diff --git a/image_creator/bundle_volume.py b/image_creator/bundle_volume.py
index eec084f847f58c967a68da67858b0a417f817ae2..772e5043d070abea089f0c92f21ac54c480c6444 100644
--- a/image_creator/bundle_volume.py
+++ b/image_creator/bundle_volume.py
@@ -267,8 +267,11 @@ class BundleVolume(object):
name = os.path.basename(dev) + "_" + uuid.uuid4().hex
tablefd, table = tempfile.mkstemp()
try:
- size = end - start + 1
- os.write(tablefd, "0 %d linear %s %d" % (size, dev, start))
+ try:
+ size = end - start + 1
+ os.write(tablefd, "0 %d linear %s %d" % (size, dev, start))
+ finally:
+ os.close(tablefd)
dmsetup('create', "%sp%d" % (name, num), table)
finally:
os.unlink(table)
@@ -301,7 +304,7 @@ class BundleVolume(object):
mpoints = []
for entry in self._read_fstable('/proc/mounts'):
if entry.mpoint.startswith(os.path.abspath(target)):
- mpoints.append(entry.mpoint)
+ mpoints.append(entry.mpoint)
mpoints.sort()
for mpoint in reversed(mpoints):
@@ -333,10 +336,9 @@ class BundleVolume(object):
continue
dirname = mpoint
- basename = ''
found_ancestor = False
while dirname != '/':
- (dirname, basename) = os.path.split(dirname)
+ (dirname, _) = os.path.split(dirname)
if dirname in excluded:
found_ancestor = True
break
diff --git a/image_creator/dialog_menu.py b/image_creator/dialog_menu.py
index a6228dbc48980e12d533f00be14a7cc608c5b409..351f0b9687c17960064fc13b8f66a14225ead735 100644
--- a/image_creator/dialog_menu.py
+++ b/image_creator/dialog_menu.py
@@ -68,6 +68,8 @@ CONFIGURATION_TASKS = [
("File injection", ["EnforcePersonality"], ["windows", "linux"])
]
+SYSPREP_PARAM_MAXLEN = 20
+
class MetadataMonitor(object):
"""Monitors image metadata chages"""
@@ -397,9 +399,9 @@ def kamaki_menu(session):
if len(Kamaki.get_clouds()):
default_item = "Cloud"
else:
- default_time = "Add/Edit"
+ default_item = "Add/Edit"
else:
- default_time = "Delete"
+ default_item = "Delete"
elif choice == "Cloud":
default_item = "Cloud"
clouds = Kamaki.get_clouds()
@@ -619,6 +621,75 @@ def exclude_tasks(session):
return True
+def sysprep_params(session):
+ """Collect the needed sysprep parameters"""
+ d = session['dialog']
+ image = session['image']
+
+ available = image.os.sysprep_params
+ needed = image.os.needed_sysprep_params
+
+ if len(needed) == 0:
+ return True
+
+ def print_form(names, extra_button=False):
+ """print the dialog form providing sysprep_params"""
+ fields = []
+ for name in names:
+ param = needed[name]
+ default = str(available[name]) if name in available else ""
+ fields.append(("%s: " % param.description, default,
+ SYSPREP_PARAM_MAXLEN))
+
+ kwargs = {}
+ if extra_button:
+ kwargs['extra_button'] = 1
+ kwargs['extra_label'] = "Advanced"
+
+ txt = "Please provide the following system preparation parameters:"
+ return d.form(txt, height=13, width=WIDTH, form_height=len(fields),
+ fields=fields, **kwargs)
+
+ def check_params(names, values):
+ """check if the provided sysprep parameters have leagal values"""
+ for i in range(len(names)):
+ param = needed[names[i]]
+ try:
+ normalized = param.type(values[i])
+ if param.validate(normalized):
+ image.os.sysprep_params[names[i]] = normalized
+ continue
+ except ValueError:
+ pass
+
+ d.msgbox("Invalid value for parameter: `%s'" % names[i],
+ width=SMALL_WIDTH)
+ return False
+ return True
+
+ simple_names = [k for k, v in needed.items() if v.default is None]
+ advanced_names = [k for k, v in needed.items() if v.default is not None]
+
+ while 1:
+ code, output = print_form(simple_names, extra_button=True)
+
+ if code in (d.DIALOG_CANCEL, d.DIALOG_ESC):
+ return False
+ if code == d.DIALOG_EXTRA:
+ while 1:
+ code, output = print_form(advanced_names)
+ if code in (d.DIALOG_CANCEL, d.DIALOG_ESC):
+ break
+ if check_params(advanced_names, output):
+ break
+ continue
+
+ if check_params(simple_names, output):
+ break
+
+ return True
+
+
def sysprep(session):
"""Perform various system preperation tasks on the image"""
d = session['dialog']
@@ -683,6 +754,9 @@ def sysprep(session):
title="System Preperation", width=SMALL_WIDTH)
continue
+ if not sysprep_params(session):
+ continue
+
infobox = InfoBoxOutput(d, "Image Configuration")
try:
image.out.add(infobox)
diff --git a/image_creator/dialog_wizard.py b/image_creator/dialog_wizard.py
index 8abcfed6e90dbb718572bc6080e4fcaf194ec42d..0856d8ae1a7768cfaa6d03324ea6991b94497ed6 100644
--- a/image_creator/dialog_wizard.py
+++ b/image_creator/dialog_wizard.py
@@ -49,6 +49,7 @@ from image_creator.dialog_util import extract_image, update_background_title, \
PAGE_WIDTH = 70
PAGE_HEIGHT = 10
+SYSPREP_PARAM_MAXLEN = 20
class WizardExit(Exception):
@@ -208,6 +209,36 @@ class WizardInputPage(WizardPage):
return self.NEXT
+class WizardFormPage(WizardPage):
+ """Represents a Form in a wizard"""
+
+ def __init__(self, name, display_name, text, fields, **kargs):
+ super(WizardFormPage, self).__init__(name, display_name, text, **kargs)
+ self.fields = fields
+
+ def run(self, session, title):
+ d = session['dialog']
+ w = session['wizard']
+
+ field_lenght = len(self.fields())
+ form_height = field_lenght if field_lenght < PAGE_HEIGHT - 4 \
+ else PAGE_HEIGHT - 4
+
+ (code, output) = d.form(
+ self.text, width=PAGE_WIDTH, height=PAGE_HEIGHT,
+ form_height=form_height, ok_label="Next", cancel="Back",
+ fields=self.fields(), title=title)
+
+ if code in (d.DIALOG_CANCEL, d.DIALOG_ESC):
+ return self.PREV
+
+ w[self.name] = self.validate(output)
+ self.default = output
+ self.info = "%s: %s" % (self.display_name, self.display(w[self.name]))
+
+ return self.NEXT
+
+
class WizardMenuPage(WizardPageWthChoices):
"""Represents a menu dialog with available choices in a wizard"""
@@ -250,9 +281,11 @@ class WizardMenuPage(WizardPageWthChoices):
def start_wizard(session):
"""Run the image creation wizard"""
- distro = session['image'].distro
- ostype = session['image'].ostype
+ image = session['image']
+ distro = image.distro
+ ostype = image.ostype
+ # Create Cloud Wizard Page
def cloud_choices():
choices = []
for (name, cloud) in Kamaki.get_clouds().items():
@@ -279,7 +312,7 @@ def start_wizard(session):
if edit_cloud(session, cloud):
return cloud
- raise WizardInvalidData
+ raise WizardReloadPage
return cloud
@@ -289,16 +322,59 @@ def start_wizard(session):
choices=cloud_choices, extra_label="Add", extra=cloud_add,
title="Clouds", validate=cloud_validate, fallback=cloud_none_available)
+ # Create Image Name Wizard Page
name = WizardInputPage(
"ImageName", "Image Name", "Please provide a name for the image:",
title="Image Name", default=ostype if distro == "unknown" else distro)
+ # Create Image Description Wizard Page
descr = WizardInputPage(
"ImageDescription", "Image Description",
"Please provide a description for the image:",
title="Image Description", default=session['metadata']['DESCRIPTION']
if 'DESCRIPTION' in session['metadata'] else '')
+ # Create Sysprep Params Wizard Page
+ needed = image.os.needed_sysprep_params
+ # Only show the parameters that don't have default values
+ param_names = [param for param in needed if needed[param].default is None]
+
+ def sysprep_params_fields():
+ fields = []
+ available = image.os.sysprep_params
+ for name in param_names:
+ text = needed[name].description
+ default = str(available[name]) if name in available else ""
+ fields.append(("%s: " % text, default, SYSPREP_PARAM_MAXLEN))
+ return fields
+
+ def sysprep_params_validate(answer):
+ params = {}
+ for i in range(len(answer)):
+ try:
+ value = needed[param_names[i]].type(answer[i])
+ if needed[param_names[i]].validate(value):
+ params[param_names[i]] = value
+ continue
+ except ValueError:
+ pass
+
+ session['dialog'].msgbox("Invalid value for parameter `%s'" %
+ param_names[i])
+ raise WizardReloadPage
+ return params
+
+ def sysprep_params_display(params):
+ return ",".join(["%s=%s" % (key, val) for key, val in params.items()])
+
+ sysprep_params = WizardFormPage(
