Linux Agent"
2394-GuestAgentVersion = "rd_wala.120504-1323"
2395-ProtocolVersion = "2011-12-31"
2396-
2397-Config = None
2398-LinuxDistro = "UNKNOWN"
2399-Verbose = False
2400-WaAgent = None
2401-DiskActivated = False
2402-Openssl = "openssl"
2403-
2404-PossibleEthernetInterfaces = ["seth0", "seth1", "eth0", "eth1"]
2405-RulesFiles = [ "/lib/udev/rules.d/75-persistent-net-generator.rules",
2406- "/etc/udev/rules.d/70-persistent-net.rules" ]
2407-VarLibDhcpDirectories = ["/var/lib/dhclient", "/var/lib/dhcpcd", "/var/lib/dhcp"]
2408-EtcDhcpClientConfFiles = ["/etc/dhcp/dhclient.conf", "/etc/dhcp3/dhclient.conf"]
2409-LibDir = "/var/lib/waagent"
2410-
2411-# This lets us index into a string or an array of integers transparently.
2412-def Ord(a):
2413- if type(a) == type("a"):
2414- a = ord(a)
2415- return a
2416-
2417-def IsWindows():
2418- return (platform.uname()[0] == "Windows")
2419-
2420-def IsLinux():
2421- return (platform.uname()[0] == "Linux")
2422-
2423-def DetectLinuxDistro():
2424- global LinuxDistro
2425- if os.path.isfile("/etc/redhat-release"):
2426- LinuxDistro = "RedHat"
2427- return True
2428- if os.path.isfile("/etc/lsb-release") and "Ubuntu" in GetFileContents("/etc/lsb-release"):
2429- LinuxDistro = "Ubuntu"
2430- return True
2431- if os.path.isfile("/etc/debian_version"):
2432- LinuxDistro = "Debian"
2433- return True
2434- if os.path.isfile("/etc/SuSE-release"):
2435- LinuxDistro = "Suse"
2436- return True
2437- return False
2438-
2439-def IsRedHat():
2440- return "RedHat" in LinuxDistro
2441-
2442-def IsUbuntu():
2443- return "Ubuntu" in LinuxDistro
2444-
2445-def IsDebian():
2446- return IsUbuntu() or "Debian" in LinuxDistro
2447-
2448-def IsSuse():
2449- return "Suse" in LinuxDistro
2450-
2451-def UsesRpm():
2452- return IsRedHat() or IsSuse()
2453-
2454-def UsesDpkg():
2455- return IsDebian()
2456-
2457-def GetLastPathElement(path):
2458- return path.rsplit('/', 1)[1]
2459-
2460-def GetFileContents(filepath):
2461- file = None
2462- try:
2463- file = open(filepath)
2464- except:
2465- return None
2466- if file == None:
2467- return None
2468- try:
2469- return file.read()
2470- finally:
2471- file.close()
2472-
2473-def SetFileContents(filepath, contents):
2474- file = open(filepath, "w")
2475- try:
2476- file.write(contents)
2477- finally:
2478- file.close()
2479-
2480-def AppendFileContents(filepath, contents):
2481- file = open(filepath, "a")
2482- try:
2483- file.write(contents)
2484- finally:
2485- file.close()
2486-
2487-def ReplaceFileContentsAtomic(filepath, contents):
2488- handle, temp = tempfile.mkstemp(dir = os.path.dirname(filepath))
2489- try:
2490- os.write(handle, contents)
2491- finally:
2492- os.close(handle)
2493- try:
2494- os.rename(temp, filepath)
2495- return
2496- except:
2497- pass
2498- os.remove(filepath)
2499- os.rename(temp, filepath)
2500-
2501-def GetLineStartingWith(prefix, filepath):
2502- for line in GetFileContents(filepath).split('\n'):
2503- if line.startswith(prefix):
2504- return line
2505- return None
2506-
2507-def Run(a):
2508- LogIfVerbose(a)
2509- return os.system(a)
2510-
2511-def GetNodeTextData(a):
2512- for b in a.childNodes:
2513- if b.nodeType == b.TEXT_NODE:
2514- return b.data
2515-
2516-def GetHome():
2517- home = None
2518- try:
2519- home = GetLineStartingWith("HOME", "/etc/default/useradd").split('=')[1].strip()
2520- except:
2521- pass
2522- if (home == None) or (home.startswith("/") == False):
2523- home = "/home"
2524- return home
2525-
2526-def ChangeOwner(filepath, user):
2527- p = None
2528- try:
2529- p = pwd.getpwnam(user)
2530- except:
2531- pass
2532- if p != None:
2533- os.chown(filepath, p[2], p[3])
2534-
2535-def CreateDir(dirpath, user, mode):
2536- try:
2537- os.makedirs(dirpath, mode)
2538- except:
2539- pass
2540- ChangeOwner(dirpath, user)
2541-
2542-def CreateAccount(user, password, expiration, thumbprint):
2543- if IsWindows():
2544- Log("Skipping CreateAccount on Windows")
2545- return None
2546- userentry = None
2547- try:
2548- userentry = pwd.getpwnam(user)
2549- except:
2550- pass
2551- uidmin = None
2552- try:
2553- uidmin = int(GetLineStartingWith("UID_MIN", "/etc/login.defs").split()[1])
2554- except:
2555- pass
2556- if uidmin == None:
2557- uidmin = 100
2558- if userentry != None and userentry[2] < uidmin:
2559- Error("CreateAccount: " + user + " is a system user. Will not set password.")
2560- return "Failed to set password for system user: " + user + " (0x06)."
2561- if userentry == None:
2562- command = "useradd -m " + user
2563- if expiration != None:
2564- command += " -e " + expiration.split('.')[0]
2565- if Run(command):
2566- Error("Failed to create user account: " + user)
2567- return "Failed to create user account: " + user + " (0x07)."
2568- else:
2569- Log("CreateAccount: " + user + " already exists. Will update password.")
2570- if password != None:
2571- os.popen("chpasswd", "w").write(user + ":" + password + "\n")
2572- try:
2573- if password == None:
2574- SetFileContents("/etc/sudoers.d/waagent", user + " ALL = (ALL) NOPASSWD: ALL\n")
2575- else:
2576- SetFileContents("/etc/sudoers.d/waagent", user + " ALL = (ALL) ALL\n")
2577- os.chmod("/etc/sudoers.d/waagent", 0440)
2578- except:
2579- Error("CreateAccount: Failed to configure sudo access for user.")
2580- return "Failed to configure sudo privileges (0x08)."
2581- home = GetHome()
2582- if thumbprint != None:
2583- dir = home + "/" + user + "/.ssh"
2584- CreateDir(dir, user, 0700)
2585- pub = dir + "/id_rsa.pub"
2586- prv = dir + "/id_rsa"
2587- Run("ssh-keygen -y -f " + thumbprint + ".prv > " + pub)
2588- SetFileContents(prv, GetFileContents(thumbprint + ".prv"))
2589- for f in [pub, prv]:
2590- os.chmod(f, 0600)
2591- ChangeOwner(f, user)
2592- SetFileContents(dir + "/authorized_keys", GetFileContents(pub))
2593- ChangeOwner(dir + "/authorized_keys", user)
2594- Log("Created user account: " + user)
2595- return None
2596-
2597-def DeleteAccount(user):
2598- if IsWindows():
2599- Log("Skipping DeleteAccount on Windows")
2600- return
2601- userentry = None
2602- try:
2603- userentry = pwd.getpwnam(user)
2604- except:
2605- pass
2606- if userentry == None:
2607- Error("DeleteAccount: " + user + " not found.")
2608- return
2609- uidmin = None
2610- try:
2611- uidmin = int(GetLineStartingWith("UID_MIN", "/etc/login.defs").split()[1])
2612- except:
2613- pass
2614- if uidmin == None:
2615- uidmin = 100
2616- if userentry[2] < uidmin:
2617- Error("DeleteAccount: " + user + " is a system user. Will not delete account.")
2618- return
2619- Run("userdel -f -r " + user)
2620- try:
2621- os.remove("/etc/sudoers.d/waagent")
2622- except:
2623- pass
2624- return
2625-
2626-def ReloadSshd():
2627- name = None
2628- if IsRedHat() or IsSuse():
2629- name = "sshd"
2630- if IsDebian():
2631- name = "ssh"
2632- if name == None:
2633- return
2634- if not Run("service " + name + " status | grep running"):
2635- Run("service " + name + " reload")
2636-
2637-def IsInRangeInclusive(a, low, high):
2638- return (a >= low and a <= high)
2639-
2640-def IsPrintable(ch):
2641- return IsInRangeInclusive(ch, Ord('A'), Ord('Z')) or IsInRangeInclusive(ch, Ord('a'), Ord('z')) or IsInRangeInclusive(ch, Ord('0'), Ord('9'))
2642-
2643-def HexDump(buffer, size):
2644- if size < 0:
2645- size = len(buffer)
2646- result = ""
2647- for i in range(0, size):
2648- if (i % 16) == 0:
2649- result += "%06X: " % i
2650- byte = struct.unpack("B", buffer[i])[0]
2651- result += "%02X " % byte
2652- if (i & 15) == 7:
2653- result += " "
2654- if ((i + 1) % 16) == 0 or (i + 1) == size:
2655- j = i
2656- while ((j + 1) % 16) != 0:
2657- result += " "
2658- if (j & 7) == 7:
2659- result += " "
2660- j += 1
2661- result += " "
2662- for j in range(i - (i % 16), i + 1):
2663- byte = struct.unpack("B", buffer[j])[0]
2664- k = '.'
2665- if IsPrintable(byte):
2666- k = chr(byte)
2667- result += k
2668- if (i + 1) != size:
2669- result += "\n"
2670- return result
2671-
2672-def ThrottleLog(counter):
2673- # Log everything up to 10, every 10 up to 100, then every 100.
2674- return (counter < 10) or ((counter < 100) and ((counter % 10) == 0)) or ((counter % 100) == 0)
2675-
2676-def Logger():
2677- class T(object):
2678- def __init__(self):
2679- self.File = None
2680-
2681- self = T()
2682-
2683- def LogToFile(message):
2684- FilePath = ["/var/log/waagent.log", "waagent.log"][IsWindows()]
2685- if not os.path.isfile(FilePath) and self.File != None:
2686- self.File.close()
2687- self.File = None
2688- if self.File == None:
2689- self.File = open(FilePath, "a")
2690- self.File.write(message + "\n")
2691- self.File.flush()
2692-
2693- def Log(message):
2694- LogWithPrefix("", message)
2695-
2696- def LogWithPrefix(prefix, message):
2697- t = time.localtime()
2698- t = "%04u/%02u/%02u %02u:%02u:%02u " % (t.tm_year, t.tm_mon, t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec)
2699- t += prefix
2700- for line in message.split('\n'):
2701- line = t + line
2702- print(line)
2703- LogToFile(line)
2704-
2705- return Log, LogWithPrefix
2706-
2707-Log, LogWithPrefix = Logger()
2708-
2709-def NoLog(message):
2710- pass
2711-
2712-def LogIfVerbose(message):
2713- if Verbose == True:
2714- Log(message)
2715-
2716-def LogWithPrefixIfVerbose(prefix, message):
2717- if Verbose == True:
2718- LogWithPrefix(prefix, message)
2719-
2720-def Warn(message):
2721- LogWithPrefix("WARNING:", message)
2722-
2723-def Error(message):
2724- LogWithPrefix("ERROR:", message)
2725-
2726-def ErrorWithPrefix(prefix, message):
2727- LogWithPrefix("ERROR:" + prefix, message)
2728-
2729-def Linux_ioctl_GetIpv4Address(ifname):
2730- import fcntl
2731- s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
2732- return socket.inet_ntoa(fcntl.ioctl(s.fileno(), 0x8915, struct.pack('256s', ifname[:15]))[20:24])
2733-
2734-def Linux_ioctl_GetInterfaceMac(ifname):
2735- import fcntl
2736- s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
2737- info = fcntl.ioctl(s.fileno(), 0x8927, struct.pack('256s', ifname[:15]))
2738- return ''.join(['%02X' % Ord(char) for char in info[18:24]])
2739-
2740-def GetIpv4Address():
2741- if IsLinux():
2742- for ifname in PossibleEthernetInterfaces:
2743- try:
2744- return Linux_ioctl_GetIpv4Address(ifname)
2745- except IOError, e:
2746- pass
2747- else:
2748- try:
2749- return socket.gethostbyname(socket.gethostname())
2750- except Exception, e:
2751- ErrorWithPrefix("GetIpv4Address:", str(e))
2752- ErrorWithPrefix("GetIpv4Address:", traceback.format_exc())
2753-
2754-def HexStringToByteArray(a):
2755- b = ""
2756- for c in range(0, len(a) / 2):
2757- b += struct.pack("B", int(a[c * 2:c * 2 + 2], 16))
2758- return b
2759-
2760-def GetMacAddress():
2761- if IsWindows():
2762- # Windows: Physical Address. . . . . . . . . : 00-15-17-79-00-7F\n
2763- a = "ipconfig /all | findstr /c:\"Physical Address\" | findstr /v \"00-00-00-00-00-00-00\""
2764- a = os.popen(a).read()
2765- a = re.sub("\s+$", "", a)
2766- a = re.sub(".+ ", "", a)
2767- a = re.sub(":", "", a)
2768- a = re.sub("-", "", a)
2769- else:
2770- for ifname in PossibleEthernetInterfaces:
2771- try:
2772- a = Linux_ioctl_GetInterfaceMac(ifname)
2773- break
2774- except IOError, e:
2775- pass
2776- return HexStringToByteArray(a)
2777-
2778-def DeviceForIdePort(n):
2779- if n > 3:
2780- return None
2781- g0 = "00000000"
2782- if n > 1:
2783- g0 = "00000001"
2784- n = n - 2
2785- device = None
2786- path="/sys/bus/vmbus/devices/"
2787- for vmbus in os.listdir(path):
2788- guid=GetFileContents(path + vmbus + "/device_id").lstrip('{').split('-')
2789- if guid[0] == g0 and guid[1] == "000" + str(n):
2790- for root, dirs, files in os.walk(path + vmbus):
2791- if root.endswith("/block"):
2792- device = dirs[0]
2793- break
2794- break
2795- return device
2796-
2797-class Util(object):
2798- def _HttpGet(self, url, headers):
2799- LogIfVerbose("HttpGet(" + url + ")")
2800- maxRetry = 2
2801- if url.startswith("http://"):
2802- url = url[7:]
2803- url = url[url.index("/"):]
2804- for retry in range(0, maxRetry + 1):
2805- strRetry = str(retry)
2806- log = [NoLog, Log][retry > 0]
2807- log("retry HttpGet(" + url + "),retry=" + strRetry)
2808- response = None
2809- strStatus = "None"
2810- try:
2811- httpConnection = httplib.HTTPConnection(self.Endpoint)
2812- if headers == None:
2813- request = httpConnection.request("GET", url)
2814- else:
2815- request = httpConnection.request("GET", url, None, headers)
2816- response = httpConnection.getresponse()
2817- strStatus = str(response.status)
2818- except:
2819- pass
2820- log("response HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2821- if response == None or response.status != httplib.OK:
2822- Error("HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2823- if retry == maxRetry:
2824- Log("return HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2825- return None
2826- else:
2827- Log("sleep 10 seconds HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2828- time.sleep(10)
2829- else:
2830- log("return HttpGet(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2831- return response.read()
2832-
2833- def HttpGetWithoutHeaders(self, url):
2834- return self._HttpGet(url, None)
2835-
2836- def HttpGetWithHeaders(self, url):
2837- return self._HttpGet(url, {"x-ms-agent-name": GuestAgentName, "x-ms-version": ProtocolVersion})
2838-
2839- def HttpSecureGetWithHeaders(self, url, transportCert):
2840- return self._HttpGet(url, {"x-ms-agent-name": GuestAgentName,
2841- "x-ms-version": ProtocolVersion,
2842- "x-ms-cipher-name": "DES_EDE3_CBC",
2843- "x-ms-guest-agent-public-x509-cert": transportCert})
2844-
2845- def HttpPost(self, url, data):
2846- LogIfVerbose("HttpPost(" + url + ")")
2847- maxRetry = 2
2848- for retry in range(0, maxRetry + 1):
2849- strRetry = str(retry)
2850- log = [NoLog, Log][retry > 0]
2851- log("retry HttpPost(" + url + "),retry=" + strRetry)
2852- response = None
2853- strStatus = "None"
2854- try:
2855- httpConnection = httplib.HTTPConnection(self.Endpoint)
2856- request = httpConnection.request("POST", url, data, {"x-ms-agent-name": GuestAgentName,
2857- "Content-Type": "text/xml; charset=utf-8",
2858- "x-ms-version": ProtocolVersion})
2859- response = httpConnection.getresponse()
2860- strStatus = str(response.status)
2861- except:
2862- pass
2863- log("response HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2864- if response == None or (response.status != httplib.OK and response.status != httplib.ACCEPTED):
2865- Error("HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2866- if retry == maxRetry:
2867- Log("return HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2868- return None
2869- else:
2870- Log("sleep 10 seconds HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2871- time.sleep(10)
2872- else:
2873- log("return HttpPost(" + url + "),retry=" + strRetry + ",status=" + strStatus)
2874- return response
2875-
2876-def LoadBalancerProbeServer(port):
2877-
2878- class T(object):
2879- def __init__(self, port):
2880- enabled = Config.get("LBProbeResponder")
2881- if enabled != None and enabled.lower().startswith("n"):
2882- return
2883- self.ProbeCounter = 0
2884- self.server = SocketServer.TCPServer((GetIpv4Address(), port), TCPHandler)
2885- self.server_thread = threading.Thread(target = self.server.serve_forever)
2886- self.server_thread.setDaemon(True)
2887- self.server_thread.start()
2888-
2889- def shutdown(self):
2890- global EnableLoadBalancerProbes
2891- if not EnableLoadBalancerProbes:
2892- return
2893- self.server.shutdown()
2894-
2895- class TCPHandler(SocketServer.BaseRequestHandler):
2896- def GetHttpDateTimeNow(self):
2897- # Date: Fri, 25 Mar 2011 04:53:10 GMT
2898- return time.strftime("%a, %d %b %Y %H:%M:%S GMT", time.gmtime())
2899-
2900- def handle(self):
2901- context.ProbeCounter = (context.ProbeCounter + 1) % 1000000
2902- log = [NoLog, LogIfVerbose][ThrottleLog(context.ProbeCounter)]
2903- strCounter = str(context.ProbeCounter)
2904- if context.ProbeCounter == 1:
2905- Log("Receiving LB probes.")