+ "SysprepParams", "Sysprep Parameters",
+ "Prease fill in the following system preparation parameters:",
+ title="System Preparation Parameters", fields=sysprep_params_fields,
+ display=sysprep_params_display, validate=sysprep_params_validate
+ ) if len(needed) != 0 else None
+
+ # Create Image Registration Wizard Page
def registration_choices():
return [("Private", "Image is accessible only by this user"),
("Public", "Everyone can create VMs from this image")]
@@ -313,6 +389,8 @@ def start_wizard(session):
w.add_page(cloud)
w.add_page(name)
w.add_page(descr)
+ if sysprep_params is not None:
+ w.add_page(sysprep_params)
w.add_page(registration)
if w.run():
@@ -336,6 +414,7 @@ def create_image(session):
out.clear()
#Sysprep
+ image.os.sysprep_params.update(wizard['SysprepParams'])
image.os.do_sysprep()
metadata = image.os.meta
diff --git a/image_creator/disk.py b/image_creator/disk.py
index 76a53aa4102a9054a459aa7214c3108786d7365c..e4b6bc8913ed3e3664823ebd1f8eb6da0a0fdb03 100644
--- a/image_creator/disk.py
+++ b/image_creator/disk.py
@@ -174,20 +174,23 @@ class Disk(object):
snapshot = uuid.uuid4().hex
tablefd, table = tempfile.mkstemp()
try:
- os.write(tablefd, "0 %d snapshot %s %s n 8" %
- (int(size), sourcedev, cowdev))
+ try:
+ os.write(tablefd, "0 %d snapshot %s %s n 8" %
+ (int(size), sourcedev, cowdev))
+ finally:
+ os.close(tablefd)
+
dmsetup('create', snapshot, table)
self._add_cleanup(try_fail_repeat, dmsetup, 'remove', snapshot)
-
finally:
os.unlink(table)
self.out.success('done')
return "/dev/mapper/%s" % snapshot
- def get_image(self, media):
+ def get_image(self, media, **kargs):
"""Returns a newly created Image instance."""
- image = Image(media, self.out)
+ image = Image(media, self.out, **kargs)
self._images.append(image)
image.enable()
return image
diff --git a/image_creator/image.py b/image_creator/image.py
index b27c1ebcd5af51c9aea36157d235eb19b02edeff..2ec52a6d12cf0dcce48eec39d0eab89b1ae432c5 100644
--- a/image_creator/image.py
+++ b/image_creator/image.py
@@ -33,7 +33,7 @@
# interpreted as representing official policies, either expressed
# or implied, of GRNET S.A.
-from image_creator.util import FatalError
+from image_creator.util import FatalError, check_guestfs_version
from image_creator.gpt import GPTPartitionTable
from image_creator.os_type import os_cls
@@ -45,13 +45,16 @@ from sendfile import sendfile
class Image(object):
"""The instances of this class can create images out of block devices."""
- def __init__(self, device, output, bootable=True, meta={}):
+ def __init__(self, device, output, **kargs):
"""Create a new Image instance"""
self.device = device
self.out = output
- self.bootable = bootable
- self.meta = meta
+
+ self.meta = kargs['meta'] if 'meta' in kargs else {}
+ self.sysprep_params = \
+ kargs['sysprep_params'] if 'sysprep_params' in kargs else {}
+
self.progress_bar = None
self.guestfs_device = None
self.size = 0
@@ -64,14 +67,11 @@ class Image(object):
# file descriptors. This can cause problems especially if the parent
# process has opened pipes. Since the recovery process is an optional
# feature of libguestfs, it's better to disable it.
- self.g.set_recovery_proc(0)
- version = self.g.version()
- if version['major'] > 1 or \
- (version['major'] == 1 and (version['minor'] >= 18 or
- (version['minor'] == 17 and
- version['release'] >= 14))):
- self.g.set_recovery_proc(1)
+ if check_guestfs_version(self.g, 1, 17, 14) >= 0:
self.out.output("Enabling recovery proc")
+ self.g.set_recovery_proc(1)
+ else:
+ self.g.set_recovery_proc(0)
#self.g.set_trace(1)
#self.g.set_verbose(1)
@@ -121,7 +121,7 @@ class Image(object):
self.enable()
cls = os_cls(self.distro, self.ostype)
- self._os = cls(self.root, self.g, self.out)
+ self._os = cls(self, sysprep_params=self.sysprep_params)
self._os.collect_metadata()
diff --git a/image_creator/main.py b/image_creator/main.py
index bff95d964fcf18cdebb843ea6c42ab7c671ff5dd..8fecf1bbe4e4945dda8ce5f503494f33fdee98f9 100644
--- a/image_creator/main.py
+++ b/image_creator/main.py
@@ -121,6 +121,14 @@ def parse_options(input_args):
"input media", default=[], action="append",
metavar="SYSPREP")
+ parser.add_option("--print-sysprep-params", dest="print_sysprep_params",
+ default=False, help="print the needed sysprep parameters"
+ " for this input media", action="store_true")
+
+ parser.add_option("--sysprep-param", dest="sysprep_params", default=[],
+ help="Add KEY=VALUE system preparation parameter",
+ action="append")
+
parser.add_option("--no-sysprep", dest="sysprep", default=True,
help="don't perform any system preparation operation",
action="store_false")
@@ -170,6 +178,16 @@ def parse_options(input_args):
meta[key] = value
options.metadata = meta
+ sysprep_params = {}
+ for p in options.sysprep_params:
+ try:
+ key, value = p.split('=', 1)
+ except ValueError:
+ raise FatalError("Sysprep parameter optiont: `%s' is not in "
+ "KEY=VALUE format." % p)
+ sysprep_params[key] = value
+ options.sysprep_params = sysprep_params
+
return options
@@ -177,9 +195,9 @@ def image_creator():
options = parse_options(sys.argv[1:])
if options.outfile is None and not options.upload and not \
- options.print_sysprep:
- raise FatalError("At least one of `-o', `-u' or `--print-sysprep' "
- "must be set")
+ options.print_sysprep and not options.print_sysprep_params:
+ raise FatalError("At least one of `-o', `-u', `--print-sysprep' or "
+ "`--print-sysprep-params' must be set")
if options.silent:
out = SilentOutput()
@@ -253,7 +271,7 @@ def image_creator():
try:
snapshot = disk.snapshot()
- image = disk.get_image(snapshot)
+ image = disk.get_image(snapshot, sysprep_params=options.sysprep_params)
for sysprep in options.disabled_syspreps:
image.os.disable_sysprep(image.os.get_sysprep_by_name(sysprep))
@@ -265,6 +283,10 @@ def image_creator():
image.os.print_syspreps()
out.output()
+ if options.print_sysprep_params:
+ image.os.print_sysprep_params()
+ out.output()
+
if options.outfile is None and not options.upload:
return 0
diff --git a/image_creator/os_type/__init__.py b/image_creator/os_type/__init__.py
index ec4f20dffcda845b1beade073d09441396cb9955..69e45d916cadc8748cd31931063ab3d9aba1875f 100644
--- a/image_creator/os_type/__init__.py
+++ b/image_creator/os_type/__init__.py
@@ -41,6 +41,8 @@ from image_creator.util import FatalError
import textwrap
import re
+from collections import namedtuple
+from functools import wraps
def os_cls(distro, osfamily):
@@ -60,30 +62,81 @@ def os_cls(distro, osfamily):
def add_prefix(target):
+ """Decorator that adds a prefix to the result of a function"""
def wrapper(self, *args):
prefix = args[0]
- return map(lambda x: prefix + x, target(self, *args))
+ return [prefix + path for path in target(self, *args)]
return wrapper
-def sysprep(enabled=True):
+def sysprep(message, enabled=True, **kwargs):
"""Decorator for system preparation tasks"""
+ def wrapper(method):
+ method.sysprep = True
+ method.enabled = enabled
+ method.executed = False
+
+ for key, val in kwargs.items():
+ setattr(method, key, val)
+
+ @wraps(method)
+ def inner(self, print_message=True):
+ if print_message:
+ self.out.output(message)
+ return method(self)
+
+ return inner
+ return wrapper
+
+
+def add_sysprep_param(name, type, default, descr, validate=lambda x: True):
+ """Decorator for __init__ that adds the definition for a system preparation
+ parameter in an instance of a os_type class
+ """
+ def wrapper(init):
+ @wraps(init)
+ def inner(self, *args, **kwargs):
+ init(self, *args, **kwargs)
+ self.needed_sysprep_params[name] = \
+ self.SysprepParam(type, default, descr, validate)
+ if default is not None:
+ self.sysprep_params[name] = default
+ return inner
+ return wrapper
+
+
+def del_sysprep_param(name):
+ """Decorator for __init__ that deletes a previously added sysprep parameter
+ definition from an instance of a os_type class.