2906- log("Received LB probe # " + strCounter)
2907- self.request.recv(1024)
2908- self.request.send("HTTP/1.1 200 OK\r\nContent-Length: 2\r\nContent-Type: text/html\r\nDate: " + self.GetHttpDateTimeNow() + "\r\n\r\nOK")
2909-
2910- context = T(port)
2911- return context
2912-
2913-class ConfigurationProvider(object):
2914- def __init__(self):
2915- self.values = dict()
2916- if os.path.isfile("/etc/waagent.conf") == False:
2917- raise Exception("Missing configuration in /etc/waagent.conf")
2918- try:
2919- for line in GetFileContents("/etc/waagent.conf").split('\n'):
2920- if not line.startswith("#") and "=" in line:
2921- parts = line.split()[0].split('=')
2922- value = parts[1].strip("\" ")
2923- if value != "None":
2924- self.values[parts[0]] = value
2925- else:
2926- self.values[parts[0]] = None
2927- except:
2928- Error("Unable to parse /etc/waagent.conf")
2929- raise
2930- return
2931-
2932- def get(self, key):
2933- return self.values.get(key)
2934-
2935-class EnvMonitor(object):
2936- def __init__(self):
2937- self.shutdown = False
2938- self.HostName = socket.gethostname()
2939- self.server_thread = threading.Thread(target = self.monitor)
2940- self.server_thread.setDaemon(True)
2941- self.server_thread.start()
2942- self.published = False
2943-
2944- def monitor(self):
2945- publish = Config.get("Provisioning.MonitorHostName")
2946- dhcpcmd = "pidof dhclient"
2947- if IsSuse():
2948- dhcpcmd = "pidof dhcpcd"
2949- if IsDebian():
2950- dhcpcmd = "pidof dhclient3"
2951- dhcppid = os.popen(dhcpcmd).read()
2952- while not self.shutdown:
2953- for a in RulesFiles:
2954- if os.path.isfile(a):
2955- if os.path.isfile(GetLastPathElement(a)):
2956- os.remove(GetLastPathElement(a))
2957- shutil.move(a, ".")
2958- Log("EnvMonitor: Moved " + a + " -> " + LibDir)
2959- if publish != None and publish.lower().startswith("y"):
2960- try:
2961- if socket.gethostname() != self.HostName:
2962- Log("EnvMonitor: Detected host name change: " + self.HostName + " -> " + socket.gethostname())
2963- self.HostName = socket.gethostname()
2964- WaAgent.UpdateAndPublishHostName(self.HostName)
2965- dhcppid = os.popen(dhcpcmd).read()
2966- self.published = True
2967- except:
2968- pass
2969- else:
2970- self.published = True
2971- pid = ""
2972- if not os.path.isdir("/proc/" + dhcppid.strip()):
2973- pid = os.popen(dhcpcmd).read()
2974- if pid != "" and pid != dhcppid:
2975- Log("EnvMonitor: Detected dhcp client restart. Restoring routing table.")
2976- WaAgent.RestoreRoutes()
2977- dhcppid = pid
2978- time.sleep(5)
2979-
2980- def SetHostName(self, name):
2981- if socket.gethostname() == name:
2982- self.published = True
2983- else:
2984- Run("hostname " + name)
2985-
2986- def IsNamePublished(self):
2987- return self.published
2988-
2989- def shutdown(self):
2990- self.shutdown = True
2991- self.server_thread.join()
2992-
2993-class Certificates(object):
2994-#
2995-# <CertificateFile xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="certificates10.xsd">
2996-# <Version>2010-12-15</Version>
2997-# <Incarnation>2</Incarnation>
2998-# <Format>Pkcs7BlobWithPfxContents</Format>
2999-# <Data>MIILTAY...
3000-# </Data>
3001-# </CertificateFile>
3002-#
3003- def __init__(self):
3004- self.reinitialize()
3005-
3006- def reinitialize(self):
3007- self.Incarnation = None
3008- self.Role = None
3009-
3010- def Parse(self, xmlText):
3011- self.reinitialize()
3012- SetFileContents("Certificates.xml", xmlText)
3013- dom = xml.dom.minidom.parseString(xmlText)
3014- for a in [ "CertificateFile", "Version", "Incarnation",
3015- "Format", "Data", ]:
3016- if not dom.getElementsByTagName(a):
3017- Error("Certificates.Parse: Missing " + a)
3018- return None
3019- node = dom.childNodes[0]
3020- if node.localName != "CertificateFile":
3021- Error("Certificates.Parse: root not CertificateFile")
3022- return None
3023- SetFileContents("Certificates.p7m",
3024- "MIME-Version: 1.0\n"
3025- + "Content-Disposition: attachment; filename=\"Certificates.p7m\"\n"
3026- + "Content-Type: application/x-pkcs7-mime; name=\"Certificates.p7m\"\n"
3027- + "Content-Transfer-Encoding: base64\n\n"
3028- + GetNodeTextData(dom.getElementsByTagName("Data")[0]))
3029- if Run(Openssl + " cms -decrypt -in Certificates.p7m -inkey TransportPrivate.pem -recip TransportCert.pem | " + Openssl + " pkcs12 -nodes -password pass: -out Certificates.pem"):
3030- Error("Certificates.Parse: Failed to extract certificates from CMS message.")
3031- return self
3032- # There may be multiple certificates in this package. Split them.
3033- file = open("Certificates.pem")
3034- pindex = 1
3035- cindex = 1
3036- output = open("temp.pem", "w")
3037- for line in file.readlines():
3038- output.write(line)
3039- if line.startswith("-----END PRIVATE KEY-----") or line.startswith("-----END CERTIFICATE-----"):
3040- output.close()
3041- if line.startswith("-----END PRIVATE KEY-----"):
3042- os.rename("temp.pem", str(pindex) + ".prv")
3043- pindex += 1
3044- else:
3045- os.rename("temp.pem", str(cindex) + ".crt")
3046- cindex += 1
3047- output = open("temp.pem", "w")
3048- output.close()
3049- os.remove("temp.pem")
3050- keys = dict()
3051- index = 1
3052- filename = str(index) + ".crt"
3053- while os.path.isfile(filename):
3054- thumbprint = os.popen(Openssl + " x509 -in " + filename + " -fingerprint -noout").read().rstrip().split('=')[1].replace(':', '').upper()
3055- pubkey=os.popen(Openssl + " x509 -in " + filename + " -pubkey -noout").read()
3056- keys[pubkey] = thumbprint
3057- os.rename(filename, thumbprint + ".crt")
3058- os.chmod(thumbprint + ".crt", 0600)
3059- if IsRedHat():
3060- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + thumbprint + ".crt")
3061- index += 1
3062- filename = str(index) + ".crt"
3063- index = 1
3064- filename = str(index) + ".prv"
3065- while os.path.isfile(filename):
3066- pubkey = os.popen(Openssl + " rsa -in " + filename + " -pubout").read()
3067- os.rename(filename, keys[pubkey] + ".prv")
3068- os.chmod(keys[pubkey] + ".prv", 0600)
3069- if IsRedHat():
3070- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + keys[pubkey] + ".prv")
3071- index += 1
3072- filename = str(index) + ".prv"
3073- return self
3074-
3075-class SharedConfig(object):
3076-#
3077-# <SharedConfig version="1.0.0.0" goalStateIncarnation="1">
3078-# <Deployment name="db00a7755a5e4e8a8fe4b19bc3b330c3" guid="{ce5a036f-5c93-40e7-8adf-2613631008ab}" incarnation="2">
3079-# <Service name="MyVMRoleService" guid="{00000000-0000-0000-0000-000000000000}" />
3080-# <ServiceInstance name="db00a7755a5e4e8a8fe4b19bc3b330c3.1" guid="{d113f4d7-9ead-4e73-b715-b724b5b7842c}" />
3081-# </Deployment>
3082-# <Incarnation number="1" instance="MachineRole_IN_0" guid="{a0faca35-52e5-4ec7-8fd1-63d2bc107d9b}" />
3083-# <Role guid="{73d95f1c-6472-e58e-7a1a-523554e11d46}" name="MachineRole" settleTimeSeconds="10" />
3084-# <LoadBalancerSettings timeoutSeconds="0" waitLoadBalancerProbeCount="8">
3085-# <Probes>
3086-# <Probe name="MachineRole" />
3087-# <Probe name="55B17C5E41A1E1E8FA991CF80FAC8E55" />
3088-# <Probe name="3EA4DBC19418F0A766A4C19D431FA45F" />
3089-# </Probes>
3090-# </LoadBalancerSettings>
3091-# <OutputEndpoints>
3092-# <Endpoint name="MachineRole:Microsoft.WindowsAzure.Plugins.RemoteAccess.Rdp" type="SFS">
3093-# <Target instance="MachineRole_IN_0" endpoint="Microsoft.WindowsAzure.Plugins.RemoteAccess.Rdp" />
3094-# </Endpoint>
3095-# </OutputEndpoints>
3096-# <Instances>
3097-# <Instance id="MachineRole_IN_0" address="10.115.153.75">
3098-# <FaultDomains randomId="0" updateId="0" updateCount="0" />
3099-# <InputEndpoints>
3100-# <Endpoint name="a" address="10.115.153.75:80" protocol="http" isPublic="true" loadBalancedPublicAddress="70.37.106.197:80" enableDirectServerReturn="false" isDirectAddress="false" disableStealthMode="false">
3101-# <LocalPorts>
3102-# <LocalPortRange from="80" to="80" />
3103-# </LocalPorts>
3104-# </Endpoint>
3105-# <Endpoint name="Microsoft.WindowsAzure.Plugins.RemoteAccess.Rdp" address="10.115.153.75:3389" protocol="tcp" isPublic="false" enableDirectServerReturn="false" isDirectAddress="false" disableStealthMode="false">
3106-# <LocalPorts>
3107-# <LocalPortRange from="3389" to="3389" />
3108-# </LocalPorts>
3109-# </Endpoint>
3110-# <Endpoint name="Microsoft.WindowsAzure.Plugins.RemoteForwarder.RdpInput" address="10.115.153.75:20000" protocol="tcp" isPublic="true" loadBalancedPublicAddress="70.37.106.197:3389" enableDirectServerReturn="false" isDirectAddress="false" disableStealthMode="false">
3111-# <LocalPorts>
3112-# <LocalPortRange from="20000" to="20000" />
3113-# </LocalPorts>
3114-# </Endpoint>
3115-# </InputEndpoints>
3116-# </Instance>
3117-# </Instances>
3118-# </SharedConfig>
3119-#
3120- def __init__(self):
3121- self.reinitialize()
3122-
3123- def reinitialize(self):
3124- self.Deployment = None
3125- self.Incarnation = None
3126- self.Role = None
3127- self.LoadBalancerSettings = None
3128- self.OutputEndpoints = None
3129- self.Instances = None
3130-
3131- def Parse(self, xmlText):
3132- self.reinitialize()
3133- SetFileContents("SharedConfig.xml", xmlText)
3134- dom = xml.dom.minidom.parseString(xmlText)
3135- for a in [ "SharedConfig", "Deployment", "Service",
3136- "ServiceInstance", "Incarnation", "Role", ]:
3137- if not dom.getElementsByTagName(a):
3138- Error("SharedConfig.Parse: Missing " + a)
3139- return None
3140- node = dom.childNodes[0]
3141- if node.localName != "SharedConfig":
3142- Error("SharedConfig.Parse: root not SharedConfig")
3143- return None
3144- program = Config.get("Role.TopologyConsumer")
3145- if program != None:
3146- os.spawnl(os.P_NOWAIT, program, program, LibDir + "/SharedConfig.xml")
3147- return self
3148-
3149-class HostingEnvironmentConfig(object):
3150-#
3151-# <HostingEnvironmentConfig version="1.0.0.0" goalStateIncarnation="1">
3152-# <StoredCertificates>