+ """
def wrapper(func):
- func.sysprep = True
- func.enabled = enabled
- func.executed = False
- return func
+ @wraps(func)
+ def inner(self, *args, **kwargs):
+ del self.needed_sysprep_params[name]
+ func(self, *args, **kwargs)
+ return inner
return wrapper
class OSBase(object):
"""Basic operating system class"""
- def __init__(self, rootdev, ghandler, output):
- self.root = rootdev
- self.g = ghandler
- self.out = output
+ SysprepParam = namedtuple('SysprepParam',
+ ['type', 'default', 'description', 'validate'])
+
+ def __init__(self, image, **kargs):
+ self.image = image
+
+ self.root = image.root
+ self.g = image.g
+ self.out = image.out
+
+ self.needed_sysprep_params = {}
+ self.sysprep_params = \
+ kargs['sysprep_params'] if 'sysprep_params' in kargs else {}
+
self.meta = {}
+ self.mounted = False
def collect_metadata(self):
"""Collect metadata about the OS"""
@@ -110,7 +163,10 @@ class OSBase(object):
"""Returns information about a sysprep object"""
assert self._is_sysprep(obj), "Object is not a sysprep"
- return (obj.__name__.replace('_', '-'), textwrap.dedent(obj.__doc__))
+ SysprepInfo = namedtuple("SysprepInfo", "name description")
+
+ return SysprepInfo(obj.__name__.replace('_', '-'),
+ textwrap.dedent(obj.__doc__))
def get_sysprep_by_name(self, name):
"""Returns the sysprep object with the given name"""
@@ -141,8 +197,8 @@ class OSBase(object):
"""Print enabled and disabled system preparation operations."""
syspreps = self.list_syspreps()
- enabled = filter(lambda x: x.enabled, syspreps)
- disabled = filter(lambda x: not x.enabled, syspreps)
+ enabled = [sysprep for sysprep in syspreps if sysprep.enabled]
+ disabled = [sysprep for sysprep in syspreps if not sysprep.enabled]
wrapper = textwrap.TextWrapper()
wrapper.subsequent_indent = '\t'
@@ -167,6 +223,21 @@ class OSBase(object):
descr = wrapper.fill(textwrap.dedent(sysprep.__doc__))
self.out.output(' %s:\n%s\n' % (name, descr))
+ def print_sysprep_params(self):
+ """Print the system preparation parameter the user may use"""
+
+ self.out.output("Needed system preparation parameters:")
+
+ if len(self.needed_sysprep_params) == 0:
+ self.out.output("(none)")
+ return
+
+ for name, param in self.needed_sysprep_params.items():
+ self.out.output("\t%s (%s): %s" %
+ (param.description, name,
+ self.sysprep_params[name] if name in
+ self.sysprep_params else "(none)"))
+
def do_sysprep(self):
"""Prepare system for image creation."""
@@ -176,8 +247,7 @@ class OSBase(object):
self.out.output('Preparing system for image creation:')
- tasks = self.list_syspreps()
- enabled = filter(lambda x: x.enabled, tasks)
+ enabled = [task for task in self.list_syspreps() if task.enabled]
size = len(enabled)
cnt = 0
diff --git a/image_creator/os_type/freebsd.py b/image_creator/os_type/freebsd.py
index 02bd8dc8ae2a9747cc810ba447bb6b1f9ce5adda..7efd56ec684c0a37eea50708123a5dfe68f4c6b8 100644
--- a/image_creator/os_type/freebsd.py
+++ b/image_creator/os_type/freebsd.py
@@ -42,17 +42,11 @@ import re
class Freebsd(Unix):
"""OS class for FreeBSD Unix-like os"""
- def __init__(self, rootdev, ghandler, output):
- super(Freebsd, self).__init__(rootdev, ghandler, output)
- @sysprep()
- def cleanup_password(self, print_header=True):
+ @sysprep("Cleaning up passwords & locking all user accounts")
+ def cleanup_password(self):
"""Remove all passwords and lock all user accounts"""
- if print_header:
- self.out.output("Cleaning up passwords & locking all user "
- "accounts")
-
master_passwd = []
for line in self.g.cat('/etc/master.passwd').splitlines():
@@ -116,7 +110,7 @@ class Freebsd(Unix):
# libguestfs can't handle correct freebsd partitions on a GUID
# Partition Table. We have to do the translation to linux device names
# ourselves
- guid_device = re.compile('^/dev/((?:ada)|(?:vtbd))(\d+)p(\d+)$')
+ guid_device = re.compile(r'^/dev/((?:ada)|(?:vtbd))(\d+)p(\d+)$')
mopts = "ufstype=ufs2,%s" % ('ro' if readonly else 'rw')
for mp, dev in self._mountpoints():
diff --git a/image_creator/os_type/linux.py b/image_creator/os_type/linux.py
index 47243368f1fadcf41178341813818dbf6c52878e..71ce109e0825540e4999961f2b1a4ce535d4025f 100644
--- a/image_creator/os_type/linux.py
+++ b/image_creator/os_type/linux.py
@@ -43,19 +43,15 @@ import time
class Linux(Unix):
"""OS class for Linux"""
- def __init__(self, rootdev, ghandler, output):
- super(Linux, self).__init__(rootdev, ghandler, output)
+ def __init__(self, image, **kargs):
+ super(Linux, self).__init__(image, **kargs)
self._uuid = dict()
self._persistent = re.compile('/dev/[hsv]d[a-z][1-9]*')
- @sysprep(enabled=False)
- def remove_user_accounts(self, print_header=True):
+ @sysprep('Removing user accounts with id greater that 1000', enabled=False)
+ def remove_user_accounts(self):
"""Remove all user accounts with id greater than 1000"""
- if print_header:
- self.out.output("Removing all user accounts with id greater than "
- "1000")
-
if 'USERS' not in self.meta:
return
@@ -105,14 +101,10 @@ class Linux(Unix):
if self.g.is_dir(home) and home.startswith('/home/'):
self.g.rm_rf(home)
- @sysprep()
- def cleanup_passwords(self, print_header=True):
+ @sysprep('Cleaning up password & locking all user accounts')
+ def cleanup_passwords(self):
"""Remove all passwords and lock all user accounts"""
- if print_header:
- self.out.output("Cleaning up passwords & locking all user "
- "accounts")
-
shadow = []
for line in self.g.cat('/etc/shadow').splitlines():
@@ -124,15 +116,12 @@ class Linux(Unix):
self.g.write('/etc/shadow', "\n".join(shadow) + '\n')
- @sysprep()
- def fix_acpid(self, print_header=True):
+ @sysprep('Fixing acpid powerdown action')
+ def fix_acpid(self):
"""Replace acpid powerdown action scripts to immediately shutdown the
system without checking if a GUI is running.
"""
- if print_header:
- self.out.output('Fixing acpid powerdown action')
-
powerbtn_action = '#!/bin/sh\n\nPATH=/sbin:/bin:/usr/bin\n' \
'shutdown -h now "Power button pressed"\n'
@@ -185,31 +174,25 @@ class Linux(Unix):
self.out.warn("No acpi power button event found!")
- @sysprep()
- def remove_persistent_net_rules(self, print_header=True):
+ @sysprep('Removing persistent network interface names')
+ def remove_persistent_net_rules(self):
"""Remove udev rules that will keep network interface names persistent
after hardware changes and reboots. Those rules will be created again
the next time the image runs.
"""
- if print_header:
- self.out.output('Removing persistent network interface names')
-
rule_file = '/etc/udev/rules.d/70-persistent-net.rules'
if self.g.is_file(rule_file):
self.g.rm(rule_file)
- @sysprep()
- def remove_swap_entry(self, print_header=True):
+ @sysprep('Removing swap entry from fstab')
+ def remove_swap_entry(self):
"""Remove swap entry from /etc/fstab. If swap is the last partition
then the partition will be removed when shrinking is performed. If the
swap partition is not the last partition in the disk or if you are not
going to shrink the image you should probably disable this.
"""
- if print_header:
- self.out.output('Removing swap entry from fstab')
-
new_fstab = ""
fstab = self.g.cat('/etc/fstab')
for line in fstab.splitlines():
@@ -222,16 +205,12 @@ class Linux(Unix):
self.g.write('/etc/fstab', new_fstab)
- @sysprep()
- def use_persistent_block_device_names(self, print_header=True):
+ @sysprep('Replacing fstab & grub non-persistent device references')
+ def use_persistent_block_device_names(self):
"""Scan fstab & grub configuration files and replace all non-persistent
device references with UUIDs.
"""
- if print_header:
- self.out.output("Replacing fstab & grub non-persistent device "
- "references")
-
# convert all devices in fstab to persistent
persistent_root = self._persistent_fstab()
@@ -331,7 +310,7 @@ class Linux(Unix):
def _get_passworded_users(self):
"""Returns a list of non-locked user accounts"""
users = []
- regexp = re.compile('(\S+):((?:!\S+)|(?:[^!*]\S+)|):(?:\S*:){6}')
+ regexp = re.compile(r'(\S+):((?:!\S+)|(?:[^!*]\S+)|):(?:\S*:){6}')
for line in self.g.cat('/etc/shadow').splitlines():
match = regexp.match(line)
diff --git a/image_creator/os_type/slackware.py b/image_creator/os_type/slackware.py
index e8f5a9ee7085d666f7e431accfc2c65fc7e46f15..c708515e077b563a2ff4ea79cf9b8dfc0583182a 100644
--- a/image_creator/os_type/slackware.py
+++ b/image_creator/os_type/slackware.py
@@ -40,13 +40,10 @@ from image_creator.os_type.linux import Linux, sysprep
class Slackware(Linux):
"""OS class for Slackware Linux"""
- @sysprep()
- def cleanup_log(self, print_header=True):
+ @sysprep("Emptying all files under /var/log")
+ def cleanup_log(self):
"""Empty all files under /var/log"""
- if print_header:
- self.out.output('Emptying all files under /var/log')
-
# In slackware the metadata about installed packages are
# stored in /var/log/packages. Clearing all /var/log files
# will destroy the package management system.
diff --git a/image_creator/os_type/ubuntu.py b/image_creator/os_type/ubuntu.py
index b5706fcefc87ea6aa65df6ed101761103350216b..bd2d6b5b5da7995448fa26a7678cca0f54125d5f 100644
--- a/image_creator/os_type/ubuntu.py
+++ b/image_creator/os_type/ubuntu.py
@@ -40,8 +40,6 @@ from image_creator.os_type.linux import Linux
class Ubuntu(Linux):
"""OS class for Ubuntu Linux variants"""
- def __init__(self, rootdev, ghandler, output):
- super(Ubuntu, self).__init__(rootdev, ghandler, output)
def _do_collect_metadata(self):
"""Collect metadata about the OS"""
diff --git a/image_creator/os_type/unix.py b/image_creator/os_type/unix.py
index 8b88b2fe60b92f1bdfaedd8080b44577cb5bca3a..504f2adb590f1da2aeccec75fb28bc355c3e390b 100644
--- a/image_creator/os_type/unix.py
+++ b/image_creator/os_type/unix.py
@@ -35,8 +35,6 @@
"""This module hosts OS-specific code common to all Unix-like OSs."""
-import re
-
from image_creator.os_type import OSBase, sysprep
@@ -87,58 +85,42 @@ class Unix(OSBase):
return True
- @sysprep()
- def cleanup_cache(self, print_header=True):
+ @sysprep('Removing files under /var/cache')
+ def cleanup_cache(self):
"""Remove all regular files under /var/cache"""
- if print_header:
- self.out.output('Removing files under /var/cache')
-
self._foreach_file('/var/cache', self.g.rm, ftype='r')
- @sysprep()
- def cleanup_tmp(self, print_header=True):
+ @sysprep('Removing files under /tmp and /var/tmp')
+ def cleanup_tmp(self):
"""Remove all files under /tmp and /var/tmp"""
- if print_header:
- self.out.output('Removing files under /tmp and /var/tmp')
-
self._foreach_file('/tmp', self.g.rm_rf, maxdepth=1)
self._foreach_file('/var/tmp', self.g.rm_rf, maxdepth=1)
- @sysprep()
- def cleanup_log(self, print_header=True):
+ @sysprep('Emptying all files under /var/log')
+ def cleanup_log(self):
"""Empty all files under /var/log"""
- if print_header:
- self.out.output('Emptying all files under /var/log')
-
self._foreach_file('/var/log', self.g.truncate, ftype='r')
- @sysprep(enabled=False)
- def cleanup_mail(self, print_header=True):
+ @sysprep('Removing files under /var/mail & /var/spool/mail', enabled=False)
+ def cleanup_mail(self):
"""Remove all files under /var/mail and /var/spool/mail"""
- if print_header:
- self.out.output('Removing files under /var/mail & /var/spool/mail')
-
if self.g.is_dir('/var/spool/mail'):
self._foreach_file('/var/spool/mail', self.g.rm_rf, maxdepth=1)
self._foreach_file('/var/mail', self.g.rm_rf, maxdepth=1)
- @sysprep()
- def cleanup_userdata(self, print_header=True):
+ @sysprep('Removing sensitive user data')
+ def cleanup_userdata(self):
"""Delete sensitive userdata"""
homedirs = ['/root']
if self.g.is_dir('/home/'):
homedirs += self._ls('/home/')
- if print_header:
- self.out.output("Removing sensitive user data under %s" %
- " ".join(homedirs))
-
for homedir in homedirs:
for data in self.sensitive_userdata:
fname = "%s/%s" % (homedir, data)
diff --git a/image_creator/os_type/windows.py b/image_creator/os_type/windows.py
index bf237c2b3f5ecbd7052d9151e416b4aec534c3de..6998d491ac623c56ed89889277d9d676620b58b4 100644
--- a/image_creator/os_type/windows.py
+++ b/image_creator/os_type/windows.py
@@ -36,15 +36,598 @@
"""This module hosts OS-specific code common for the various Microsoft
Windows OSs."""