3153-# <StoredCertificate name="Stored0Microsoft.WindowsAzure.Plugins.RemoteAccess.PasswordEncryption" certificateId="sha1:C093FA5CD3AAE057CB7C4E04532B2E16E07C26CA" storeName="My" configurationLevel="System" />
3154-# </StoredCertificates>
3155-# <Deployment name="db00a7755a5e4e8a8fe4b19bc3b330c3" guid="{ce5a036f-5c93-40e7-8adf-2613631008ab}" incarnation="2">
3156-# <Service name="MyVMRoleService" guid="{00000000-0000-0000-0000-000000000000}" />
3157-# <ServiceInstance name="db00a7755a5e4e8a8fe4b19bc3b330c3.1" guid="{d113f4d7-9ead-4e73-b715-b724b5b7842c}" />
3158-# </Deployment>
3159-# <Incarnation number="1" instance="MachineRole_IN_0" guid="{a0faca35-52e5-4ec7-8fd1-63d2bc107d9b}" />
3160-# <Role guid="{73d95f1c-6472-e58e-7a1a-523554e11d46}" name="MachineRole" hostingEnvironmentVersion="1" software="" softwareType="ApplicationPackage" entryPoint="" parameters="" settleTimeSeconds="10" />
3161-# <HostingEnvironmentSettings name="full" Runtime="rd_fabric_stable.110217-1402.RuntimePackage_1.0.0.8.zip">
3162-# <CAS mode="full" />
3163-# <PrivilegeLevel mode="max" />
3164-# <AdditionalProperties><CgiHandlers></CgiHandlers></AdditionalProperties>
3165-# </HostingEnvironmentSettings>
3166-# <ApplicationSettings>
3167-# <Setting name="__ModelData" value="&lt;m role=&quot;MachineRole&quot; xmlns=&quot;urn:azure:m:v1&quot;>&lt;r name=&quot;MachineRole&quot;>&lt;e name=&quot;a&quot; />&lt;e name=&quot;b&quot; />&lt;e name=&quot;Microsoft.WindowsAzure.Plugins.RemoteAccess.Rdp&quot; />&lt;e name=&quot;Microsoft.WindowsAzure.Plugins.RemoteForwarder.RdpInput&quot; />&lt;/r>&lt;/m>" />
3168-# <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" value="DefaultEndpointsProtocol=http;AccountName=osimages;AccountKey=DNZQ..." />
3169-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountEncryptedPassword" value="MIIBnQYJKoZIhvcN..." />
3170-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountExpiration" value="2022-07-23T23:59:59.0000000-07:00" />
3171-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountUsername" value="test" />
3172-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.Enabled" value="true" />
3173-# <Setting name="Microsoft.WindowsAzure.Plugins.RemoteForwarder.Enabled" value="true" />
3174-# <Setting name="Certificate|Microsoft.WindowsAzure.Plugins.RemoteAccess.PasswordEncryption" value="sha1:C093FA5CD3AAE057CB7C4E04532B2E16E07C26CA" />
3175-# </ApplicationSettings>
3176-# <ResourceReferences>
3177-# <Resource name="DiagnosticStore" type="directory" request="Microsoft.Cis.Fabric.Controller.Descriptions.ServiceDescription.Data.Policy" sticky="true" size="1" path="db00a7755a5e4e8a8fe4b19bc3b330c3.MachineRole.DiagnosticStore\" disableQuota="false" />
3178-# </ResourceReferences>
3179-# </HostingEnvironmentConfig>
3180-#
3181- def __init__(self):
3182- self.reinitialize()
3183-
3184- def reinitialize(self):
3185- self.StoredCertificates = None
3186- self.Deployment = None
3187- self.Incarnation = None
3188- self.Role = None
3189- self.HostingEnvironmentSettings = None
3190- self.ApplicationSettings = None
3191- self.Certificates = None
3192- self.ResourceReferences = None
3193-
3194- def Parse(self, xmlText):
3195- self.reinitialize()
3196- SetFileContents("HostingEnvironmentConfig.xml", xmlText)
3197- dom = xml.dom.minidom.parseString(xmlText)
3198- for a in [ "HostingEnvironmentConfig", "Deployment", "Service",
3199- "ServiceInstance", "Incarnation", "Role", ]:
3200- if not dom.getElementsByTagName(a):
3201- Error("HostingEnvironmentConfig.Parse: Missing " + a)
3202- return None
3203- node = dom.childNodes[0]
3204- if node.localName != "HostingEnvironmentConfig":
3205- Error("HostingEnvironmentConfig.Parse: root not HostingEnvironmentConfig")
3206- return None
3207- self.ApplicationSettings = dom.getElementsByTagName("Setting")
3208- self.Certificates = dom.getElementsByTagName("StoredCertificate")
3209- return self
3210-
3211- def DecryptPassword(self, e):
3212- SetFileContents("password.p7m",
3213- "MIME-Version: 1.0\n"
3214- + "Content-Disposition: attachment; filename=\"password.p7m\"\n"
3215- + "Content-Type: application/x-pkcs7-mime; name=\"password.p7m\"\n"
3216- + "Content-Transfer-Encoding: base64\n\n"
3217- + textwrap.fill(e, 64))
3218- return os.popen(Openssl + " cms -decrypt -in password.p7m -inkey Certificates.pem -recip Certificates.pem").read()
3219-
3220- def ActivateResourceDisk(self):
3221- global DiskActivated
3222- if IsWindows():
3223- DiskActivated = True
3224- Log("Skipping ActivateResourceDisk on Windows")
3225- return
3226- format = Config.get("ResourceDisk.Format")
3227- if format == None or format.lower().startswith("n"):
3228- DiskActivated = True
3229- return
3230- device = DeviceForIdePort(1)
3231- if device == None:
3232- Error("ActivateResourceDisk: Unable to detect disk topology.")
3233- return
3234- device = "/dev/" + device
3235- for entry in os.popen("mount").read().split():
3236- if entry.startswith(device + "1"):
3237- Log("ActivateResourceDisk: " + device + "1 is already mounted.")
3238- DiskActivated = True
3239- return
3240- mountpoint = Config.get("ResourceDisk.MountPoint")
3241- if mountpoint == None:
3242- mountpoint = "/mnt/resource"
3243- CreateDir(mountpoint, "root", 0755)
3244- fs = Config.get("ResourceDisk.Filesystem")
3245- if fs == None:
3246- fs = "ext3"
3247- if os.popen("sfdisk -q -c " + device + " 1").read().rstrip() == "7" and fs != "ntfs":
3248- Run("sfdisk -c " + device + " 1 83")
3249- Run("mkfs." + fs + " " + device + "1")
3250- if Run("mount " + device + "1 " + mountpoint):
3251- Error("ActivateResourceDisk: Failed to mount resource disk (" + device + "1).")
3252- return
3253- Log("Resource disk (" + device + "1) is mounted at " + mountpoint + " with fstype " + fs)
3254- DiskActivated = True
3255- swap = Config.get("ResourceDisk.EnableSwap")
3256- if swap == None or swap.lower().startswith("n"):
3257- return
3258- sizeKB = int(Config.get("ResourceDisk.SwapSizeMB")) * 1024
3259- if os.path.isfile(mountpoint + "/swapfile") and os.path.getsize(mountpoint + "/swapfile") != (sizeKB * 1024):
3260- os.remove(mountpoint + "/swapfile")
3261- if not os.path.isfile(mountpoint + "/swapfile"):
3262- Run("dd if=/dev/zero of=" + mountpoint + "/swapfile bs=1024 count=" + str(sizeKB))
3263- Run("mkswap " + mountpoint + "/swapfile")
3264- if not Run("swapon " + mountpoint + "/swapfile"):
3265- Log("Enabled " + str(sizeKB) + " KB of swap at " + mountpoint + "/swapfile")
3266- else:
3267- Error("ActivateResourceDisk: Failed to activate swap at " + mountpoint + "/swapfile")
3268-
3269- def Process(self):
3270- if DiskActivated == False:
3271- diskThread = threading.Thread(target = self.ActivateResourceDisk)
3272- diskThread.start()
3273- User = None
3274- Pass = None
3275- Expiration = None
3276- Thumbprint = None
3277- for b in self.ApplicationSettings:
3278- sname = b.getAttribute("name")
3279- svalue = b.getAttribute("value")
3280- if sname == "Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountEncryptedPassword":
3281- Pass = self.DecryptPassword(svalue)
3282- elif sname == "Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountUsername":
3283- User = svalue
3284- elif sname == "Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountExpiration":
3285- Expiration = svalue
3286- elif sname == "Certificate|Microsoft.WindowsAzure.Plugins.RemoteAccess.PasswordEncryption":
3287- Thumbprint = svalue.split(':')[1].upper()
3288- if User != None and Pass != None:
3289- if User != "root" and User != "" and Pass != "":
3290- CreateAccount(User, Pass, Expiration, Thumbprint)
3291- else:
3292- Error("Not creating user account: user=" + User + " pass=" + Pass)
3293- for c in self.Certificates:
3294- cname = c.getAttribute("name")
3295- csha1 = c.getAttribute("certificateId").split(':')[1].upper()
3296- cpath = c.getAttribute("storeName")
3297- clevel = c.getAttribute("configurationLevel")
3298- if os.path.isfile(csha1 + ".prv"):
3299- Log("Private key with thumbprint: " + csha1 + " was retrieved.")
3300- if os.path.isfile(csha1 + ".crt"):
3301- Log("Public cert with thumbprint: " + csha1 + " was retrieved.")
3302- program = Config.get("Role.ConfigurationConsumer")
3303- if program != None:
3304- os.spawnl(os.P_NOWAIT, program, program, LibDir + "/HostingEnvironmentConfig.xml")
3305-
3306-class GoalState(Util):
3307-#
3308-# <GoalState xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="goalstate10.xsd">
3309-# <Version>2010-12-15</Version>
3310-# <Incarnation>1</Incarnation>
3311-# <Machine>
3312-# <ExpectedState>Started</ExpectedState>
3313-# <LBProbePorts>
3314-# <Port>16001</Port>
3315-# </LBProbePorts>
3316-# </Machine>
3317-# <Container>
3318-# <ContainerId>c6d5526c-5ac2-4200-b6e2-56f2b70c5ab2</ContainerId>
3319-# <RoleInstanceList>
3320-# <RoleInstance>
3321-# <InstanceId>MachineRole_IN_0</InstanceId>
3322-# <State>Started</State>
3323-# <Configuration>
3324-# <HostingEnvironmentConfig>http://10.115.153.40:80/machine/c6d5526c-5ac2-4200-b6e2-56f2b70c5ab2/MachineRole%5FIN%5F0?comp=config&amp;type=hostingEnvironmentConfig&amp;incarnation=1</HostingEnvironmentConfig>
3325-# <SharedConfig>http://10.115.153.40:80/machine/c6d5526c-5ac2-4200-b6e2-56f2b70c5ab2/MachineRole%5FIN%5F0?comp=config&amp;type=sharedConfig&amp;incarnation=1</SharedConfig>
3326-# <Certificates>http://10.115.153.40:80/machine/c6d5526c-5ac2-4200-b6e2-56f2b70c5ab2/MachineRole%5FIN%5F0?comp=certificates&amp;incarnation=1</Certificates>
3327-# </Configuration>
3328-# </RoleInstance>
3329-# </RoleInstanceList>
3330-# </Container>
3331-# </GoalState>
3332-#
3333-# There is only one Role for VM images.
3334-#
3335-# Of primary interest is:
3336-# Machine/ExpectedState -- this is how shutdown is requested
3337-# LBProbePorts -- an http server needs to run here
3338-# We also note Container/ContainerID and RoleInstance/InstanceId to form the health report.