-from image_creator.os_type import OSBase
+from image_creator.os_type import OSBase, sysprep, add_sysprep_param
+from image_creator.util import FatalError, check_guestfs_version, \
+ get_kvm_binary
+from image_creator.winexe import WinEXE, WinexeTimeout
import hivex
import tempfile
import os
+import signal
+import time
+import random
+import string
+import subprocess
+import struct
+
+# For more info see: http://technet.microsoft.com/en-us/library/jj612867.aspx
+KMS_CLIENT_SETUP_KEYS = {
+ "Windows 8 Professional": "NG4HW-VH26C-733KW-K6F98-J8CK4",
+ "Windows 8 Professional N": "XCVCF-2NXM9-723PB-MHCB7-2RYQQ",
+ "Windows 8 Enterprise": "32JNW-9KQ84-P47T8-D8GGY-CWCK7",
+ "Windows 8 Enterprise N": "JMNMF-RHW7P-DMY6X-RF3DR-X2BQT",
+ "Windows Server 2012 Core": "BN3D2-R7TKB-3YPBD-8DRP2-27GG4",
+ "Windows Server 2012 Core N": "8N2M2-HWPGY-7PGT9-HGDD8-GVGGY",
+ "Windows Server 2012 Core Single Language":
+ "2WN2H-YGCQR-KFX6K-CD6TF-84YXQ",
+ "Windows Server 2012 Core Country Specific":
+ "4K36P-JN4VD-GDC6V-KDT89-DYFKP",
+ "Windows Server 2012 Server Standard": "XC9B7-NBPP2-83J2H-RHMBY-92BT4",
+ "Windows Server 2012 Standard Core": "XC9B7-NBPP2-83J2H-RHMBY-92BT4",
+ "Windows Server 2012 MultiPoint Standard": "HM7DN-YVMH3-46JC3-XYTG7-CYQJJ",
+ "Windows Server 2012 MultiPoint Premium": "XNH6W-2V9GX-RGJ4K-Y8X6F-QGJ2G",
+ "Windows Server 2012 Datacenter": "48HP8-DN98B-MYWDG-T2DCC-8W83P",
+ "Windows Server 2012 Datacenter Core": "48HP8-DN98B-MYWDG-T2DCC-8W83P",
+ "Windows 7 Professional": "FJ82H-XT6CR-J8D7P-XQJJ2-GPDD4",
+ "Windows 7 Professional N": "MRPKT-YTG23-K7D7T-X2JMM-QY7MG",
+ "Windows 7 Professional E": "W82YF-2Q76Y-63HXB-FGJG9-GF7QX",
+ "Windows 7 Enterprise": "33PXH-7Y6KF-2VJC9-XBBR8-HVTHH",
+ "Windows 7 Enterprise N": "YDRBP-3D83W-TY26F-D46B2-XCKRJ",
+ "Windows 7 Enterprise E": "C29WB-22CC8-VJ326-GHFJW-H9DH4",
+ "Windows Server 2008 R2 Web": "6TPJF-RBVHG-WBW2R-86QPH-6RTM4",
+ "Windows Server 2008 R2 HPC edition": "TT8MH-CG224-D3D7Q-498W2-9QCTX",
+ "Windows Server 2008 R2 Standard": "YC6KT-GKW9T-YTKYR-T4X34-R7VHC",
+ "Windows Server 2008 R2 Enterprise": "489J6-VHDMP-X63PK-3K798-CPX3Y",
+ "Windows Server 2008 R2 Datacenter": "74YFP-3QFB3-KQT8W-PMXWJ-7M648",
+ "Windows Server 2008 R2 for Itanium-based Systems":
+ "GT63C-RJFQ3-4GMB6-BRFB9-CB83V",
+ "Windows Vista Business": "YFKBB-PQJJV-G996G-VWGXY-2V3X8",
+ "Windows Vista Business N": "HMBQG-8H2RH-C77VX-27R82-VMQBT",
+ "Windows Vista Enterprise": "VKK3X-68KWM-X2YGT-QR4M6-4BWMV",
+ "Windows Vista Enterprise N": "VTC42-BM838-43QHV-84HX6-XJXKV",
+ "Windows Web Server 2008": "WYR28-R7TFJ-3X2YQ-YCY4H-M249D",
+ "Windows Server 2008 Standard": "TM24T-X9RMF-VWXK6-X8JC9-BFGM2",
+ "Windows Server 2008 Standard without Hyper-V":
+ "W7VD6-7JFBR-RX26B-YKQ3Y-6FFFJ",
+ "Windows Server 2008 Enterprise":
+ "YQGMW-MPWTJ-34KDK-48M3W-X4Q6V",
+ "Windows Server 2008 Enterprise without Hyper-V":
+ "39BXF-X8Q23-P2WWT-38T2F-G3FPG",
+ "Windows Server 2008 HPC": "RCTX3-KWVHP-BR6TB-RB6DM-6X7HP",
+ "Windows Server 2008 Datacenter": "7M67G-PC374-GR742-YH8V4-TCBY3",
+ "Windows Server 2008 Datacenter without Hyper-V":
+ "22XQ2-VRXRG-P8D42-K34TD-G3QQC",
+ "Windows Server 2008 for Itanium-Based Systems":
+ "4DWFP-JF3DJ-B7DTH-78FJB-PDRHK"}
+
+_POSINT = lambda x: type(x) == int and x >= 0
class Windows(OSBase):
"""OS class for Windows"""
+ @add_sysprep_param(
+ 'shutdown_timeout', int, 120, "Shutdown Timeout (seconds)", _POSINT)
+ @add_sysprep_param(
+ 'boot_timeout', int, 300, "Boot Timeout (seconds)", _POSINT)
+ @add_sysprep_param(
+ 'connection_retries', int, 5, "Connection Retries", _POSINT)
+ @add_sysprep_param('password', str, None, 'Image Administrator Password')
+ def __init__(self, image, **kargs):
+ super(Windows, self).__init__(image, **kargs)
+
+ device = self.g.part_to_dev(self.root)
+
+ self.last_part_num = self.g.part_list(device)[-1]['part_num']
+ self.last_drive = None
+ self.system_drive = None
+
+ for drive, partition in self.g.inspect_get_drive_mappings(self.root):
+ if partition == "%s%d" % (device, self.last_part_num):
+ self.last_drive = drive
+ if partition == self.root:
+ self.system_drive = drive
+
+ assert self.system_drive
+
+ self.product_name = self.g.inspect_get_product_name(self.root)
+ self.syspreped = False
+
+ @sysprep('Disabling IPv6 privacy extensions')
+ def disable_ipv6_privacy_extensions(self):
+ """Disable IPv6 privacy extensions"""
+
+ self._guest_exec('netsh interface ipv6 set global '
+ 'randomizeidentifiers=disabled store=persistent')
+
+ @sysprep('Disabling Teredo interface')
+ def disable_teredo(self):
+ """Disable Teredo interface"""
+
+ self._guest_exec('netsh interface teredo set state disabled')
+
+ @sysprep('Disabling ISATAP Adapters')
+ def disable_isatap(self):
+ """Disable ISATAP Adapters"""
+
+ self._guest_exec('netsh interface isa set state disabled')
+
+ @sysprep('Enabling ping responses')
+ def enable_pings(self):
+ """Enable ping responses"""
+
+ self._guest_exec('netsh firewall set icmpsetting 8')
+
+ @sysprep('Disabling hibernation support')
+ def disable_hibernation(self):
+ """Disable hibernation support and remove the hibernation file"""
+
+ self._guest_exec(r'powercfg.exe /hibernate off')
+
+ @sysprep('Setting the system clock to UTC')
+ def utc(self):
+ """Set the hardware clock to UTC"""
+
+ path = r'HKLM\SYSTEM\CurrentControlSet\Control\TimeZoneInformation'
+ self._guest_exec(
+ r'REG ADD %s /v RealTimeIsUniversal /t REG_DWORD /d 1 /f' % path)
+
+ @sysprep('Clearing the event logs')
+ def clear_logs(self):
+ """Clear all the event logs"""
+
+ self._guest_exec(
+ r"cmd /q /c for /f %l in ('wevtutil el') do wevtutil cl %l")
+
+ @sysprep('Executing Sysprep on the image (may take more that 10 minutes)')
+ def microsoft_sysprep(self):
+ """Run the Microsoft System Preparation Tool. This will remove
+ system-specific data and will make the image ready to be deployed.
+ After this no other task may run.
+ """
+
+ self._guest_exec(r'C:\Windows\system32\sysprep\sysprep '
+ r'/quiet /generalize /oobe /shutdown')
+ self.syspreped = True
+
+ @sysprep('Converting the image into a KMS client', enabled=False)
+ def kms_client_setup(self):
+ """Install the appropriate KMS client setup key to the image to convert
+ it to a KMS client. Computers that are running volume licensing
+ editions of Windows 8, Windows Server 2012, Windows 7, Windows Server
+ 2008 R2, Windows Vista, and Windows Server 2008 are, by default, KMS
+ clients with no additional configuration needed.
+ """
+ try:
+ setup_key = KMS_CLIENT_SETUP_KEYS[self.product_name]
+ except KeyError:
+ self.out.warn(
+ "Don't know the KMS client setup key for product: `%s'" %
+ self.product_name)
+ return
+
+ self._guest_exec(
+ r"cscript \Windows\system32\slmgr.vbs /ipk %s" % setup_key)
+
+ @sysprep('Shrinking the last filesystem')
+ def shrink(self):
+ """Shrink the last filesystem. Make sure the filesystem is defragged"""
+
+ # Query for the maximum number of reclaimable bytes
+ cmd = (
+ r'cmd /Q /V:ON /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
+ r'ECHO SELECT DISK 0 > %SCRIPT% & ' +
+ 'ECHO SELECT PARTITION %d >> %%SCRIPT%% & ' % self.last_part_num +
+ r'ECHO SHRINK QUERYMAX >> %SCRIPT% & ' +
+ r'ECHO EXIT >> %SCRIPT% & ' +
+ r'DISKPART /S %SCRIPT% & ' +
+ r'IF NOT !ERRORLEVEL! EQU 0 EXIT /B 1 & ' +
+ r'DEL /Q %SCRIPT%"')
+
+ stdout, stderr, rc = self._guest_exec(cmd)
+
+ querymax = None
+ for line in stdout.splitlines():
+ # diskpart will return something like this:
+ #
+ # The maximum number of reclaimable bytes is: xxxx MB
+ #
+ if line.find('reclaimable') >= 0:
+ querymax = line.split(':')[1].split()[0].strip()
+ assert querymax.isdigit(), \
+ "Number of reclaimable bytes not a number"
+
+ if querymax is None:
+ FatalError("Error in shrinking! "
+ "Couldn't find the max number of reclaimable bytes!")
+
+ querymax = int(querymax)
+ # From ntfsresize:
+ # Practically the smallest shrunken size generally is at around
+ # "used space" + (20-200 MB). Please also take into account that
+ # Windows might need about 50-100 MB free space left to boot safely.
+ # I'll give 100MB extra space just to be sure
+ querymax -= 100
+
+ if querymax < 0:
+ self.out.warn("Not enought available space to shrink the image!")
+ return
+
+ self.out.output("\tReclaiming %dMB ..." % querymax)
+
+ cmd = (
+ r'cmd /Q /V:ON /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
+ r'ECHO SELECT DISK 0 > %SCRIPT% & ' +
+ 'ECHO SELECT PARTITION %d >> %%SCRIPT%% & ' % self.last_part_num +
+ 'ECHO SHRINK DESIRED=%d >> %%SCRIPT%% & ' % querymax +
+ r'ECHO EXIT >> %SCRIPT% & ' +
+ r'DISKPART /S %SCRIPT% & ' +
+ r'IF NOT !ERRORLEVEL! EQU 0 EXIT /B 1 & ' +
+ r'DEL /Q %SCRIPT%"')
+
+ stdout, stderr, rc = self._guest_exec(cmd)
+
+ for line in stdout.splitlines():
+ if line.find('shrunk') >= 0:
+ self.out.output(line)
+
+ def do_sysprep(self):
+ """Prepare system for image creation."""
+
+ if getattr(self, 'syspreped', False):
+ raise FatalError("Image is already syspreped!")
+
+ txt = "System preparation parameter: `%s' is needed but missing!"
+ for name, param in self.needed_sysprep_params.items():
+ if name not in self.sysprep_params:
+ raise FatalError(txt % param)
+
+ self.mount(readonly=False)
+ try:
+ disabled_uac = self._update_uac_remote_setting(1)
+ token = self._enable_os_monitor()
+
+ # disable the firewalls
+ firewall_states = self._update_firewalls(0, 0, 0)
+
+ # Delete the pagefile. It will be recreated when the system boots
+ systemroot = self.g.inspect_get_windows_systemroot(self.root)
+ pagefile = "%s/pagefile.sys" % systemroot
+ self.g.rm_rf(self.g.case_sensitive_path(pagefile))
+
+ finally:
+ self.umount()
+
+ self.out.output("Shutting down helper VM ...", False)
+ self.g.sync()
+ # guestfs_shutdown which is the prefered way to shutdown the backend
+ # process was introduced in version 1.19.16
+ if check_guestfs_version(self.g, 1, 19, 16) >= 0:
+ self.g.shutdown()
+ else:
+ self.g.kill_subprocess()
+
+ self.out.success('done')
+
+ vm = None
+ monitor = None
+ try:
+ self.out.output("Starting windows VM ...", False)
+ monitorfd, monitor = tempfile.mkstemp()
+ os.close(monitorfd)
+ vm = _VM(self.image.device, monitor, self.sysprep_params)
+ self.out.success("started (console on vnc display: %d)." %
+ vm.display)
+
+ self.out.output("Waiting for OS to boot ...", False)
+ self._wait_vm_boot(vm, monitor, token)
+ self.out.success('done')
+
+ self.out.output("Checking connectivity to the VM ...", False)
+ self._check_connectivity()
+ self.out.success('done')
+
+ self.out.output("Disabling automatic logon ...", False)
+ self._disable_autologon()
+ self.out.success('done')
+
+ self.out.output('Preparing system for image creation:')
+
+ tasks = self.list_syspreps()
+ enabled = [task for task in tasks if task.enabled]
+ size = len(enabled)
+
+ # Make sure shrink runs in the end, before ms sysprep
+ enabled = [task for task in enabled if
+ self.sysprep_info(task).name != 'shrink']
+
+ if len(enabled) != size:
+ enabled.append(self.shrink)
+
+ # Make sure the ms sysprep is the last task to run if it is enabled
+ enabled = [task for task in enabled if
+ self.sysprep_info(task).name != 'microsoft-sysprep']
+
+ ms_sysprep_enabled = False
+ if len(enabled) != size:
+ enabled.append(self.microsoft_sysprep)
+ ms_sysprep_enabled = True
+
+ cnt = 0
+ for task in enabled:
+ cnt += 1
+ self.out.output(('(%d/%d)' % (cnt, size)).ljust(7), False)
+ task()
+ setattr(task.im_func, 'executed', True)
+
+ self.out.output("Sending shut down command ...", False)
+ if not ms_sysprep_enabled:
+ self._shutdown()
+ self.out.success("done")
+
+ self.out.output("Waiting for windows to shut down ...", False)
+ vm.wait(self.sysprep_params['shutdown_timeout'])
+ self.out.success("done")
+ finally:
+ if monitor is not None:
+ os.unlink(monitor)
+
+ try:
+ if vm is not None:
+ self.out.output("Destroying windows VM ...", False)
+ vm.destroy()
+ self.out.success("done")
+ finally:
+ self.out.output("Relaunching helper VM (may take a while) ...",
+ False)
+ self.g.launch()
+ self.out.success('done')
+
+ self.mount(readonly=False)
+ try:
+ if disabled_uac:
+ self._update_uac_remote_setting(0)
+
+ self._update_firewalls(*firewall_states)
+ finally:
+ self.umount()
+
+ def _shutdown(self):
+ """Shuts down the windows VM"""
+ self._guest_exec(r'shutdown /s /t 5')
+
+ def _wait_vm_boot(self, vm, fname, msg):
+ """Wait until a message appears on a file or the vm process dies"""
+
+ for _ in range(self.sysprep_params['boot_timeout']):
+ time.sleep(1)
+ with open(fname) as f:
+ for line in f:
+ if line.startswith(msg):
+ return True
+ if not vm.isalive():
+ raise FatalError("Windows VM died unexpectedly!")
+
+ raise FatalError("Windows VM booting timed out!")
+
+ def _disable_autologon(self):
+ """Disable automatic logon on the windows image"""
+
+ winlogon = \
+ r'"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"'
+
+ self._guest_exec('REG DELETE %s /v DefaultUserName /f' % winlogon)
+ self._guest_exec('REG DELETE %s /v DefaultPassword /f' % winlogon)
+ self._guest_exec('REG DELETE %s /v AutoAdminLogon /f' % winlogon)
+
+ def _registry_file_path(self, regfile):
+ """Retrieves the case sensitive path to a registry file"""
+
+ systemroot = self.g.inspect_get_windows_systemroot(self.root)
+ path = "%s/system32/config/%s" % (systemroot, regfile)
+ try:
+ path = self.g.case_sensitive_path(path)
+ except RuntimeError as error:
+ raise FatalError("Unable to retrieve registry file: %s. Reason: %s"
+ % (regfile, str(error)))
+ return path
+
+ def _enable_os_monitor(self):
+ """Add a script in the registry that will send a random string to the
+ first serial port when the windows image finishes booting.
+ """
+
+ token = "".join(random.choice(string.ascii_letters) for x in range(16))
+
+ path = self._registry_file_path('SOFTWARE')
+ softwarefd, software = tempfile.mkstemp()
+ try:
+ os.close(softwarefd)
+ self.g.download(path, software)
+
+ h = hivex.Hivex(software, write=True)
+
+ # Enable automatic logon.
+ # This is needed because we need to execute a script that we add in
+ # the RunOnce registry entry and those programs only get executed
+ # when a user logs on. There is a RunServicesOnce registry entry
+ # whose keys get executed in the background when the logon dialog
+ # box first appears, but they seem to only work with services and
+ # not arbitrary command line expressions :-(
+ #
+ # Instructions on how to turn on automatic logon in Windows can be
+ # found here: http://support.microsoft.com/kb/324737
+ #
+ # Warning: Registry change will not work if the “Logon Banner†is
+ # defined on the server either by a Group Policy object (GPO) or by
+ # a local policy.