3339-# And of course, Incarnation
3340-#
3341- def __init__(self, Agent):
3342- self.Agent = Agent
3343- self.Endpoint = Agent.Endpoint
3344- self.TransportCert = Agent.TransportCert
3345- self.reinitialize()
3346-
3347- def reinitialize(self):
3348- self.Incarnation = None # integer
3349- self.ExpectedState = None # "Started" or "Stopped"
3350- self.HostingEnvironmentConfigUrl = None
3351- self.HostingEnvironmentConfigXml = None
3352- self.HostingEnvironmentConfig = None
3353- self.SharedConfigUrl = None
3354- self.SharedConfigXml = None
3355- self.SharedConfig = None
3356- self.CertificatesUrl = None
3357- self.CertificatesXml = None
3358- self.Certificates = None
3359- self.RoleInstanceId = None
3360- self.ContainerId = None
3361- self.LoadBalancerProbePort = None # integer, ?list of integers
3362-
3363- def Parse(self, xmlText):
3364- self.reinitialize()
3365- node = xml.dom.minidom.parseString(xmlText).childNodes[0]
3366- if node.localName != "GoalState":
3367- Error("GoalState.Parse: root not GoalState")
3368- return None
3369- for a in node.childNodes:
3370- if a.nodeType == node.ELEMENT_NODE:
3371- if a.localName == "Incarnation":
3372- self.Incarnation = GetNodeTextData(a)
3373- elif a.localName == "Machine":
3374- for b in a.childNodes:
3375- if b.nodeType == node.ELEMENT_NODE:
3376- if b.localName == "ExpectedState":
3377- self.ExpectedState = GetNodeTextData(b)
3378- Log("ExpectedState: " + self.ExpectedState)
3379- elif b.localName == "LBProbePorts":
3380- for c in b.childNodes:
3381- if c.nodeType == node.ELEMENT_NODE and c.localName == "Port":
3382- self.LoadBalancerProbePort = int(GetNodeTextData(c))
3383- elif a.localName == "Container":
3384- for b in a.childNodes:
3385- if b.nodeType == node.ELEMENT_NODE:
3386- if b.localName == "ContainerId":
3387- self.ContainerId = GetNodeTextData(b)
3388- Log("ContainerId: " + self.ContainerId)
3389- elif b.localName == "RoleInstanceList":
3390- for c in b.childNodes:
3391- if c.localName == "RoleInstance":
3392- for d in c.childNodes:
3393- if d.nodeType == node.ELEMENT_NODE:
3394- if d.localName == "InstanceId":
3395- self.RoleInstanceId = GetNodeTextData(d)
3396- Log("RoleInstanceId: " + self.RoleInstanceId)
3397- elif d.localName == "State":
3398- pass
3399- elif d.localName == "Configuration":
3400- for e in d.childNodes:
3401- if e.nodeType == node.ELEMENT_NODE:
3402- if e.localName == "HostingEnvironmentConfig":
3403- self.HostingEnvironmentConfigUrl = GetNodeTextData(e)
3404- LogIfVerbose("HostingEnvironmentConfigUrl:" + self.HostingEnvironmentConfigUrl)
3405- self.HostingEnvironmentConfigXml = self.HttpGetWithHeaders(self.HostingEnvironmentConfigUrl)
3406- self.HostingEnvironmentConfig = HostingEnvironmentConfig().Parse(self.HostingEnvironmentConfigXml)
3407- elif e.localName == "SharedConfig":
3408- self.SharedConfigUrl = GetNodeTextData(e)
3409- LogIfVerbose("SharedConfigUrl:" + self.SharedConfigUrl)
3410- self.SharedConfigXml = self.HttpGetWithHeaders(self.SharedConfigUrl)
3411- self.SharedConfig = SharedConfig().Parse(self.SharedConfigXml)
3412- elif e.localName == "Certificates":
3413- self.CertificatesUrl = GetNodeTextData(e)
3414- LogIfVerbose("CertificatesUrl:" + self.CertificatesUrl)
3415- self.CertificatesXml = self.HttpSecureGetWithHeaders(self.CertificatesUrl, self.TransportCert)
3416- self.Certificates = Certificates().Parse(self.CertificatesXml)
3417- if self.Incarnation == None:
3418- Error("GoalState.Parse: Incarnation missing")
3419- return None
3420- if self.ExpectedState == None:
3421- Error("GoalState.Parse: ExpectedState missing")
3422- return None
3423- if self.RoleInstanceId == None:
3424- Error("GoalState.Parse: RoleInstanceId missing")
3425- return None
3426- if self.ContainerId == None:
3427- Error("GoalState.Parse: ContainerId missing")
3428- return None
3429- SetFileContents("GoalState." + self.Incarnation + ".xml", xmlText)
3430- return self
3431-
3432- def Process(self):
3433- self.HostingEnvironmentConfig.Process()
3434-
3435-class OvfEnv(object):
3436-#
3437-# <?xml version="1.0" encoding="utf-8"?>
3438-# <Environment xmlns="http://schemas.dmtf.org/ovf/environment/1" xmlns:oe="http://schemas.dmtf.org/ovf/environment/1" xmlns:wa="http://schemas.microsoft.com/windowsazure" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
3439-# <wa:ProvisioningSection>
3440-# <wa:Version>1.0</wa:Version>
3441-# <LinuxProvisioningConfigurationSet xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
3442-# <ConfigurationSetType>LinuxProvisioningConfiguration</ConfigurationSetType>
3443-# <HostName>HostName</HostName>
3444-# <UserName>UserName</UserName>
3445-# <UserPassword>UserPassword</UserPassword>
3446-# <DisableSshPasswordAuthentication>false</DisableSshPasswordAuthentication>
3447-# <SSH>
3448-# <PublicKeys>
3449-# <PublicKey>
3450-# <Fingerprint>EB0C0AB4B2D5FC35F2F0658D19F44C8283E2DD62</Fingerprint>
3451-# <Path>$HOME/UserName/.ssh/authorized_keys</Path>
3452-# </PublicKey>
3453-# </PublicKeys>
3454-# <KeyPairs>
3455-# <KeyPair>
3456-# <Fingerprint>EB0C0AB4B2D5FC35F2F0658D19F44C8283E2DD62</Fingerprint>
3457-# <Path>$HOME/UserName/.ssh/id_rsa</Path>
3458-# </KeyPair>
3459-# </KeyPairs>
3460-# </SSH>
3461-# </LinuxProvisioningConfigurationSet>
3462-# </wa:ProvisioningSection>
3463-# </Environment>
3464-#
3465- def __init__(self):
3466- self.reinitialize()
3467-
3468- def reinitialize(self):
3469- self.WaNs = "http://schemas.microsoft.com/windowsazure"
3470- self.OvfNs = "http://schemas.dmtf.org/ovf/environment/1"
3471- self.MajorVersion = 1
3472- self.MinorVersion = 0
3473- self.ComputerName = None
3474- self.AdminPassword = None
3475- self.UserName = None
3476- self.UserPassword = None
3477- self.DisableSshPasswordAuthentication = True
3478- self.SshPublicKeys = []
3479- self.SshKeyPairs = []
3480-
3481- def Parse(self, xmlText):
3482- self.reinitialize()
3483- dom = xml.dom.minidom.parseString(xmlText)
3484- if len(dom.getElementsByTagNameNS(self.OvfNs, "Environment")) != 1:
3485- Error("Unable to parse OVF XML.")
3486- section = None
3487- newer = False
3488- for p in dom.getElementsByTagNameNS(self.WaNs, "ProvisioningSection"):
3489- for n in p.childNodes:
3490- if n.localName == "Version":
3491- verparts = GetNodeTextData(n).split('.')
3492- major = int(verparts[0])
3493- minor = int(verparts[1])
3494- if major > self.MajorVersion:
3495- newer = True
3496- if major != self.MajorVersion:
3497- break
3498- if minor > self.MinorVersion:
3499- newer = True
3500- section = p
3501- if newer == True:
3502- Warn("Newer provisioning configuration detected. Please consider updating waagent.")
3503- if section == None:
3504- Error("Could not find ProvisioningSection with major version=" + str(self.MajorVersion))
3505- return None
3506- self.ComputerName = GetNodeTextData(section.getElementsByTagNameNS(self.WaNs, "HostName")[0])
3507- self.UserName = GetNodeTextData(section.getElementsByTagNameNS(self.WaNs, "UserName")[0])
3508- try:
3509- self.UserPassword = GetNodeTextData(section.getElementsByTagNameNS(self.WaNs, "UserPassword")[0])
3510- except:
3511- pass
3512- disableSshPass = section.getElementsByTagNameNS(self.WaNs, "DisableSshPasswordAuthentication")
3513- if len(disableSshPass) != 0:
3514- self.DisableSshPasswordAuthentication = (GetNodeTextData(disableSshPass[0]).lower() == "true")
3515- for pkey in section.getElementsByTagNameNS(self.WaNs, "PublicKey"):
3516- fp = None
3517- path = None
3518- for c in pkey.childNodes:
3519- if c.localName == "Fingerprint":
3520- fp = GetNodeTextData(c).upper()
3521- if c.localName == "Path":
3522- path = GetNodeTextData(c)
3523- self.SshPublicKeys += [[fp, path]]
3524- for keyp in section.getElementsByTagNameNS(self.WaNs, "KeyPair"):
3525- fp = None
3526- path = None
3527- for c in keyp.childNodes:
3528- if c.localName == "Fingerprint":
3529- fp = GetNodeTextData(c).upper()
3530- if c.localName == "Path":
3531- path = GetNodeTextData(c)
3532- self.SshKeyPairs += [[fp, path]]
3533- return self
3534-
3535- def PrepareDir(self, filepath):
3536- home = GetHome()
3537- # Expand HOME variable if present in path
3538- path = os.path.normpath(filepath.replace("$HOME", home))
3539- if (path.startswith("/") == False) or (path.endswith("/") == True):
3540- return None
3541- dir = path.rsplit('/', 1)[0]
3542- if dir != "":
3543- CreateDir(dir, "root", 0700)
3544- if path.startswith(os.path.normpath(home + "/" + self.UserName + "/")):
3545- ChangeOwner(dir, self.UserName)
3546- return path
3547-
3548- def NumberToBytes(self, i):
3549- result = []
3550- while i:
3551- result.append(chr(i&0xFF))
3552- i >>= 8
3553- result.reverse()
3554- return ''.join(result)
3555-
3556- def BitsToString(self, a):
3557- index=7
3558- s = ""
3559- c = 0
3560- for bit in a:
3561- c = c | (bit << index)
3562- index = index - 1
3563- if index == -1:
3564- s = s + struct.pack('>B', c)
3565- c = 0
3566- index = 7
3567- return s
3568-
3569- def OpensslToSsh(self, file):
3570- from pyasn1.codec.der import decoder as der_decoder
3571- try:
3572- f = open(file).read().replace('\n','').split("KEY-----")[1].split('-')[0]
3573- k=der_decoder.decode(self.BitsToString(der_decoder.decode(base64.b64decode(f))[0][1]))[0]
3574- n=k[0]
3575- e=k[1]
3576- keydata=""
3577- keydata += struct.pack('>I',len("ssh-rsa"))
3578- keydata += "ssh-rsa"
3579- keydata += struct.pack('>I',len(self.NumberToBytes(e)))
3580- keydata += self.NumberToBytes(e)
3581- keydata += struct.pack('>I',len(self.NumberToBytes(n)) + 1)
3582- keydata += "\0"
3583- keydata += self.NumberToBytes(n)
3584- except Exception, e:
3585- print("OpensslToSsh: Exception " + str(e))
3586- return None
3587- return "ssh-rsa " + base64.b64encode(keydata) + "\n"
3588-
3589- def Process(self):
3590- error = None
3591- WaAgent.EnvMonitor.SetHostName(self.ComputerName)
3592- if self.DisableSshPasswordAuthentication:
3593- filepath = "/etc/ssh/sshd_config"
3594- # Disable RFC 4252 and RFC 4256 authentication schemes.
3595- ReplaceFileContentsAtomic(filepath, "\n".join(filter(lambda a: not
3596- (a.startswith("PasswordAuthentication") or a.startswith("ChallengeResponseAuthentication")),
3597- GetFileContents(filepath).split('\n'))) + "PasswordAuthentication no\nChallengeResponseAuthentication no\n")
3598- Log("Disabled SSH password-based authentication methods.")
3599- if self.AdminPassword != None:
3600- os.popen("chpasswd", "w").write("root:" + self.AdminPassword + "\n")
3601- if self.UserName != None:
3602- error = CreateAccount(self.UserName, self.UserPassword, None, None)
3603- sel = os.popen("getenforce").read().startswith("Enforcing")
3604- if sel == True and IsRedHat():
3605- Run("setenforce 0")
3606- home = GetHome()
3607- for pkey in self.SshPublicKeys:
3608- if not os.path.isfile(pkey[0] + ".crt"):
3609- Error("PublicKey not found: " + pkey[0])
3610- error = "Failed to deploy public key (0x09)."
3611- continue
3612- path = self.PrepareDir(pkey[1])
3613- if path == None:
3614- Error("Invalid path: " + pkey[1] + " for PublicKey: " + pkey[0])
3615- error = "Invalid path for public key (0x03)."
3616- continue
3617- Run(Openssl + " x509 -in " + pkey[0] + ".crt -noout -pubkey > " + pkey[0] + ".pub")
3618- if IsRedHat():
3619- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + pkey[0] + ".pub")
3620- if IsUbuntu():
3621- # Only supported in new SSH releases
3622- Run("ssh-keygen -i -m PKCS8 -f " + pkey[0] + ".pub >> " + path)
3623- else:
3624- SshPubKey = self.OpensslToSsh(pkey[0] + ".pub")
3625- if SshPubKey != None:
3626- AppendFileContents(path, SshPubKey)
3627- else:
3628- Error("Failed: " + pkey[0] + ".crt -> " + path)
3629- error = "Failed to deploy public key (0x04)."
3630- if IsRedHat():
3631- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + path)
3632- if path.startswith(os.path.normpath(home + "/" + self.UserName + "/")):
3633- ChangeOwner(path, self.UserName)
3634- for keyp in self.SshKeyPairs:
3635- if not os.path.isfile(keyp[0] + ".prv"):
3636- Error("KeyPair not found: " + keyp[0])
3637- error = "Failed to deploy key pair (0x0A)."
3638- continue
3639- path = self.PrepareDir(keyp[1])
3640- if path == None:
3641- Error("Invalid path: " + keyp[1] + " for KeyPair: " + keyp[0])
3642- error = "Invalid path for key pair (0x05)."
3643- continue
3644- SetFileContents(path, GetFileContents(keyp[0] + ".prv"))
3645- os.chmod(path, 0600)
3646- Run("ssh-keygen -y -f " + keyp[0] + ".prv > " + path + ".pub")
3647- if IsRedHat():
3648- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + path)
3649- Run("chcon unconfined_u:object_r:ssh_home_t:s0 " + path + ".pub")
3650- if path.startswith(os.path.normpath(home + "/" + self.UserName + "/")):
3651- ChangeOwner(path, self.UserName)
3652- ChangeOwner(path + ".pub", self.UserName)
3653- if sel == True and IsRedHat():
3654- Run("setenforce 1")
3655- while not WaAgent.EnvMonitor.IsNamePublished():
3656- time.sleep(1)
3657- ReloadSshd()
3658- return error
3659-
3660-def UpdateAndPublishHostNameCommon(name):
3661- # RedHat
3662- if IsRedHat():
3663- filepath = "/etc/sysconfig/network"
3664- if os.path.isfile(filepath):
3665- ReplaceFileContentsAtomic(filepath, "HOSTNAME=" + name + "\n"
3666- + "\n".join(filter(lambda a: not a.startswith("HOSTNAME"), GetFileContents(filepath).split('\n'))))
3667-
3668- for ethernetInterface in PossibleEthernetInterfaces:
3669- filepath = "/etc/sysconfig/network-scripts/ifcfg-" + ethernetInterface
3670- if os.path.isfile(filepath):
3671- ReplaceFileContentsAtomic(filepath, "DHCP_HOSTNAME=" + name + "\n"
3672- + "\n".join(filter(lambda a: not a.startswith("DHCP_HOSTNAME"), GetFileContents(filepath).split('\n'))))
3673-
3674- # Debian
3675- if IsDebian():
3676- SetFileContents("/etc/hostname", name)
3677-
3678- for filepath in EtcDhcpClientConfFiles:
3679- if os.path.isfile(filepath):
3680- ReplaceFileContentsAtomic(filepath, "send host-name \"" + name + "\";\n"
3681- + "\n".join(filter(lambda a: not a.startswith("send host-name"), GetFileContents(filepath).split('\n'))))
3682-
3683- # Suse
3684- if IsSuse():
3685- SetFileContents("/etc/HOSTNAME", name)
3686-
3687-class Agent(Util):
3688- def __init__(self):
3689- self.GoalState = None
3690- self.Endpoint = None
3691- self.LoadBalancerProbeServer = None
3692- self.HealthReportCounter = 0
3693- self.TransportCert = ""
3694- self.EnvMonitor = None
3695- self.SendData = None
3696- self.DhcpResponse = None
3697-
3698- def CheckVersions(self):
3699- #<?xml version="1.0" encoding="utf-8"?>
3700- #<Versions>
3701- # <Preferred>
3702- # <Version>2010-12-15</Version>
3703- # </Preferred>
3704- # <Supported>
3705- # <Version>2010-12-15</Version>
3706- # <Version>2010-28-10</Version>
3707- # </Supported>
3708- #</Versions>
3709- global ProtocolVersion
3710- protocolVersionSeen = False
3711- node = xml.dom.minidom.parseString(self.HttpGetWithoutHeaders("/?comp=versions")).childNodes[0]
3712- if node.localName != "Versions":
3713- Error("CheckVersions: root not Versions")
3714- return False
3715- for a in node.childNodes:
3716- if a.nodeType == node.ELEMENT_NODE and a.localName == "Supported":
3717- for b in a.childNodes:
3718- if b.nodeType == node.ELEMENT_NODE and b.localName == "Version":
3719- v = GetNodeTextData(b)
3720- LogIfVerbose("Fabric supported wire protocol version: " + v)
3721- if v == ProtocolVersion:
3722- protocolVersionSeen = True
3723- if a.nodeType == node.ELEMENT_NODE and a.localName == "Preferred":
3724- v = GetNodeTextData(a.getElementsByTagName("Version")[0])
3725- LogIfVerbose("Fabric preferred wire protocol version: " + v)
3726- if ProtocolVersion < v:
3727- Warn("Newer wire protocol version detected. Please consider updating waagent.")