+
+ winlogon = h.root()
+ for child in ('Microsoft', 'Windows NT', 'CurrentVersion',
+ 'Winlogon'):
+ winlogon = h.node_get_child(winlogon, child)
+
+ h.node_set_value(
+ winlogon,
+ {'key': 'DefaultUserName', 't': 1,
+ 'value': "Administrator".encode('utf-16le')})
+ h.node_set_value(
+ winlogon,
+ {'key': 'DefaultPassword', 't': 1,
+ 'value': self.sysprep_params['password'].encode('utf-16le')})
+ h.node_set_value(
+ winlogon,
+ {'key': 'AutoAdminLogon', 't': 1,
+ 'value': "1".encode('utf-16le')})
+
+ key = h.root()
+ for child in ('Microsoft', 'Windows', 'CurrentVersion'):
+ key = h.node_get_child(key, child)
+
+ runonce = h.node_get_child(key, "RunOnce")
+ if runonce is None:
+ runonce = h.node_add_child(key, "RunOnce")
+
+ value = (
+ r'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe '
+ r'-ExecutionPolicy RemoteSigned '
+ r'"&{$port=new-Object System.IO.Ports.SerialPort COM1,9600,'
+ r'None,8,one;$port.open();$port.WriteLine(\"' + token + r'\");'
+ r'$port.Close()}"').encode('utf-16le')
+
+ h.node_set_value(runonce,
+ {'key': "BootMonitor", 't': 1, 'value': value})
+
+ value = (
+ r'REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion'
+ r'\policies\system /v LocalAccountTokenFilterPolicy'
+ r' /t REG_DWORD /d 1 /f').encode('utf-16le')
+
+ h.node_set_value(runonce,
+ {'key': "UpdateRegistry", 't': 1, 'value': value})
+
+ h.commit(None)
+
+ self.g.upload(software, path)
+ finally:
+ os.unlink(software)
+
+ return token
+
+ def _update_firewalls(self, domain, public, standard):
+ """Enables or disables the firewall for the Domain, the Public and the
+ Standard profile. Returns a triplete with the old values.
+
+ 1 will enable a firewall and 0 will disable it
+ """
+
+ if domain not in (0, 1):
+ raise ValueError("Valid values for domain parameter are 0 and 1")
+
+ if public not in (0, 1):
+ raise ValueError("Valid values for public parameter are 0 and 1")
+
+ if standard not in (0, 1):
+ raise ValueError("Valid values for standard parameter are 0 and 1")
+
+ path = self._registry_file_path("SYSTEM")
+ systemfd, system = tempfile.mkstemp()
+ try:
+ os.close(systemfd)
+ self.g.download(path, system)
+
+ h = hivex.Hivex(system, write=True)
+
+ select = h.node_get_child(h.root(), 'Select')
+ current_value = h.node_get_value(select, 'Current')
+
+ # expecting a little endian dword
+ assert h.value_type(current_value)[1] == 4
+ current = "%03d" % h.value_dword(current_value)
+
+ firewall_policy = h.root()
+ for child in ('ControlSet%s' % current, 'services', 'SharedAccess',
+ 'Parameters', 'FirewallPolicy'):
+ firewall_policy = h.node_get_child(firewall_policy, child)
+
+ old_values = []
+ new_values = [domain, public, standard]
+ for profile in ('Domain', 'Public', 'Standard'):
+ node = h.node_get_child(firewall_policy, '%sProfile' % profile)
+
+ old_value = h.node_get_value(node, 'EnableFirewall')
+
+ # expecting a little endian dword
+ assert h.value_type(old_value)[1] == 4
+ old_values.append(h.value_dword(old_value))
+
+ h.node_set_value(
+ node, {'key': 'EnableFirewall', 't': 4L,
+ 'value': struct.pack("<I", new_values.pop(0))})
+
+ h.commit(None)
+ self.g.upload(system, path)
+
+ finally:
+ os.unlink(system)
+
+ return old_values
+
+ def _update_uac_remote_setting(self, value):
+ """Updates the registry key value:
+ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies
+ \System]"LocalAccountTokenFilterPolicy"
+
+ value = 1 will disable the UAC remote restrictions
+ value = 0 will enable the UAC remote restrictions
+
+ For more info see here: http://support.microsoft.com/kb/951016
+
+ Returns:
+ True if the key is changed
+ False if the key is unchanged
+ """
+
+ if value not in (0, 1):
+ raise ValueError("Valid values for value parameter are 0 and 1")
+
+ path = self._registry_file_path('SOFTWARE')
+ softwarefd, software = tempfile.mkstemp()
+ try:
+ os.close(softwarefd)
+ self.g.download(path, software)
+
+ h = hivex.Hivex(software, write=True)
+
+ key = h.root()
+ for child in ('Microsoft', 'Windows', 'CurrentVersion', 'Policies',
+ 'System'):
+ key = h.node_get_child(key, child)
+
+ policy = None
+ for val in h.node_values(key):
+ if h.value_key(val) == "LocalAccountTokenFilterPolicy":
+ policy = val
+
+ if policy is not None:
+ dword = h.value_dword(policy)
+ if dword == value:
+ return False
+ elif value == 0:
+ return False
+
+ new_value = {'key': "LocalAccountTokenFilterPolicy", 't': 4L,
+ 'value': struct.pack("<I", value)}
+
+ h.node_set_value(key, new_value)
+ h.commit(None)
+
+ self.g.upload(software, path)
+
+ finally:
+ os.unlink(software)
+
+ return True
def _do_collect_metadata(self):
"""Collect metadata about the OS"""
@@ -55,25 +638,184 @@ class Windows(OSBase):
"""Returns a list of users found in the images"""
samfd, sam = tempfile.mkstemp()
try:
- systemroot = self.g.inspect_get_windows_systemroot(self.root)
- path = "%s/system32/config/sam" % systemroot
- path = self.g.case_sensitive_path(path)
- self.g.download(path, sam)
+ os.close(samfd)
+ self.g.download(self._registry_file_path('SAM'), sam)
h = hivex.Hivex(sam)
- key = h.root()
+ # Navigate to /SAM/Domains/Account/Users
+ users_node = h.root()
+ for child in ('SAM', 'Domains', 'Account', 'Users'):
+ users_node = h.node_get_child(users_node, child)
# Navigate to /SAM/Domains/Account/Users/Names
- for child in ('SAM', 'Domains', 'Account', 'Users', 'Names'):
- key = h.node_get_child(key, child)
+ names_node = h.node_get_child(users_node, 'Names')
+
+ # HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\%RID%
+ # HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names\%Username%
+ #
+ # The RID (relative identifier) of each user is stored as the type!
+ # (not the value) of the default key of the node under Names whose
+ # name is the user's username. Under the RID node, there in a F
+ # value that contains information about this user account.