3728- if not protocolVersionSeen:
3729- Warn("Agent supported wire protocol version: " + ProtocolVersion + " was not advertised by Fabric.")
3730- ProtocolVersion = "2011-08-31"
3731- Log("Negotiated wire protocol version: " + ProtocolVersion)
3732- return True
3733-
3734- def Unpack(self, buffer, offset, range):
3735- result = 0
3736- for i in range:
3737- result = (result << 8) | Ord(buffer[offset + i])
3738- return result
3739-
3740- def UnpackLittleEndian(self, buffer, offset, length):
3741- return self.Unpack(buffer, offset, range(length - 1, -1, -1))
3742-
3743- def UnpackBigEndian(self, buffer, offset, length):
3744- return self.Unpack(buffer, offset, range(0, length))
3745-
3746- def HexDump3(self, buffer, offset, length):
3747- return ''.join(['%02X' % Ord(char) for char in buffer[offset:offset + length]])
3748-
3749- def HexDump2(self, buffer):
3750- return self.HexDump3(buffer, 0, len(buffer))
3751-
3752- def BuildDhcpRequest(self):
3753- #
3754- # typedef struct _DHCP {
3755- # UINT8 Opcode; /* op: BOOTREQUEST or BOOTREPLY */
3756- # UINT8 HardwareAddressType; /* htype: ethernet */
3757- # UINT8 HardwareAddressLength; /* hlen: 6 (48 bit mac address) */
3758- # UINT8 Hops; /* hops: 0 */
3759- # UINT8 TransactionID[4]; /* xid: random */
3760- # UINT8 Seconds[2]; /* secs: 0 */
3761- # UINT8 Flags[2]; /* flags: 0 or 0x8000 for broadcast */
3762- # UINT8 ClientIpAddress[4]; /* ciaddr: 0 */
3763- # UINT8 YourIpAddress[4]; /* yiaddr: 0 */
3764- # UINT8 ServerIpAddress[4]; /* siaddr: 0 */
3765- # UINT8 RelayAgentIpAddress[4]; /* giaddr: 0 */
3766- # UINT8 ClientHardwareAddress[16]; /* chaddr: 6 byte ethernet MAC address */
3767- # UINT8 ServerName[64]; /* sname: 0 */
3768- # UINT8 BootFileName[128]; /* file: 0 */
3769- # UINT8 MagicCookie[4]; /* 99 130 83 99 */
3770- # /* 0x63 0x82 0x53 0x63 */
3771- # /* options -- hard code ours */
3772- #
3773- # UINT8 MessageTypeCode; /* 53 */
3774- # UINT8 MessageTypeLength; /* 1 */
3775- # UINT8 MessageType; /* 1 for DISCOVER */
3776- # UINT8 End; /* 255 */
3777- # } DHCP;
3778- #
3779-
3780- # tuple of 244 zeros
3781- # (struct.pack_into would be good here, but requires Python 2.5)
3782- sendData = [0] * 244
3783-
3784- transactionID = os.urandom(4)
3785- macAddress = GetMacAddress()
3786-
3787- # Opcode = 1
3788- # HardwareAddressType = 1 (ethernet/MAC)
3789- # HardwareAddressLength = 6 (ethernet/MAC/48 bits)
3790- for a in range(0, 3):
3791- sendData[a] = [1, 1, 6][a]
3792-
3793- # fill in transaction id (random number to ensure response matches request)
3794- for a in range(0, 4):
3795- sendData[4 + a] = Ord(transactionID[a])
3796-
3797- LogIfVerbose("BuildDhcpRequest: transactionId:%s,%04X" % (self.HexDump2(transactionID), self.UnpackBigEndian(sendData, 4, 4)))
3798-
3799- # fill in ClientHardwareAddress
3800- for a in range(0, 6):
3801- sendData[0x1C + a] = Ord(macAddress[a])
3802-
3803- # DHCP Magic Cookie: 99, 130, 83, 99
3804- # MessageTypeCode = 53 DHCP Message Type
3805- # MessageTypeLength = 1
3806- # MessageType = DHCPDISCOVER
3807- # End = 255 DHCP_END
3808- for a in range(0, 8):
3809- sendData[0xEC + a] = [99, 130, 83, 99, 53, 1, 1, 255][a]
3810- return array.array("c", map(chr, sendData))
3811-
3812- def IntegerToIpAddressV4String(self, a):
3813- return "%u.%u.%u.%u" % ((a >> 24) & 0xFF, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF)
3814-
3815- def RouteAdd(self, net, mask, gateway):
3816- if IsWindows():
3817- return
3818- net = self.IntegerToIpAddressV4String(net)
3819- mask = self.IntegerToIpAddressV4String(mask)
3820- gateway = self.IntegerToIpAddressV4String(gateway)
3821- Run("/sbin/route add -net " + net + " netmask " + mask + " gw " + gateway)
3822-
3823- def HandleDhcpResponse(self, sendData, receiveBuffer):
3824- LogIfVerbose("HandleDhcpResponse")
3825- bytesReceived = len(receiveBuffer)
3826- if bytesReceived < 0xF6:
3827- Error("HandleDhcpResponse: Too few bytes received " + str(bytesReceived))
3828- return None
3829-
3830- LogIfVerbose("BytesReceived: " + hex(bytesReceived))
3831- LogWithPrefixIfVerbose("DHCP response:", HexDump(receiveBuffer, bytesReceived))
3832-
3833- # check transactionId, cookie, MAC address
3834- # cookie should never mismatch
3835- # transactionId and MAC address may mismatch if we see a response meant from another machine
3836-
3837- for offsets in [range(4, 4 + 4), range(0x1C, 0x1C + 6), range(0xEC, 0xEC + 4)]:
3838- for offset in offsets:
3839- sentByte = Ord(sendData[offset])
3840- receivedByte = Ord(receiveBuffer[offset])
3841- if sentByte != receivedByte:
3842- LogIfVerbose("HandleDhcpResponse: sent cookie:" + self.HexDump3(sendData, 0xEC, 4))
3843- LogIfVerbose("HandleDhcpResponse: rcvd cookie:" + self.HexDump3(receiveBuffer, 0xEC, 4))
3844- LogIfVerbose("HandleDhcpResponse: sent transactionID:" + self.HexDump3(sendData, 4, 4))
3845- LogIfVerbose("HandleDhcpResponse: rcvd transactionID:" + self.HexDump3(receiveBuffer, 4, 4))
3846- LogIfVerbose("HandleDhcpResponse: sent ClientHardwareAddress:" + self.HexDump3(sendData, 0x1C, 6))
3847- LogIfVerbose("HandleDhcpResponse: rcvd ClientHardwareAddress:" + self.HexDump3(receiveBuffer, 0x1C, 6))
3848- LogIfVerbose("HandleDhcpResponse: transactionId, cookie, or MAC address mismatch")
3849- return None
3850- endpoint = None
3851-
3852- #
3853- # Walk all the returned options, parsing out what we need, ignoring the others.
3854- # We need the custom option 245 to find the the endpoint we talk to,
3855- # as well as, to handle some Linux DHCP client incompatibilities,
3856- # options 3 for default gateway and 249 for routes. And 255 is end.
3857- #
3858-
3859- i = 0xF0 # offset to first option
3860- while i < bytesReceived:
3861- option = Ord(receiveBuffer[i])
3862- length = 0
3863- if (i + 1) < bytesReceived:
3864- length = Ord(receiveBuffer[i + 1])
3865- LogIfVerbose("DHCP option " + hex(option) + " at offset:" + hex(i) + " with length:" + hex(length))
3866- if option == 255:
3867- LogIfVerbose("DHCP packet ended at offset " + hex(i))
3868- break
3869- elif option == 249:
3870- # http://msdn.microsoft.com/en-us/library/cc227282%28PROT.10%29.aspx
3871- LogIfVerbose("Routes at offset:" + hex(i) + " with length:" + hex(length))
3872- if length < 5:
3873- Error("Data too small for option " + option)
3874- j = i + 2
3875- while j < (i + length + 2):
3876- maskLengthBits = Ord(receiveBuffer[j])
3877- maskLengthBytes = (((maskLengthBits + 7) & ~7) >> 3)
3878- mask = 0xFFFFFFFF & (0xFFFFFFFF << (32 - maskLengthBits))
3879- j += 1
3880- net = self.UnpackBigEndian(receiveBuffer, j, maskLengthBytes)
3881- net <<= (32 - maskLengthBytes * 8)
3882- net &= mask
3883- j += maskLengthBytes
3884- gateway = self.UnpackBigEndian(receiveBuffer, j, 4)
3885- j += 4
3886- self.RouteAdd(net, mask, gateway)
3887- if j != (i + length + 2):
3888- Error("HandleDhcpResponse: Unable to parse routes")
3889- elif option == 3 or option == 245:
3890- if i + 5 < bytesReceived:
3891- if length != 4:
3892- Error("HandleDhcpResponse: Endpoint or Default Gateway not 4 bytes")
3893- return None
3894- gateway = self.UnpackBigEndian(receiveBuffer, i + 2, 4)
3895- IpAddress = self.IntegerToIpAddressV4String(gateway)
3896- if option == 3:
3897- self.RouteAdd(0, 0, gateway)
3898- name = "DefaultGateway"
3899- else:
3900- endpoint = IpAddress
3901- name = "Windows Azure wire protocol endpoint"
3902- LogIfVerbose(name + ": " + IpAddress + " at " + hex(i))
3903- else:
3904- Error("HandleDhcpResponse: Data too small for option " + option)
3905- else:
3906- LogIfVerbose("Skipping DHCP option " + hex(option) + " at " + hex(i) + " with length " + hex(length))
3907- i += length + 2
3908- return endpoint
3909-
3910- def DoDhcpWork(self):
3911- #
3912- # Discover the wire server via DHCP option 245.
3913- # And workaround incompatibility with Windows Azure DHCP servers.
3914- #
3915- ShortSleep = False # Sleep 1 second before retrying DHCP queries.
3916-
3917- if not IsWindows():
3918- Run("iptables -D INPUT -p udp --dport 68 -j ACCEPT")
3919- Run("iptables -I INPUT -p udp --dport 68 -j ACCEPT")
3920-
3921- sleepDurations = [0, 5, 10, 30, 60, 60, 60, 60]
3922- maxRetry = len(sleepDurations)
3923- lastTry = (maxRetry - 1)
3924- for retry in range(0, maxRetry):
3925- try:
3926- strRetry = str(retry)
3927- prefix = "DoDhcpWork: try=" + strRetry
3928- LogIfVerbose(prefix)
3929- sendData = self.BuildDhcpRequest()
3930- LogWithPrefixIfVerbose("DHCP request:", HexDump(sendData, len(sendData)))
3931- sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
3932- sock.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
3933- sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
3934- if IsSuse():
3935- # This is required because sending after binding to 0.0.0.0 fails with
3936- # network unreachable when the default gateway is not set up.
3937- sock.bind((GetIpv4Address(), 68))
3938- else:
3939- sock.bind(("0.0.0.0", 68))
3940- sock.sendto(sendData, ("<broadcast>", 67))
3941- receiveBuffer = sock.recv(1024)
3942- sock.close()
3943- endpoint = self.HandleDhcpResponse(sendData, receiveBuffer)
3944- if endpoint == None:
3945- LogIfVerbose("DoDhcpWork: No endpoint found")
3946- if endpoint != None or retry == lastTry:
3947- if endpoint != None:
3948- self.SendData = sendData
3949- self.DhcpResponse = receiveBuffer
3950- if retry == lastTry:
3951- LogIfVerbose("DoDhcpWork: try=" + strRetry)
3952- return endpoint
3953- sleepDuration = [sleepDurations[retry % len(sleepDurations)], 1][ShortSleep]
3954- LogIfVerbose("DoDhcpWork: sleep=" + str(sleepDuration))
3955- time.sleep(sleepDuration)
3956- except Exception, e:
3957- ErrorWithPrefix(prefix, str(e))
3958- ErrorWithPrefix(prefix, traceback.format_exc())
3959- return None
3960-
3961- def UpdateAndPublishHostName(self, name):
3962- # Set hostname locally and publish to iDNS
3963- Log("Setting host name: " + name)
3964- UpdateAndPublishHostNameCommon(name)
3965- for ethernetInterface in PossibleEthernetInterfaces:
3966- if IsSuse():
3967- Run("ifrenew " + ethernetInterface)
3968- else:
3969- Run("ifdown " + ethernetInterface + " && ifup " + ethernetInterface)
3970- self.RestoreRoutes()
3971-
3972- def RestoreRoutes(self):
3973- if self.SendData != None and self.DhcpResponse != None:
3974- self.HandleDhcpResponse(self.SendData, self.DhcpResponse)
3975-
3976- def UpdateGoalState(self):
3977- goalStateXml = None
3978- maxRetry = 9
3979- log = NoLog
3980- for retry in range(1, maxRetry + 1):
3981- strRetry = str(retry)
3982- log("retry UpdateGoalState,retry=" + strRetry)
3983- goalStateXml = self.HttpGetWithHeaders("/machine/?comp=goalstate")
3984- if goalStateXml != None:
3985- break
3986- log = Log
3987- time.sleep(retry)
3988- if not goalStateXml:
3989- Error("UpdateGoalState failed.")
3990- return
3991- Log("Retrieved GoalState from Windows Azure Fabric.")
3992- self.GoalState = GoalState(self).Parse(goalStateXml)
3993- return self.GoalState
3994-
3995- def ReportReady(self):
3996- counter = (self.HealthReportCounter + 1) % 1000000
3997- self.HealthReportCounter = counter
3998- healthReport = ("<?xml version=\"1.0\" encoding=\"utf-8\"?><Health xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"><GoalStateIncarnation>"
3999- + self.GoalState.Incarnation
4000- + "</GoalStateIncarnation><Container><ContainerId>"
4001- + self.GoalState.ContainerId
4002- + "</ContainerId><RoleInstanceList><Role><InstanceId>"
4003- + self.GoalState.RoleInstanceId
4004- + "</InstanceId><Health><State>Ready</State></Health></Role></RoleInstanceList></Container></Health>")
4005- a = self.HttpPost("/machine?comp=health", healthReport)
4006- if a != None:
4007- return a.getheader("x-ms-latest-goal-state-incarnation-number")
4008- return None
4009-
4010- def ReportNotReady(self, status, desc):
4011- healthReport = ("<?xml version=\"1.0\" encoding=\"utf-8\"?><Health xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"><GoalStateIncarnation>"
4012- + self.GoalState.Incarnation
4013- + "</GoalStateIncarnation><Container><ContainerId>"
4014- + self.GoalState.ContainerId
4015- + "</ContainerId><RoleInstanceList><Role><InstanceId>"
4016- + self.GoalState.RoleInstanceId
4017- + "</InstanceId><Health><State>NotReady</State>"
4018- + "<Details><SubStatus>" + status + "</SubStatus><Description>" + desc + "</Description></Details>"
4019- + "</Health></Role></RoleInstanceList></Container></Health>")
4020- a = self.HttpPost("/machine?comp=health", healthReport)
4021- if a != None:
4022- return a.getheader("x-ms-latest-goal-state-incarnation-number")
4023- return None
4024-
4025- def ReportRoleProperties(self, thumbprint):
4026- roleProperties = ("<?xml version=\"1.0\" encoding=\"utf-8\"?><RoleProperties><Container>"
4027- + "<ContainerId>" + self.GoalState.ContainerId + "</ContainerId>"
4028- + "<RoleInstances><RoleInstance>"
4029- + "<Id>" + self.GoalState.RoleInstanceId + "</Id>"
4030- + "<Properties><Property name=\"CertificateThumbprint\" value=\"" + thumbprint + "\" /></Properties>"
4031- + "</RoleInstance></RoleInstances></Container></RoleProperties>")
4032- a = self.HttpPost("/machine?comp=roleProperties", roleProperties)
4033- Log("Posted Role Properties. CertificateThumbprint=" + thumbprint)
4034- return a
4035-
4036- def LoadBalancerProbeServer_Shutdown(self):
4037- if self.LoadBalancerProbeServer != None:
4038- self.LoadBalancerProbeServer.shutdown()
4039- self.LoadBalancerProbeServer = None
4040-
4041- def GenerateTransportCert(self):
4042- Run(Openssl + " req -x509 -nodes -subj /CN=LinuxTransport -days 32768 -newkey rsa:2048 -keyout TransportPrivate.pem -out TransportCert.pem")
4043- cert = ""
4044- for line in GetFileContents("TransportCert.pem").split('\n'):
4045- if not "CERTIFICATE" in line:
4046- cert += line.rstrip()
4047- return cert
4048-
4049- def Provision(self):
4050- if IsWindows():
4051- Log("Skipping Provision on Windows")
4052- return
4053- enabled = Config.get("Provisioning.Enabled")
4054- if enabled != None and enabled.lower().startswith("n"):
4055- return
4056- Log("Provisioning image started.")
4057- type = Config.get("Provisioning.SshHostKeyPairType")
4058- if type == None:
4059- type = "rsa"
4060- regenerateKeys = Config.get("Provisioning.RegenerateSshHostKeyPair")
4061- if regenerateKeys == None or regenerateKeys.lower().startswith("y"):
4062- Run("rm -f /etc/ssh/ssh_host_*key*")
4063- Run("ssh-keygen -N '' -t " + type + " -f /etc/ssh/ssh_host_" + type + "_key")
4064- ReloadSshd()
4065- SetFileContents(LibDir + "/provisioned", "")
4066- dvd = "/dev/hdc"
4067- if os.path.exists("/dev/sr0"):
4068- dvd = "/dev/sr0"
4069- if Run("fdisk -l " + dvd + " | grep Disk"):
4070- return
4071- CreateDir("/mnt/cdrom/secure", "root", 0700)
4072- if Run("mount " + dvd + " /mnt/cdrom/secure"):
4073- Error("Unable to provision: Failed to mount DVD.")
4074- return "Failed to retrieve provisioning data (0x01)."
4075- if not os.path.isfile("/mnt/cdrom/secure/ovf-env.xml"):
4076- Error("Unable to provision: Missing ovf-env.xml on DVD.")
4077- return "Failed to retrieve provisioning data (0x02)."
4078- ovfxml = GetFileContents("/mnt/cdrom/secure/ovf-env.xml")
4079- SetFileContents("ovf-env.xml", re.sub("<UserPassword>.*?<", "<UserPassword>*<", ovfxml))
4080- Run("umount /mnt/cdrom/secure")
4081- error = None
4082- if ovfxml != None:
4083- Log("Provisioning image using OVF settings in the DVD.")
4084- ovfobj = OvfEnv().Parse(ovfxml)
4085- if ovfobj != None:
4086- error = ovfobj.Process()
4087- # This is done here because regenerated SSH host key pairs may be potentially overwritten when processing the ovfxml
4088- fingerprint = os.popen("ssh-keygen -lf /etc/ssh/ssh_host_" + type + "_key.pub").read().rstrip().split()[1].replace(':','')
4089- self.ReportRoleProperties(fingerprint)
4090- delRootPass = Config.get("Provisioning.DeleteRootPassword")
4091- if delRootPass != None and delRootPass.lower().startswith("y"):
4092- DeleteRootPassword()
4093- Log("Provisioning image completed.")
4094- return error
4095-
4096- def Run(self):
4097- if IsLinux():
4098- SetFileContents("/var/run/waagent.pid", str(os.getpid()) + "\n")
4099-
4100- if GetIpv4Address() == None:
4101- Log("Waiting for network.")
4102- while(GetIpv4Address() == None):
4103- time.sleep(10)
4104-
4105- Log("IPv4 address: " + GetIpv4Address())
4106- Log("MAC address: " + ":".join(["%02X" % Ord(a) for a in GetMacAddress()]))
4107-
4108- # Consume Entropy in ACPI table provided by Hyper-V
4109- try:
4110- SetFileContents("/dev/random", GetFileContents("/sys/firmware/acpi/tables/OEM0"))
4111- except:
4112- pass
4113-
4114- Log("Probing for Windows Azure environment.")
4115- self.Endpoint = self.DoDhcpWork()
4116-
4117- if self.Endpoint == None:
4118- Log("Windows Azure environment not detected.")
4119- while True:
4120- time.sleep(60)
4121-
4122- Log("Discovered Windows Azure endpoint: " + self.Endpoint)
4123- if not self.CheckVersions():
4124- Error("Agent.CheckVersions failed")
4125- sys.exit(1)
4126-
4127- self.EnvMonitor = EnvMonitor()
4128-
4129- # Set SCSI timeout on root device
4130- try:
4131- timeout = Config.get("OS.RootDeviceScsiTimeout")
4132- if timeout != None:
4133- SetFileContents("/sys/block/" + DeviceForIdePort(0) + "/device/timeout", timeout)
4134- except:
4135- pass
4136-
4137- global Openssl
4138- Openssl = Config.get("OS.OpensslPath")
4139- if Openssl == None:
4140- Openssl = "openssl"
4141-
4142- self.TransportCert = self.GenerateTransportCert()
4143-
4144- incarnation = None # goalStateIncarnationFromHealthReport
4145- currentPort = None # loadBalancerProbePort
4146- goalState = None # self.GoalState, instance of GoalState
4147- provisioned = os.path.exists(LibDir + "/provisioned")
4148- program = Config.get("Role.StateConsumer")
4149- provisionError = None
4150- while True:
4151- if (goalState == None) or (incarnation == None) or (goalState.Incarnation != incarnation):
4152- goalState = self.UpdateGoalState()
4153-
4154- if provisioned == False:
4155- self.ReportNotReady("Provisioning", "Starting")
4156-
4157- goalState.Process()
4158-
4159- if provisioned == False:
4160- provisionError = self.Provision()
4161- provisioned = True
4162-
4163- #
4164- # only one port supported
4165- # restart server if new port is different than old port
4166- # stop server if no longer a port
4167- #
4168- goalPort = goalState.LoadBalancerProbePort
4169- if currentPort != goalPort:
4170- self.LoadBalancerProbeServer_Shutdown()
4171- currentPort = goalPort
4172- if currentPort != None:
4173- self.LoadBalancerProbeServer = LoadBalancerProbeServer(currentPort)
4174-
4175- if program != None and DiskActivated == True:
4176- os.spawnl(os.P_NOWAIT, program, program, "Ready")
4177- program = None
4178-
4179- if goalState.ExpectedState == "Stopped":
4180- program = Config.get("Role.StateConsumer")
4181- if program != None:
4182- Run(program + " Shutdown")
4183- self.EnvMonitor.shutdown()
4184- self.LoadBalancerProbeServer_Shutdown()
4185- command = ["/sbin/shutdown -hP now", "shutdown /s /t 5"][IsWindows()]
4186- Run(command)
4187- return
4188-
4189- sleepToReduceAccessDenied = 3
4190- time.sleep(sleepToReduceAccessDenied)
4191- i = None
4192- if provisionError != None:
4193- i = self.ReportNotReady("ProvisioningFailed", provisionError)
4194- else:
4195- i = self.ReportReady()
4196- if i != None:
4197- incarnation = i
4198- time.sleep(25 - sleepToReduceAccessDenied)
4199-
4200-Init_Suse = """\
4201-#! /bin/sh
4202-
4203-### BEGIN INIT INFO
4204-# Provides: WindowsAzureLinuxAgent
4205-# Required-Start: $network sshd
4206-# Required-Stop: $network sshd
4207-# Default-Start: 3 5
4208-# Default-Stop: 0 1 2 6
4209-# Description: Start the WindowsAzureLinuxAgent
4210-### END INIT INFO
4211-
4212-WAZD_BIN=/usr/sbin/waagent
4213-test -x $WAZD_BIN || exit 5
4214-
4215-case "$1" in
4216- start)
4217- echo "Starting WindowsAzureLinuxAgent"
4218- ## Start daemon with startproc(8). If this fails
4219- ## the echo return value is set appropriate.
4220-
4221- startproc -f $WAZD_BIN -daemon
4222- exit $?
4223- ;;
4224- stop)
4225- echo "Shutting down WindowsAzureLinuxAgent"
4226- ## Stop daemon with killproc(8) and if this fails
4227- ## set echo the echo return value.
4228-
4229- killproc -p /var/run/waagent.pid $WAZD_BIN
4230- exit $?
4231- ;;
4232- try-restart)
4233- ## Stop the service and if this succeeds (i.e. the
4234- ## service was running before), start it again.
4235- $0 status >/dev/null && $0 restart
4236- ;;
4237- restart)
4238- ## Stop the service and regardless of whether it was
4239- ## running or not, start it again.
4240- $0 stop
4241- $0 start
4242- ;;
4243- force-reload|reload)
4244- ;;
4245- status)
4246- echo -n "Checking for service WindowsAzureLinuxAgent "
4247- ## Check status with checkproc(8), if process is running
4248- ## checkproc will return with exit status 0.
4249-
4250- checkproc -p $WAZD_PIDFILE $WAZD_BIN
4251- exit $?
4252- ;;
4253- probe)
4254- ;;
4255- *)
4256- echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
4257- exit 1
4258- ;;
4259-esac
4260-"""
4261-
4262-Init_RedHat = """\
4263-#!/bin/bash
4264-#
4265-# Init file for WindowsAzureLinuxAgent.
4266-#
4267-# chkconfig: 2345 60 80
4268-# description: WindowsAzureLinuxAgent
4269-#
4270-
4271-# source function library
4272-. /etc/rc.d/init.d/functions
4273-
4274-RETVAL=0
4275-FriendlyName="WindowsAzureLinuxAgent"
4276-WAZD_BIN=/usr/sbin/waagent
4277-
4278-start()
4279-{
4280- echo -n $"Starting $FriendlyName: "
4281- $WAZD_BIN -daemon &
4282-}
4283-
4284-stop()
4285-{
4286- echo -n $"Stopping $FriendlyName: "
4287- killproc -p /var/run/waagent.pid $WAZD_BIN
4288- RETVAL=$?
4289- echo
4290- return $RETVAL
4291-}
4292-
4293-case "$1" in
4294- start)
4295- start
4296- ;;
4297- stop)
4298- stop
4299- ;;
4300- restart)
4301- stop
4302- start
4303- ;;
4304- reload)
4305- ;;
4306- report)
4307- ;;
4308- status)
4309- status $WAZD_BIN
4310- RETVAL=$?
4311- ;;
4312- *)
4313- echo $"Usage: $0 {start|stop|restart|status}"
4314- RETVAL=1
4315-esac
4316-exit $RETVAL
4317-"""
4318-
4319-Init_Ubuntu = """\
4320-#walinuxagent - start Windows Azure agent
4321-
4322-description "walinuxagent"
4323-author "Ben Howard <ben.howard@canonical.com>"
4324-
4325-start on (filesystem and started rsyslog)
4326-
4327-pre-start script
4328- if [ ! -x /usr/sbin/waagent ]; then
4329- exit 1
4330- fi
4331-
4332- #Load the udf module
4333- modprobe -b udf
4334-end script
4335-
4336-exec /usr/sbin/waagent -daemon
4337-"""
4338-
4339-Init_Debian = """\
4340-#!/bin/sh
4341-### BEGIN INIT INFO
4342-# Provides: WindowsAzureLinuxAgent
4343-# Required-Start: $network $syslog
4344-# Required-Stop: $network $syslog
4345-# Should-Start: $network $syslog
4346-# Should-Stop: $network $syslog
4347-# Default-Start: 2 3 4 5
4348-# Default-Stop: 0 1 6
4349-# Short-Description: WindowsAzureLinuxAgent
4350-# Description: WindowsAzureLinuxAgent
4351-### END INIT INFO
4352-
4353-. /lib/lsb/init-functions
4354-
4355-OPTIONS="-daemon"
4356-WAZD_BIN=/usr/sbin/waagent
4357-WAZD_PID=/var/run/waagent.pid
4358-
4359-case "$1" in
4360- start)
4361- log_begin_msg "Starting WindowsAzureLinuxAgent..."