+ #
+ # See sam.h of the chntpw project on how to translate the F value
+ # of an account in the registry. Bytes 56 & 57 are the account type
+ # and status flags. The first bit is the 'account disabled' bit
+ disabled = lambda f: int(f[56].encode('hex'), 16) & 0x01
+
+ users = []
+ for user_node in h.node_children(names_node):
+ username = h.node_name(user_node)
+ rid = h.value_type(h.node_get_value(user_node, ""))[0]
+ # if RID is 500 (=0x1f4), the corresponding node name under
+ # Users is '000001F4'
+ key = ("%8.x" % rid).replace(' ', '0').upper()
+ rid_node = h.node_get_child(users_node, key)
+ f_value = h.value_value(h.node_get_value(rid_node, 'F'))[1]
- users = [h.node_name(x) for x in h.node_children(key)]
+ if disabled(f_value):
+ self.out.warn("Found disabled `%s' account!" % username)
+ continue
+
+ users.append(username)
finally:
os.unlink(sam)
# Filter out the guest account
- return filter(lambda x: x != "Guest", users)
+ return users
+
+ def _check_connectivity(self):
+ """Check if winexe works on the Windows VM"""
+
+ retries = self.sysprep_params['connection_retries']
+ # If the connection_retries parameter is set to 0 disable the
+ # connectivity check
+ if retries == 0:
+ return True
+
+ passwd = self.sysprep_params['password']
+ winexe = WinEXE('Administrator', passwd, 'localhost')
+ winexe.uninstall().debug(9)
+
+ for i in range(retries):
+ (stdout, stderr, rc) = winexe.run('cmd /C')
+ if rc == 0:
+ return True
+ log = tempfile.NamedTemporaryFile(delete=False)
+ try:
+ log.file.write(stdout)
+ finally:
+ log.close()
+ self.out.output("failed! See: `%s' for the full output" % log.name)
+ if i < retries - 1:
+ self.out.output("retrying ...", False)
+
+ raise FatalError("Connection to the Windows VM failed after %d retries"
+ % retries)
+
+ def _guest_exec(self, command, fatal=True):
+ """Execute a command on a windows VM"""
+
+ passwd = self.sysprep_params['password']
+
+ winexe = WinEXE('Administrator', passwd, 'localhost')
+ winexe.runas('Administrator', passwd).uninstall()
+
+ try:
+ (stdout, stderr, rc) = winexe.run(command)
+ except WinexeTimeout:
+ FatalError("Command: `%s' timeout out." % command)
+
+ if rc != 0 and fatal:
+ reason = stderr if len(stderr) else stdout
+ self.out.output("Command: `%s' failed (rc=%d). Reason: %s" %
+ (command, rc, reason))
+ raise FatalError("Command: `%s' failed (rc=%d). Reason: %s" %
+ (command, rc, reason))
+
+ return (stdout, stderr, rc)
+
+
+class _VM(object):
+ """Windows Virtual Machine"""
+ def __init__(self, disk, serial, params):
+ """Create _VM instance
+
+ disk: VM's hard disk
+ serial: File to save the output of the serial port
+ """
+
+ self.disk = disk
+ self.serial = serial
+ self.params = params
+
+ def random_mac():
+ """creates a random mac address"""
+ mac = [0x00, 0x16, 0x3e,
+ random.randint(0x00, 0x7f),
+ random.randint(0x00, 0xff),
+ random.randint(0x00, 0xff)]
+
+ return ':'.join(['%02x' % x for x in mac])
+
+ # Use ganeti's VNC port range for a random vnc port
+ self.display = random.randint(11000, 14999) - 5900
+
+ kvm = get_kvm_binary()
+
+ if kvm is None:
+ FatalError("Can't find the kvm binary")
+
+ args = [
+ kvm, '-smp', '1', '-m', '1024', '-drive',
+ 'file=%s,format=raw,cache=unsafe,if=virtio' % self.disk,
+ '-netdev', 'type=user,hostfwd=tcp::445-:445,id=netdev0',
+ '-device', 'virtio-net-pci,mac=%s,netdev=netdev0' % random_mac(),
+ '-vnc', ':%d' % self.display, '-serial', 'file:%s' % self.serial,
+ '-monitor', 'stdio']
+
+ self.process = subprocess.Popen(args, stdin=subprocess.PIPE,
+ stdout=subprocess.PIPE)
+
+ def isalive(self):
+ """Check if the VM is still alive"""
+ return self.process.poll() is None
+
+ def destroy(self):
+ """Destroy the VM"""
+
+ if not self.isalive():
+ return
+
+ def handler(signum, frame):
+ self.process.terminate()
+ time.sleep(1)
+ if self.isalive():
+ self.process.kill()
+ self.process.wait()
+ raise FatalError("VM destroy timed-out")
+
+ signal.signal(signal.SIGALRM, handler)
+
+ signal.alarm(self.params['shutdown_timeout'])
+ self.process.communicate(input="system_powerdown\n")
+ signal.alarm(0)
+
+ def wait(self, timeout=0):
+ """Wait for the VM to terminate"""
+
+ def handler(signum, frame):
+ self.destroy()
+ raise FatalError("VM wait timed-out.")
+
+ signal.signal(signal.SIGALRM, handler)
+
+ signal.alarm(timeout)
+ stdout, stderr = self.process.communicate()
+ signal.alarm(0)
+
+ return (stdout, stderr, self.process.poll())
# vim: set sta sts=4 shiftwidth=4 sw=4 et ai :
diff --git a/image_creator/util.py b/image_creator/util.py
index fb0d0fa0b319c3c52c25a262de23eee1695f499e..fcf5dd526fa9683c420b02f92439d319f6e215c3 100644
--- a/image_creator/util.py
+++ b/image_creator/util.py
@@ -41,6 +41,7 @@ import sh
import hashlib
import time
import os
+import re
class FatalError(Exception):
@@ -63,6 +64,24 @@ def get_command(command):
return find_sbin_command(command, e)
+def get_kvm_binary():
+ """Returns the path to the kvm binary"""
+
+ uname = get_command('uname')
+ which = get_command('which')
+
+ machine = str(uname('-m'))
+ if re.match('i[3-6]86', machine):
+ machine = 'i386'
+
+ binary = which('qemu-system-%s' % machine)
+
+ if binary is None:
+ return which('kvm')
+
+ return binary
+
+
def try_fail_repeat(command, *args):
"""Execute a command multiple times until it succeeds"""
times = (0.1, 0.5, 1, 2)
@@ -87,6 +106,26 @@ def free_space(dirname):
return stat.f_bavail * stat.f_frsize
+def check_guestfs_version(ghandler, major, minor, release):
+ """Checks if the version of the used libguestfs is smaller, equal or
+ greater than the one specified by the major, minor and release triplet
+
+ Returns:
+ < 0 if the installed version is smaller than the specified one
+ = 0 if they are equal
+ > 0 if the installed one is greater than the specified one
+ """
+
+ ver = ghandler.version()
+
+ for (a, b) in (ver['major'], major), (ver['minor'], minor), \
+ (ver['release'], release):
+ if a != b:
+ return a - b
+
+ return 0
+
+
class MD5:
"""Represents MD5 computations"""
def __init__(self, output):
diff --git a/image_creator/winexe.py b/image_creator/winexe.py
new file mode 100644
index 0000000000000000000000000000000000000000..ebac40931b0671cc08fea8518d58411b13faeb1c
--- /dev/null
+++ b/image_creator/winexe.py
@@ -0,0 +1,123 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright 2013 GRNET S.A. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or
+# without modification, are permitted provided that the following
+# conditions are met:
+#
+# 1. Redistributions of source code must retain the above
+# copyright notice, this list of conditions and the following
+# disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials
+# provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
+# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+# The views and conclusions contained in the software and
+# documentation are those of the authors and should not be
+# interpreted as representing official policies, either expressed
+# or implied, of GRNET S.A.
+
+"""This module provides an interface for the WinEXE utility"""
+
+import subprocess
+import time
+import signal
+
+from image_creator.util import FatalError
+
+
+class WinexeTimeout(FatalError):
+ """Raised when a WinExE command times-out"""
+ pass
+
+
+class WinEXE:
+ """Wrapper class for the winexe command"""
+
+ def __init__(self, username, password, hostname, program='winexe'):
+ self._host = hostname
+ self._user = username
+ self._pass = password
+ self._prog = program
+
+ # -U USERNAME[%PASSWORD]
+ user = '%s%s' % (self._user, '%%%s' % self._pass if self._pass else "")
+ self._opts = ['-U', user]
+
+ def reset(self):
+ """Reset all winexe options"""
+
+ # -U USERNAME[%PASSWORD]
+ user = '%s%s' % (self._user, '%%%s' % self._pass if self._pass else "")
+ self._opts = ['-U', user]
+
+ def runas(self, username, password):
+ """Run command as this user"""
+ self._opts.append('--runas=%s%%%s' % (username, password))
+ return self
+
+ def system(self):
+ """Use SYSTEM account"""
+ self._opts.append('--system')
+ return self
+
+ def uninstall(self):
+ """Uninstall winexe service after remote execution"""
+ self._opts.append('--uninstall')
+ return self
+
+ def reinstall(self):
+ """Reinstall winexe service before remote execution"""
+ self._opts.append('--reinstall')
+ return self
+
+ def debug(self, level):
+ """Set debug level"""
+ self._opts.append('--debuglevel=%d' % level)
+ return self
+
+ def debug_stderr(self):
+ """Send debug output to STDERR"""
+ self._opts.append('--debug-stderr')
+
+ def run(self, command, timeout=0):
+ """Run a command on a remote windows system"""
+
+ args = [self._prog] + self._opts + ["//%s" % self._host] + [command]
+ run = subprocess.Popen(args, stdout=subprocess.PIPE,
+ stderr=subprocess.PIPE)
+
+ def handler(signum, frame):
+ run.terminate()
+ time.sleep(1)
+ run.poll()
+ if run.returncode is None:
+ run.kill()
+ run.wait()
+ raise WinexeTimeout("Command: `%s' timed-out" % " ".join(args))
+
+ signal.signal(signal.SIGALRM, handler)
+ signal.alarm(timeout)
+ stdout, stderr = run.communicate()
+ rc = run.poll()
+ signal.alarm(0)
+
+ return (stdout, stderr, rc)
+
+# vim: set sta sts=4 shiftwidth=4 sw=4 et ai :