4362- pid=$( pidofproc $WAZD_BIN )
4363- if [ -n "$pid" ] ; then
4364- log_begin_msg "Already running."
4365- log_end_msg 0
4366- exit 0
4367- fi
4368- start-stop-daemon --start --quiet --oknodo --background --exec $WAZD_BIN -- $OPTIONS
4369- log_end_msg $?
4370- ;;
4371-
4372- stop)
4373- log_begin_msg "Stopping WindowsAzureLinuxAgent..."
4374- start-stop-daemon --stop --quiet --oknodo --pidfile $WAZD_PID
4375- ret=$?
4376- rm -f $WAZD_PID
4377- log_end_msg $ret
4378- ;;
4379- force-reload)
4380- $0 restart
4381- ;;
4382- restart)
4383- $0 stop
4384- $0 start
4385- ;;
4386- status)
4387- status_of_proc $WAZD_BIN && exit 0 || exit $?
4388- ;;
4389- *)
4390- log_success_msg "Usage: /etc/init.d/waagent {start|stop|force-reload|restart|status}"
4391- exit 1
4392- ;;
4393-esac
4394-
4395-exit 0
4396-"""
4397-
4398-WaagentConf = """\
4399-#
4400-# Windows Azure Linux Agent Configuration
4401-#
4402-
4403-Role.StateConsumer=None # Specified program is invoked with "Ready" or "Shutdown".
4404- # Shutdown will be initiated only after the program returns. Windows Azure will
4405- # power off the VM if shutdown is not completed within ?? minutes.
4406-Role.ConfigurationConsumer=None # Specified program is invoked with XML file argument specifying role configuration.
4407-Role.TopologyConsumer=None # Specified program is invoked with XML file argument specifying role topology.
4408-
4409-Provisioning.Enabled=y #
4410-Provisioning.DeleteRootPassword=y # Password authentication for root account will be unavailable.
4411-Provisioning.RegenerateSshHostKeyPair=y # Generate fresh host key pair.
4412-Provisioning.SshHostKeyPairType=rsa # Supported values are "rsa", "dsa" and "ecdsa".
4413-Provisioning.MonitorHostName=y # Monitor host name changes and publish changes via DHCP requests.
4414-
4415-ResourceDisk.Format=y # Format if unformatted. If 'n', resource disk will not be mounted.
4416-ResourceDisk.Filesystem=ext4 #
4417-ResourceDisk.MountPoint=/mnt/resource #
4418-ResourceDisk.EnableSwap=n # Create and use swapfile on resource disk.
4419-ResourceDisk.SwapSizeMB=0 # Size of the swapfile.
4420-
4421-LBProbeResponder=y # Respond to load balancer probes if requested by Windows Azure.
4422-
4423-Logs.Verbose=n #
4424-
4425-OS.RootDeviceScsiTimeout=300 # Root device timeout in seconds.
4426-OS.OpensslPath=None # If "None", the system default version is used.
4427-"""
4428-
4429-WaagentLogrotate = """\
4430-/var/log/waagent.log {
4431- monthly
4432- rotate 6
4433- notifempty
4434- missingok
4435-}
4436-"""
4437-
4438-def AddToLinuxKernelCmdline(options):
4439- if os.path.isfile("/boot/grub/menu.lst"):
4440- Run("sed -i --follow-symlinks '/kernel/s|$| " + options + " |' /boot/grub/menu.lst")
4441- filepath = "/etc/default/grub"
4442- if os.path.isfile(filepath):
4443- filecontents = GetFileContents(filepath).split('\n')
4444- current = filter(lambda a: a.startswith("GRUB_CMDLINE_LINUX"), filecontents)
4445- ReplaceFileContentsAtomic(filepath,
4446- "\n".join(filter(lambda a: not a.startswith("GRUB_CMDLINE_LINUX"), filecontents))
4447- + current[0][:-1] + " " + options + "\"\n")
4448- Run("update-grub")
4449-
4450-def ApplyVNUMAWorkaround():
4451- VersionParts = platform.release().replace('-', '.').split('.')
4452- if int(VersionParts[0]) > 2:
4453- return
4454- if int(VersionParts[1]) > 6:
4455- return
4456- if int(VersionParts[2]) > 37:
4457- return
4458- AddToLinuxKernelCmdline("numa=off")
4459- # TODO: This is not ideal for offline installation.
4460- print("Your kernel version " + platform.release() + " has a NUMA-related bug: NUMA has been disabled.")
4461-
4462-def RevertVNUMAWorkaround():
4463- print("Automatic reverting of GRUB configuration is not yet supported. Please edit by hand.")
4464-
4465-def Install():
4466- if IsWindows():
4467- print("ERROR: -install invalid for Windows.")
4468- return 1
4469- os.chmod(sys.argv[0], 0755)
4470- SwitchCwd()
4471- requiredDeps = [ "/sbin/route", "/sbin/shutdown" ]
4472- if IsDebian():
4473- requiredDeps += [ "/usr/sbin/update-rc.d" ]
4474- if IsSuse():
4475- requiredDeps += [ "/sbin/insserv" ]
4476- for a in requiredDeps:
4477- if not os.path.isfile(a):
4478- Error("Missing required dependency: " + a)
4479- return 1
4480- missing = False
4481- for a in [ "ssh-keygen", "useradd", "openssl", "sfdisk",
4482- "fdisk", "mkfs", "chpasswd", "sed", "grep", "sudo" ]:
4483- if Run("which " + a + " > /dev/null 2>&1"):
4484- Warn("Missing dependency: " + a)
4485- missing = True
4486- if missing == True:
4487- Warn("Please resolve missing dependencies listed for full functionality.")
4488- if UsesRpm():
4489- if not Run("rpm --quiet -q NetworkManager"):
4490- Error(GuestAgentLongName + " is not compatible with NetworkManager.")
4491- return 1
4492- if Run("rpm --quiet -q python-pyasn1"):
4493- Error(GuestAgentLongName + " requires python-pyasn1.")
4494- return 1
4495- if UsesDpkg() and Run("dpkg -l network-manager | grep -q ^un"):
4496- Error(GuestAgentLongName + " is not compatible with network-manager.")
4497- return 1
4498- for a in RulesFiles:
4499- if os.path.isfile(a):
4500- if os.path.isfile(GetLastPathElement(a)):
4501- os.remove(GetLastPathElement(a))
4502- shutil.move(a, ".")
4503- Warn("Moved " + a + " -> " + LibDir + "/" + GetLastPathElement(a) )
4504-
4505- if IsUbuntu():
4506- # Support for Ubuntu's upstart configuration
4507- filename="waagent.conf"
4508- filepath = "/etc/init/" + filename
4509- SetFileContents(filepath, Init_Ubuntu)
4510- os.chmod(filepath, 0644)
4511-
4512- else:
4513- # Regular init.d configurations
4514- filename = "waagent"
4515- filepath = "/etc/init.d/" + filename
4516-
4517- distro = IsRedHat() + IsDebian() * 2 + IsSuse()
4518- if distro == 0:
4519- Error("Unable to detect Linux Distribution.")
4520- return 1
4521- init = [[Init_RedHat, "chkconfig --add " + filename],
4522- [Init_Debian, "update-rc.d " + filename + " defaults"],
4523- [Init_Suse, "insserv " + filename]][distro - 1]
4524- SetFileContents(filepath, init[0])
4525- os.chmod(filepath, 0755)
4526- Run(init[1])
4527-
4528- if os.path.isfile("/etc/waagent.conf"):
4529- try:
4530- os.remove("/etc/waagent.conf.old")
4531- except:
4532- pass
4533- try:
4534- os.rename("/etc/waagent.conf", "/etc/waagent.conf.old")
4535- Warn("Existing /etc/waagent.conf has been renamed to /etc/waagent.conf.old")
4536- except:
4537- pass
4538- SetFileContents("/etc/waagent.conf", WaagentConf)
4539- SetFileContents("/etc/logrotate.d/waagent", WaagentLogrotate)
4540- filepath = "/etc/ssh/sshd_config"
4541- ReplaceFileContentsAtomic(filepath, "\n".join(filter(lambda a: not
4542- a.startswith("ClientAliveInterval"),
4543- GetFileContents(filepath).split('\n'))) + "ClientAliveInterval 180\n")
4544- Log("Configured SSH client probing to keep connections alive.")
4545- ApplyVNUMAWorkaround()
4546- return 0
4547-
4548-def Uninstall():
4549- if IsWindows():
4550- print("ERROR: -uninstall invalid for windows, see waagent_service.exe")
4551- return 1
4552- SwitchCwd()
4553- for a in RulesFiles:
4554- if os.path.isfile(GetLastPathElement(a)):
4555- try:
4556- shutil.move(GetLastPathElement(a), a)
4557- Warn("Moved " + LibDir + "/" + GetLastPathElement(a) + " -> " + a )
4558- except:
4559- pass
4560-
4561- filepath = "/etc/init.d/"
4562- filename = "waagent"
4563-
4564- if IsUbuntu():
4565- Run("stop " + filename)
4566- filepath = "/etc/init/"
4567- filename = "waagent.conf"
4568- else:
4569- a = IsRedHat() + IsDebian() * 2 + IsSuse() * 3
4570- if a == 0:
4571- Error("Unable to detect Linux Distribution.")
4572- return 1
4573- Run("service " + filename + " stop")
4574- cmd = ["chkconfig --del " + filename,
4575- "update-rc.d -f " + filename + " remove",
4576- "insserv -r " + filename][a - 1]
4577- Run(cmd)
4578-
4579- for f in os.listdir(LibDir) + [filepath + filename, "/etc/waagent.conf", "/etc/logrotate.d/waagent", "/etc/sudoers.d/waagent"]:
4580- try:
4581- os.remove(f)
4582- except:
4583- pass
4584- RevertVNUMAWorkaround()
4585- return 0
4586-
4587-def DeleteRootPassword():
4588- SetFileContents("/etc/shadow-temp", "")
4589- os.chmod("/etc/shadow-temp", 0000)
4590- Run("(echo root:*LOCK*:14600:::::: && grep -v ^root /etc/shadow ) > /etc/shadow-temp")
4591- Run("mv -f /etc/shadow-temp /etc/shadow")
4592- Log("Root password deleted.")
4593-
4594-def Deprovision(force, deluser):
4595- if IsWindows():
4596- Run(os.environ["windir"] + "\\system32\\sysprep\\sysprep.exe /generalize")
4597- return 0
4598-
4599- SwitchCwd()
4600- ovfxml = GetFileContents("ovf-env.xml")
4601- ovfobj = None
4602- if ovfxml != None:
4603- ovfobj = OvfEnv().Parse(ovfxml)
4604-
4605- print("WARNING! The waagent service will be stopped.")
4606- print("WARNING! All SSH host key pairs will be deleted.")
4607-
4608- if IsUbuntu():
4609- print("WARNING! Nameserver configuration in /etc/resolvconf/resolv.conf.d/{tail,originial} will be deleted.")
4610- else:
4611- print("WARNING! Nameserver configuration in /etc/resolv.conf will be deleted.")
4612-
4613- print("WARNING! Cached DHCP leases will be deleted.")
4614-
4615- delRootPass = Config.get("Provisioning.DeleteRootPassword")
4616- if delRootPass != None and delRootPass.lower().startswith("y"):
4617- print("WARNING! root password will be disabled. You will not be able to login as root.")
4618-
4619- if ovfobj != None and deluser == True:
4620- print("WARNING! " + ovfobj.UserName + " account and entire home directory will be deleted.")
4621-
4622- if force == False and not raw_input('Do you want to proceed (y/n)? ').startswith('y'):
4623- return 1
4624-
4625- Run("service waagent stop")
4626-
4627- if deluser == True:
4628- DeleteAccount(ovfobj.UserName)
4629-
4630- # Remove SSH host keys
4631- regenerateKeys = Config.get("Provisioning.RegenerateSshHostKeyPair")
4632- if regenerateKeys == None or regenerateKeys.lower().startswith("y"):
4633- Run("rm -f /etc/ssh/ssh_host_*key*")
4634-
4635- # Remove root password
4636- if delRootPass != None and delRootPass.lower().startswith("y"):
4637- DeleteRootPassword()
4638-
4639- # Remove distribution specific networking configuration
4640-
4641- UpdateAndPublishHostNameCommon("localhost.localdomain")
4642-
4643- # RedHat, Suse, Debian
4644- for a in VarLibDhcpDirectories:
4645- Run("rm -f " + a + "/*")
4646-
4647- # Clear LibDir, remove nameserver and root bash history
4648- fileBlackList = [ "/root/.bash_history", "/var/log/waagent.log" ]
4649-
4650- # Ubuntu uses resolvconf, so we want to preserve the ability to use resolvconf
4651- if IsUbuntu():
4652- if os.path.realpath('/etc/resolv.conf') != '/run/resolvconf/resolv.conf':
4653- Log("resolvconf is not configured. Removing /etc/resolv.conf")
4654- fileBlackList.append('/etc/resolv.conf')
4655- else:
4656- Log("resolvconf is enabled; leaving /etc/resolv.conf intact")
4657- resolvConfD = '/etc/resolvconf/resolv.conf.d/'
4658- fileBlackList.extend([resolvConfD + 'tail', resolvConfD + 'originial' ])
4659- else:
4660- fileBlackList.append(os.listdir(LibDir) + '/etc/resolv.conf')
4661-
4662- for f in os.listdir(LibDir) + fileBlackList:
4663- try:
4664- os.remove(f)
4665- except:
4666- pass
4667-
4668- return 0
4669-
4670-def SwitchCwd():
4671- if not IsWindows():
4672- CreateDir(LibDir, "root", 0700)
4673- os.chdir(LibDir)
4674-
4675-def Usage():
4676- print("usage: " + sys.argv[0] + " [-verbose] [-force] [-help|-install|-uninstall|-deprovision[+user]|-version|-serialconsole|-daemon]")
4677- return 0
4678-
4679-if GuestAgentVersion == "":
4680- print("WARNING! This is a non-standard agent that does not include a valid version string.")
4681-if IsLinux() and not DetectLinuxDistro():
4682- print("WARNING! Unable to detect Linux distribution. Some functionality may be broken.")
4683-
4684-if len(sys.argv) == 1:
4685- sys.exit(Usage())
4686-
4687-args = []
4688-force = False
4689-for a in sys.argv[1:]:
4690- if re.match("^([-/]*)(help|usage|\?)", a):
4691- sys.exit(Usage())
4692- elif re.match("^([-/]*)verbose", a):
4693- Verbose = True
4694- elif re.match("^([-/]*)force", a):
4695- force = True
4696- elif re.match("^([-/]*)(setup|install)", a):
4697- sys.exit(Install())
4698- elif re.match("^([-/]*)(uninstall)", a):
4699- sys.exit(Uninstall())
4700- else:
4701- args.append(a)
4702-
4703-Config = ConfigurationProvider()
4704-
4705-verbose = Config.get("Logs.Verbose")
4706-if verbose != None and verbose.lower().startswith("y"):
4707- Verbose = True
4708-
4709-daemon = False
4710-for a in args:
4711- if re.match("^([-/]*)deprovision\+user", a):
4712- sys.exit(Deprovision(force, True))
4713- elif re.match("^([-/]*)deprovision", a):
4714- sys.exit(Deprovision(force, False))
4715- elif re.match("^([-/]*)daemon", a):
4716- daemon = True
4717- elif re.match("^([-/]*)version", a):
4718- print(GuestAgentVersion + " running on " + LinuxDistro)
4719- sys.exit(0)
4720- elif re.match("^([-/]*)serialconsole", a):
4721- AddToLinuxKernelCmdline("console=ttyS0 earlyprintk=ttyS0")
4722- Log("Configured kernel to use ttyS0 as the boot console.")
4723- sys.exit(0)
4724- else:
4725- print("Invalid command line parameter:" + a)
4726- sys.exit(1)
4727-
4728-if daemon == False:
4729- sys.exit(Usage())
4730-
4731-try:
4732- SwitchCwd()
4733- Log(GuestAgentLongName + " Version: " + GuestAgentVersion)
4734- if IsLinux():
4735- Log("Linux Distribution Detected : " + LinuxDistro)
4736- WaAgent = Agent()
4737- WaAgent.Run()
4738-except Exception, e:
4739- Error(traceback.format_exc())
4740- Error("Exception: " + str(e))
4741- sys.exit(1)
4742
4743=== removed file '.pc/applied-patches'
4744--- .pc/applied-patches 2012-06-22 09:10:22 +0000
4745+++ .pc/applied-patches 1970-01-01 00:00:00 +0000
4746@@ -1,2 +0,0 @@
4747-000_ubuntu_init_resolvconf.patch
4748-001_ubuntu_agent_startup.patch
4749
4750=== added file 'Changelog'
4751--- Changelog 1970-01-01 00:00:00 +0000
4752+++ Changelog 2012-11-28 16:02:22 +0000
4753@@ -0,0 +1,12 @@
4754+WALinuxAgent Changelog
4755+|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
4756+
4757+09 Nov 2012, WALinuxAgent 1.1
4758+ . Added sock.settimeout in DoDhcpWork() to properly timeout sock.recv
4759+ . Added missingDefaultRoute to handle routing issues when DHCP responses not
4760+ handled properly
4761+ . Added Children.append to avoid zombies
4762+ . Fixed ifrenew for compatibility
4763+ . Fixed shadow password file for correct SELinux context
4764+ . Minor cleanup work
4765+ . Added Changelog :)
4766
4767=== modified file 'debian/changelog'
4768--- debian/changelog 2012-08-09 21:51:23 +0000
4769+++ debian/changelog 2012-11-28 16:02:22 +0000
4770@@ -1,3 +1,37 @@
4771+walinuxagent (1.1-0ubuntu2~12.10.01) UNRELEASED; urgency=low
4772+
4773+ * Backport of fix for LP: #1079897 from development release.
4774+
4775+ -- Louis Bouchard <louis.bouchard@canonical.com> Wed, 28 Nov 2012 16:51:12 +0100
4776+
4777+walinuxagent (1.1-0ubuntu2) raring; urgency=low
4778+
4779+ * Stop upgrades purging walinuxagent meta-data and configuration files
4780+ (LP: #1079897):
4781+ - d/{control,walinuxagent-data-saver.preinst}: Added
4782+ walinuxagent-data-saver package to ensure that agent generated data is
4783+ not lost on upgrade by diverting /usr/sbin/waagent during the upgrade
4784+ process.
4785+ - d/walinuxagent-data-saver.lintian-overrides: Override errors about use
4786+ of dpkg-divert in this package.
4787+ - d/control: Added Pre-Depends to walinuxagent on walinuxagent-data-saver.
4788+ - d/prerm: Stop calling waagent --uninstall during reconfiguration
4789+ and upgrade, specify files to remove manually for purge.
4790+ - d/postinst: Remove divert of /usr/sbin/waagent prior to completion of
4791+ package install.
4792+ * d/preinst: If upgrading from package version with unmanaged waagent upstart
4793+ configuration stop the agent and remove the upstart configuration.
4794+ * d/upstart: Tidied description in upstart job.
4795+
4796+ -- James Page <james.page@ubuntu.com> Fri, 23 Nov 2012 16:07:41 +0000
4797+
4798+walinuxagent (1.1-0ubuntu1) raring; urgency=low
4799+
4800+ * New upstream version (LP: #1078074, #1077147).
4801+ * Moved upstart job to be managed by packaging.
4802+
4803+ -- Ben Howard <ben.howard@ubuntu.com> Wed, 14 Nov 2012 10:59:37 -0700
4804+
4805 walinuxagent (1.0~git20120606.c16f5e9-0ubuntu2~12.04.1) precise-proposed; urgency=low
4806
4807 * Backport for enablement of Windows Azure IaaS platform in
4808
4809=== modified file 'debian/control'
4810--- debian/control 2012-08-06 10:24:07 +0000
4811+++ debian/control 2012-11-28 16:02:22 +0000
4812@@ -10,6 +10,7 @@
4813
4814 Package: walinuxagent
4815 Architecture: i386 amd64
4816+Pre-Depends: walinuxagent-data-saver (= ${binary:Version})
4817 Depends: python (>= 2.4),
4818 openssl (>=1.0),
4819 openssh-server (>=1:5.9p1),
4820@@ -23,3 +24,12 @@
4821 The Windows Azure Linux Agent supports the provisioning and running of Linux
4822 VMs in the Windows Azure cloud. This package should be installed on Linux
4823 disk images that are built to run in the Windows Azure environment.
4824+
4825+Package: walinuxagent-data-saver
4826+Architecture: i386 amd64
4827+Depends: ${misc:Depends}
4828+Description: Helper package which ensures safe upgrade for walinuxagent
4829+ Early versions of walinuxagent contained a bug the deleted configuration and
4830+ data on reconfiguration or upgrade.
4831+ .
4832+ This package is used to ensure safe upgrades.
4833
4834=== added file 'debian/patches/000_resolv-conf.patch'
4835--- debian/patches/000_resolv-conf.patch 1970-01-01 00:00:00 +0000
4836+++ debian/patches/000_resolv-conf.patch 2012-11-28 16:02:22 +0000
4837@@ -0,0 +1,32 @@
4838+Index: wa-new/waagent
4839+===================================================================
4840+--- wa-new.orig/waagent 2012-11-14 11:06:12.227371000 -0700
4841++++ wa-new/waagent 2012-11-14 11:07:53.093401274 -0700
4842+@@ -2262,7 +2262,26 @@
4843+ Run("rm -f " + a + "/*")
4844+
4845+ # Clear LibDir, remove nameserver and root bash history
4846+- for f in os.listdir(LibDir) + ["/etc/resolv.conf", "/root/.bash_history", "/var/log/waagent.log"]:
4847++ fileBlackList = [ "/root/.bash_history", "/var/log/waagent.log" ]
4848++
4849++ if IsUbuntu():
4850++ # Ubuntu uses resolv.conf by default, so removing /etc/resolv.conf will
4851++ # break resolvconf. Therefore, we check to see if resolvconf is in use,
4852++ # and if so, we remove the resolvconf artifacts.
4853++
4854++ if os.path.realpath('/etc/resolv.conf') != '/run/resolvconf/resolv.conf':
4855++ Log("resolvconf is not configured. Removing /etc/resolv.conf")
4856++ fileBlackList.append('/etc/resolv.conf')
4857++ else:
4858++ Log("resolvconf is enabled; leaving /etc/resolv.conf intact")
4859++ resolvConfD = '/etc/resolvconf/resolv.conf.d/'
4860++ fileBlackList.extend([resolvConfD + 'tail', resolvConfD + 'originial' ])
4861++ else:
4862++ fileBlackList.append(os.listdir(LibDir) + '/etc/resolv.conf')
4863++
4864++
4865++ # Clear LibDir, remove nameserver and root bash history
4866++ for f in os.listdir(LibDir) + fileBlackList:
4867+ try:
4868+ os.remove(f)
4869+ except:
4870
4871=== removed file 'debian/patches/000_ubuntu_init_resolvconf.patch'
4872--- debian/patches/000_ubuntu_init_resolvconf.patch 2012-06-22 09:10:22 +0000
4873+++ debian/patches/000_ubuntu_init_resolvconf.patch 1970-01-01 00:00:00 +0000
4874@@ -1,153 +0,0 @@
4875-Description: Microsoft provided walinuxagent does not include the
4876- required UFS module, is not resolvconf aware, and does not provide
4877- an upstart script; this patch fixes all of that.
4878-Author: Ben Howard <ben.howard@ubuntu.com>
4879-Bug-Ubuntu: https://bugs.launchpad.net/bugs/1014864
4880-Forwarded: yes
4881-
4882---- a/waagent
4883-+++ b/waagent
4884-@@ -1970,6 +1970,26 @@ esac
4885- exit $RETVAL
4886- """
4887-
4888-+Init_Ubuntu = """\
4889-+#walinuxagent - start Windows Azure agent
4890-+
4891-+description "walinuxagent"
4892-+author "Ben Howard <ben.howard@canonical.com>"
4893-+
4894-+start on (filesystem and started rsyslog)
4895-+
4896-+pre-start script
4897-+ if [ ! -x /usr/sbin/waagent ]; then
4898-+ exit 1
4899-+ fi
4900-+
4901-+ #Load the udf module
4902-+ modprobe -b udf
4903-+end script
4904-+
4905-+exec /usr/sbin/waagent -daemon
4906-+"""
4907-+
4908- Init_Debian = """\
4909- #!/bin/sh
4910- ### BEGIN INIT INFO
4911-@@ -2135,18 +2155,30 @@ def Install():
4912- os.remove(GetLastPathElement(a))
4913- shutil.move(a, ".")
4914- Warn("Moved " + a + " -> " + LibDir + "/" + GetLastPathElement(a) )
4915-- filename = "waagent"
4916-- filepath = "/etc/init.d/" + filename
4917-- distro = IsRedHat() + IsDebian() * 2 + IsSuse() * 3
4918-- if distro == 0:
4919-- Error("Unable to detect Linux Distribution.")
4920-- return 1
4921-- init = [[Init_RedHat, "chkconfig --add " + filename],
4922-- [Init_Debian, "update-rc.d " + filename + " defaults"],
4923-- [Init_Suse, "insserv " + filename]][distro - 1]
4924-- SetFileContents(filepath, init[0])
4925-- os.chmod(filepath, 0755)
4926-- Run(init[1])
4927-+
4928-+ if IsUbuntu():
4929-+ # Support for Ubuntu's upstart configuration
4930-+ filename="waagent.conf"
4931-+ filepath = "/etc/init/" + filename
4932-+ SetFileContents(filepath, Init_Ubuntu)
4933-+ os.chmod(filepath, 0644)
4934-+
4935-+ else:
4936-+ # Regular init.d configurations
4937-+ filename = "waagent"
4938-+ filepath = "/etc/init.d/" + filename
4939-+
4940-+ distro = IsRedHat() + IsDebian() * 2 + IsSuse()
4941-+ if distro == 0:
4942-+ Error("Unable to detect Linux Distribution.")
4943-+ return 1
4944-+ init = [[Init_RedHat, "chkconfig --add " + filename],
4945-+ [Init_Debian, "update-rc.d " + filename + " defaults"],
4946-+ [Init_Suse, "insserv " + filename]][distro - 1]
4947-+ SetFileContents(filepath, init[0])
4948-+ os.chmod(filepath, 0755)
4949-+ Run(init[1])
4950-+
4951- if os.path.isfile("/etc/waagent.conf"):
4952- try:
4953- os.remove("/etc/waagent.conf.old")
4954-@@ -2179,17 +2211,26 @@ def Uninstall():
4955- Warn("Moved " + LibDir + "/" + GetLastPathElement(a) + " -> " + a )
4956- except:
4957- pass
4958-+
4959-+ filepath = "/etc/init.d/"
4960- filename = "waagent"
4961-- a = IsRedHat() + IsDebian() * 2 + IsSuse() * 3
4962-- if a == 0:
4963-- Error("Unable to detect Linux Distribution.")
4964-- return 1
4965-- Run("service " + filename + " stop")
4966-- cmd = ["chkconfig --del " + filename,
4967-- "update-rc.d -f " + filename + " remove",
4968-- "insserv -r " + filename][a - 1]
4969-- Run(cmd)
4970-- for f in os.listdir(LibDir) + ["/etc/init.d/" + filename, "/etc/waagent.conf", "/etc/logrotate.d/waagent", "/etc/sudoers.d/waagent"]:
4971-+
4972-+ if IsUbuntu():
4973-+ Run("stop " + filename)
4974-+ filepath = "/etc/init/"
4975-+ filename = "waagent.conf"
4976-+ else:
4977-+ a = IsRedHat() + IsDebian() * 2 + IsSuse() * 3
4978-+ if a == 0:
4979-+ Error("Unable to detect Linux Distribution.")
4980-+ return 1
4981-+ Run("service " + filename + " stop")
4982-+ cmd = ["chkconfig --del " + filename,
4983-+ "update-rc.d -f " + filename + " remove",
4984-+ "insserv -r " + filename][a - 1]
4985-+ Run(cmd)
4986-+
4987-+ for f in os.listdir(LibDir) + [filepath + filename, "/etc/waagent.conf", "/etc/logrotate.d/waagent", "/etc/sudoers.d/waagent"]:
4988- try:
4989- os.remove(f)
4990- except:
4991-@@ -2217,7 +2258,12 @@ def Deprovision(force, deluser):
4992-
4993- print("WARNING! The waagent service will be stopped.")
4994- print("WARNING! All SSH host key pairs will be deleted.")
4995-- print("WARNING! Nameserver configuration in /etc/resolv.conf will be deleted.")
4996-+
4997-+ if IsUbuntu():
4998-+ print("WARNING! Nameserver configuration in /etc/resolvconf/resolv.conf.d/{tail,originial} will be deleted.")
4999-+ else:
5000-+ print("WARNING! Nameserver configuration in /etc/resolv.conf will be deleted.")
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches