]> git.decadent.org.uk Git - dak.git/blob - dak/new_security_install.py
Add the /etc/ version of our conf to git
[dak.git] / dak / new_security_install.py
1 #!/usr/bin/env python
2
3 """ Wrapper for Debian Security team """
4 # Copyright (C) 2006  Anthony Towns <ajt@debian.org>
5
6 # This program is free software; you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 2 of the License, or
9 # (at your option) any later version.
10
11 # This program is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14 # General Public License for more details.
15
16 # You should have received a copy of the GNU General Public License
17 # along with this program; if not, write to the Free Software
18 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19 # USA
20
21 ################################################################################
22
23 import apt_pkg, os, sys, pwd, time, commands
24
25 from daklib import queue
26 from daklib import daklog
27 from daklib import utils
28 from daklib.dbconn import DBConn, get_build_queue, get_suite_architectures
29 from daklib.regexes import re_taint_free
30
31 Cnf = None
32 Options = None
33 Upload = None
34 Logger = None
35
36 advisory = None
37 changes = []
38 srcverarches = {}
39
40 def init():
41     global Cnf, Upload, Options, Logger
42
43     Cnf = utils.get_conf()
44     Cnf["Dinstall::Options::No-Mail"] = "y"
45     Arguments = [('h', "help", "Security-Install::Options::Help"),
46                  ('a', "automatic", "Security-Install::Options::Automatic"),
47                  ('n', "no-action", "Security-Install::Options::No-Action"),
48                  ('s', "sudo", "Security-Install::Options::Sudo"),
49                  (' ', "no-upload", "Security-Install::Options::No-Upload"),
50                  ('u', "fg-upload", "Security-Install::Options::Foreground-Upload"),
51                  (' ', "drop-advisory", "Security-Install::Options::Drop-Advisory"),
52                  ('A', "approve", "Security-Install::Options::Approve"),
53                  ('R', "reject", "Security-Install::Options::Reject"),
54                  ('D', "disembargo", "Security-Install::Options::Disembargo") ]
55
56     for i in Arguments:
57         Cnf[i[2]] = ""
58
59     arguments = apt_pkg.ParseCommandLine(Cnf, Arguments, sys.argv)
60
61     Options = Cnf.SubTree("Security-Install::Options")
62
63     username = utils.getusername()
64     if username != "dak":
65         print "Non-dak user: %s" % username
66         Options["Sudo"] = "y"
67
68     if Options["Help"]:
69         print "help yourself"
70         sys.exit(0)
71
72     if len(arguments) == 0:
73         utils.fubar("Process what?")
74
75     Upload = queue.Upload(Cnf)
76     if Options["No-Action"]:
77         Options["Sudo"] = ""
78     if not Options["Sudo"] and not Options["No-Action"]:
79         Logger = Upload.Logger = daklog.Logger(Cnf, "new-security-install")
80
81     return arguments
82
83 def quit():
84     if Logger:
85         Logger.close()
86     sys.exit(0)
87
88 def load_args(arguments):
89     global advisory, changes
90
91     adv_ids = {}
92     if not arguments[0].endswith(".changes"):
93         adv_ids [arguments[0]] = 1
94         arguments = arguments[1:]
95
96     null_adv_changes = []
97
98     changesfiles = {}
99     for a in arguments:
100         if "/" in a:
101             utils.fubar("can only deal with files in the current directory")
102         if not a.endswith(".changes"):
103             utils.fubar("not a .changes file: %s" % (a))
104         Upload.init_vars()
105         Upload.pkg.changes_file = a
106         Upload.update_vars()
107         if "adv id" in Upload.pkg.changes:
108             changesfiles[a] = 1
109             adv_ids[Upload.pkg.changes["adv id"]] = 1
110         else:
111             null_adv_changes.append(a)
112
113     adv_ids = adv_ids.keys()
114     if len(adv_ids) > 1:
115         utils.fubar("multiple advisories selected: %s" % (", ".join(adv_ids)))
116     if adv_ids == []:
117         advisory = None
118     else:
119         advisory = adv_ids[0]
120
121     changes = changesfiles.keys()
122     return null_adv_changes
123
124 def load_adv_changes():
125     global srcverarches, changes
126
127     for c in os.listdir("."):
128         if not c.endswith(".changes"): continue
129         Upload.init_vars()
130         Upload.pkg.changes_file = c
131         Upload.update_vars()
132         if "adv id" not in Upload.pkg.changes:
133             continue
134         if Upload.pkg.changes["adv id"] != advisory:
135             continue
136
137         if c not in changes: changes.append(c)
138         srcver = "%s %s" % (Upload.pkg.changes["source"],
139                             Upload.pkg.changes["version"])
140         srcverarches.setdefault(srcver, {})
141         for arch in Upload.pkg.changes["architecture"].keys():
142             srcverarches[srcver][arch] = 1
143
144 def advisory_info():
145     if advisory != None:
146         print "Advisory: %s" % (advisory)
147     print "Changes:"
148     for c in changes:
149         print " %s" % (c)
150
151     print "Packages:"
152     svs = srcverarches.keys()
153     svs.sort()
154     for sv in svs:
155         as_ = srcverarches[sv].keys()
156         as_.sort()
157         print " %s (%s)" % (sv, ", ".join(as_))
158
159 def prompt(opts, default):
160     p = ""
161     v = {}
162     for o in opts:
163         v[o[0].upper()] = o
164         if o[0] == default:
165             p += ", [%s]%s" % (o[0], o[1:])
166         else:
167             p += ", " + o
168     p = p[2:] + "? "
169     a = None
170
171     if Options["Automatic"]:
172         a = default
173
174     while a not in v:
175         a = utils.our_raw_input(p) + default
176         a = a[:1].upper()
177
178     return v[a]
179
180 def add_changes(extras):
181     for c in extras:
182         changes.append(c)
183         Upload.init_vars()
184         Upload.pkg.changes_file = c
185         Upload.update_vars()
186         srcver = "%s %s" % (Upload.pkg.changes["source"], Upload.pkg.changes["version"])
187         srcverarches.setdefault(srcver, {})
188         for arch in Upload.pkg.changes["architecture"].keys():
189             srcverarches[srcver][arch] = 1
190         Upload.pkg.changes["adv id"] = advisory
191         Upload.dump_vars(os.getcwd())
192
193 def yes_no(prompt):
194     if Options["Automatic"]: return True
195     while 1:
196         answer = utils.our_raw_input(prompt + " ").lower()
197         if answer in "yn":
198             return answer == "y"
199         print "Invalid answer; please try again."
200
201 def do_upload():
202     if Options["No-Upload"]:
203         print "Not uploading as requested"
204     elif Options["Foreground-Upload"]:
205         actually_upload(changes)
206     else:
207         child = os.fork()
208         if child == 0:
209             actually_upload(changes)
210             os._exit(0)
211         print "Uploading in the background"
212
213 def actually_upload(changes_files):
214     file_list = ""
215     suites = {}
216     component_mapping = {}
217     for component in Cnf.SubTree("Security-Install::ComponentMappings").List():
218         component_mapping[component] = Cnf["Security-Install::ComponentMappings::%s" % (component)]
219     uploads = {}; # uploads[uri] = file_list
220     changesfiles = {}; # changesfiles[uri] = file_list
221     package_list = {} # package_list[source_name][version]
222     changes_files.sort(utils.changes_compare)
223     for changes_file in changes_files:
224         changes_file = utils.validate_changes_file_arg(changes_file)
225         # Reset variables
226         components = {}
227         upload_uris = {}
228         file_list = []
229         Upload.init_vars()
230         # Parse the .dak file for the .changes file
231         Upload.pkg.changes_file = changes_file
232         Upload.update_vars()
233         files = Upload.pkg.files
234         changes = Upload.pkg.changes
235         dsc = Upload.pkg.dsc
236         # Build the file list for this .changes file
237         for file in files.keys():
238             poolname = os.path.join(Cnf["Dir::Root"], Cnf["Dir::PoolRoot"],
239                                     utils.poolify(changes["source"], files[file]["component"]),
240                                     file)
241             file_list.append(poolname)
242             orig_component = files[file].get("original component", files[file]["component"])
243             components[orig_component] = ""
244         # Determine the upload uri for this .changes file
245         for component in components.keys():
246             upload_uri = component_mapping.get(component)
247             if upload_uri:
248                 upload_uris[upload_uri] = ""
249         num_upload_uris = len(upload_uris.keys())
250         if num_upload_uris == 0:
251             utils.fubar("%s: No valid upload URI found from components (%s)."
252                         % (changes_file, ", ".join(components.keys())))
253         elif num_upload_uris > 1:
254             utils.fubar("%s: more than one upload URI (%s) from components (%s)."
255                         % (changes_file, ", ".join(upload_uris.keys()),
256                            ", ".join(components.keys())))
257         upload_uri = upload_uris.keys()[0]
258         # Update the file list for the upload uri
259         if not uploads.has_key(upload_uri):
260             uploads[upload_uri] = []
261         uploads[upload_uri].extend(file_list)
262         # Update the changes list for the upload uri
263         if not changesfiles.has_key(upload_uri):
264             changesfiles[upload_uri] = []
265         changesfiles[upload_uri].append(changes_file)
266         # Remember the suites and source name/version
267         for suite in changes["distribution"].keys():
268             suites[suite] = ""
269         # Remember the source name and version
270         if changes["architecture"].has_key("source") and \
271            changes["distribution"].has_key("testing"):
272             if not package_list.has_key(dsc["source"]):
273                 package_list[dsc["source"]] = {}
274             package_list[dsc["source"]][dsc["version"]] = ""
275
276     for uri in uploads.keys():
277         uploads[uri].extend(changesfiles[uri])
278         (host, path) = uri.split(":")
279         #        file_list = " ".join(uploads[uri])
280         print "Moving files to UploadQueue"
281         for filename in uploads[uri]:
282             utils.copy(filename, Cnf["Dir::Upload"])
283             # .changes files have already been moved to queue/done by p-a
284             if not filename.endswith('.changes'):
285                 remove_from_buildd(suites, filename)
286         #spawn("lftp -c 'open %s; cd %s; put %s'" % (host, path, file_list))
287
288     if not Options["No-Action"]:
289         filename = "%s/testing-processed" % (Cnf["Dir::Log"])
290         file = utils.open_file(filename, 'a')
291         for source in package_list.keys():
292             for version in package_list[source].keys():
293                 file.write(" ".join([source, version])+'\n')
294         file.close()
295
296 def remove_from_buildd(suites, filename):
297     """Check the buildd dir for each suite and remove the file if needed"""
298     builddbase = Cnf["Dir::QueueBuild"]
299     filebase = os.path.basename(filename)
300     for s in suites:
301         try:
302             os.unlink(os.path.join(builddbase, s, filebase))
303         except OSError, e:
304             pass
305             # About no value printing this warning - it only confuses the security team,
306             # yet makes no difference otherwise.
307             #utils.warn("Problem removing %s from buildd queue %s [%s]" % (filebase, s, str(e)))
308
309
310 def generate_advisory(template):
311     global changes, advisory
312
313     adv_packages = []
314     updated_pkgs = {};  # updated_pkgs[distro][arch][file] = {path,md5,size}
315
316     for arg in changes:
317         arg = utils.validate_changes_file_arg(arg)
318         Upload.pkg.changes_file = arg
319         Upload.init_vars()
320         Upload.update_vars()
321
322         src = Upload.pkg.changes["source"]
323         src_ver = "%s (%s)" % (src, Upload.pkg.changes["version"])
324         if src_ver not in adv_packages:
325             adv_packages.append(src_ver)
326
327         suites = Upload.pkg.changes["distribution"].keys()
328         for suite in suites:
329             if not updated_pkgs.has_key(suite):
330                 updated_pkgs[suite] = {}
331
332         files = Upload.pkg.files
333         for file in files.keys():
334             arch = files[file]["architecture"]
335             md5 = files[file]["md5sum"]
336             size = files[file]["size"]
337             poolname = Cnf["Dir::PoolRoot"] + \
338                 utils.poolify(src, files[file]["component"])
339             if arch == "source" and file.endswith(".dsc"):
340                 dscpoolname = poolname
341             for suite in suites:
342                 if not updated_pkgs[suite].has_key(arch):
343                     updated_pkgs[suite][arch] = {}
344                 updated_pkgs[suite][arch][file] = {
345                     "md5": md5, "size": size, "poolname": poolname }
346
347         dsc_files = Upload.pkg.dsc_files
348         for file in dsc_files.keys():
349             arch = "source"
350             if not dsc_files[file].has_key("files id"):
351                 continue
352
353             # otherwise, it's already in the pool and needs to be
354             # listed specially
355             md5 = dsc_files[file]["md5sum"]
356             size = dsc_files[file]["size"]
357             for suite in suites:
358                 if not updated_pkgs[suite].has_key(arch):
359                     updated_pkgs[suite][arch] = {}
360                 updated_pkgs[suite][arch][file] = {
361                     "md5": md5, "size": size, "poolname": dscpoolname }
362
363     if os.environ.has_key("SUDO_UID"):
364         whoami = long(os.environ["SUDO_UID"])
365     else:
366         whoami = os.getuid()
367     whoamifull = pwd.getpwuid(whoami)
368     username = whoamifull[4].split(",")[0]
369
370     Subst = {
371         "__ADVISORY__": advisory,
372         "__WHOAMI__": username,
373         "__DATE__": time.strftime("%B %d, %Y", time.gmtime(time.time())),
374         "__PACKAGE__": ", ".join(adv_packages),
375         "__DAK_ADDRESS__": Cnf["Dinstall::MyEmailAddress"]
376         }
377
378     if Cnf.has_key("Dinstall::Bcc"):
379         Subst["__BCC__"] = "Bcc: %s" % (Cnf["Dinstall::Bcc"])
380
381     adv = ""
382     archive = Cnf["Archive::%s::PrimaryMirror" % (utils.where_am_i())]
383     for suite in updated_pkgs.keys():
384         ver = Cnf["Suite::%s::Version" % suite]
385         if ver != "": ver += " "
386         suite_header = "%s %s(%s)" % (Cnf["Dinstall::MyDistribution"],
387                                        ver, suite)
388         adv += "%s\n%s\n\n" % (suite_header, "-"*len(suite_header))
389
390         arches = [x.arch_name for x in get_suite_architectures(suite)]
391         if "source" in arches:
392             arches.remove("source")
393         if "all" in arches:
394             arches.remove("all")
395         arches.sort()
396
397         adv += "%s updates are available for %s.\n\n" % (
398                 suite.capitalize(), utils.join_with_commas_and(arches))
399
400         for a in ["source", "all"] + arches:
401             if not updated_pkgs[suite].has_key(a):
402                 continue
403
404             if a == "source":
405                 adv += "Source archives:\n\n"
406             elif a == "all":
407                 adv += "Architecture independent packages:\n\n"
408             else:
409                 adv += "%s architecture (%s)\n\n" % (a,
410                         Cnf["Architectures::%s" % a])
411
412             for file in updated_pkgs[suite][a].keys():
413                 adv += "  http://%s/%s%s\n" % (
414                                 archive, updated_pkgs[suite][a][file]["poolname"], file)
415                 adv += "    Size/MD5 checksum: %8s %s\n" % (
416                         updated_pkgs[suite][a][file]["size"],
417                         updated_pkgs[suite][a][file]["md5"])
418             adv += "\n"
419     adv = adv.rstrip()
420
421     Subst["__ADVISORY_TEXT__"] = adv
422
423     adv = utils.TemplateSubst(Subst, template)
424     return adv
425
426 def spawn(command):
427     if not re_taint_free.match(command):
428         utils.fubar("Invalid character in \"%s\"." % (command))
429
430     if Options["No-Action"]:
431         print "[%s]" % (command)
432     else:
433         (result, output) = commands.getstatusoutput(command)
434         if (result != 0):
435             utils.fubar("Invocation of '%s' failed:\n%s\n" % (command, output), result)
436
437
438 ##################### ! ! ! N O T E ! ! !  #####################
439 #
440 # These functions will be reinvoked by semi-priveleged users, be careful not
441 # to invoke external programs that will escalate privileges, etc.
442 #
443 ##################### ! ! ! N O T E ! ! !  #####################
444
445 def sudo(arg, fn, exit):
446     if Options["Sudo"]:
447         if advisory == None:
448             utils.fubar("Must set advisory name")
449         os.spawnl(os.P_WAIT, "/usr/bin/sudo", "/usr/bin/sudo", "-u", "dak", "-H",
450                   "/usr/local/bin/dak", "new-security-install", "-"+arg, "--", advisory)
451     else:
452         fn()
453     if exit:
454         quit()
455
456 def do_Approve(): sudo("A", _do_Approve, True)
457 def _do_Approve():
458     # 1. dump advisory in drafts
459     draft = "/org/security.debian.org/advisories/drafts/%s" % (advisory)
460     print "Advisory in %s" % (draft)
461     if not Options["No-Action"]:
462         adv_file = "./advisory.%s" % (advisory)
463         if not os.path.exists(adv_file):
464             adv_file = Cnf["Dir::Templates"]+"/security-install.advisory"
465         adv_fd = os.open(draft, os.O_RDWR|os.O_CREAT|os.O_EXCL, 0664)
466         os.write(adv_fd, generate_advisory(adv_file))
467         os.close(adv_fd)
468         adv_fd = None
469
470     # 2. run dak process-accepted on changes
471     print "Accepting packages..."
472     spawn("dak process-accepted -pa %s" % (" ".join(changes)))
473
474     # 3. run dak make-suite-file-list / apt-ftparchve / dak generate-releases
475     print "Updating file lists for apt-ftparchive..."
476     spawn("dak make-suite-file-list")
477     spawn("dak generate-filelist")
478     print "Updating Packages and Sources files..."
479     spawn("/org/security.debian.org/dak/config/debian-security/map.sh")
480     spawn("apt-ftparchive generate %s" % (utils.which_apt_conf_file()))
481     print "Updating Release files..."
482     spawn("dak generate-releases")
483     print "Triggering security mirrors..."
484     spawn("sudo -u archvsync -H /home/archvsync/signal_security")
485
486     # 4. chdir to done - do upload
487     if not Options["No-Action"]:
488         os.chdir(Cnf["Dir::Queue::Done"])
489     do_upload()
490
491 def do_Disembargo(): sudo("D", _do_Disembargo, True)
492 def _do_Disembargo():
493     if os.getcwd() != Cnf["Dir::Queue::Embargoed"].rstrip("/"):
494         utils.fubar("Can only disembargo from %s" % Cnf["Dir::Queue::Embargoed"])
495
496     session = DBConn().session()
497
498     dest = Cnf["Dir::Queue::Unembargoed"]
499     emb_q = get_build_queue("embargoed", session)
500     une_q = get_build_queue("unembargoed", session)
501
502     for c in changes:
503         print "Disembargoing %s" % (c)
504
505         Upload.init_vars()
506         Upload.pkg.changes_file = c
507         Upload.update_vars()
508
509         if "source" in Upload.pkg.changes["architecture"].keys():
510             print "Adding %s %s to disembargo table" % (Upload.pkg.changes["source"], Upload.pkg.changes["version"])
511             session.execute("INSERT INTO disembargo (package, version) VALUES (:package, :version)",
512                 {'package': Upload.pkg.changes["source"], 'version': Upload.pkg.changes["version"]})
513
514         files = {}
515         for suite in Upload.pkg.changes["distribution"].keys():
516             if suite not in Cnf.ValueList("Dinstall::QueueBuildSuites"):
517                 continue
518             dest_dir = Cnf["Dir::QueueBuild"]
519             if Cnf.FindB("Dinstall::SecurityQueueBuild"):
520                 dest_dir = os.path.join(dest_dir, suite)
521             for file in Upload.pkg.files.keys():
522                 files[os.path.join(dest_dir, file)] = 1
523
524         files = files.keys()
525         for f in files:
526             session.execute("UPDATE queue_build SET queue = :unembargoed WHERE filename = :filename AND queue = :embargoed",
527                 {'unembargoed': une_q.queue_id, 'filename': f, 'embargoed': emb_q.queue_id})
528         session.commit()
529
530         for file in Upload.pkg.files.keys():
531             utils.copy(file, os.path.join(dest, file))
532             os.unlink(file)
533
534     for c in changes:
535         utils.copy(c, os.path.join(dest, c))
536         os.unlink(c)
537         k = c[:-8] + ".dak"
538         utils.copy(k, os.path.join(dest, k))
539         os.unlink(k)
540
541     session.commit()
542
543 def do_Reject(): sudo("R", _do_Reject, True)
544 def _do_Reject():
545     global changes
546
547     session = DBConn().session()
548
549     for c in changes:
550         print "Rejecting %s..." % (c)
551         Upload.init_vars()
552         Upload.pkg.changes_file = c
553         Upload.update_vars()
554         files = {}
555         for suite in Upload.pkg.changes["distribution"].keys():
556             if suite not in Cnf.ValueList("Dinstall::QueueBuildSuites"):
557                 continue
558             dest_dir = Cnf["Dir::QueueBuild"]
559             if Cnf.FindB("Dinstall::SecurityQueueBuild"):
560                 dest_dir = os.path.join(dest_dir, suite)
561             for file in Upload.pkg.files.keys():
562                 files[os.path.join(dest_dir, file)] = 1
563
564         files = files.keys()
565
566         aborted = Upload.do_reject()
567         if not aborted:
568             os.unlink(c[:-8]+".dak")
569             for f in files:
570                 session.execute("DELETE FROM queue_build WHERE filename = :filename",
571                     {'filename': f})
572                 os.unlink(f)
573
574     print "Updating buildd information..."
575     spawn("/org/security.debian.org/dak/config/debian-security/cron.buildd")
576
577     adv_file = "./advisory.%s" % (advisory)
578     if os.path.exists(adv_file):
579         os.unlink(adv_file)
580
581     session.commit()
582
583 def do_DropAdvisory():
584     for c in changes:
585         Upload.init_vars()
586         Upload.pkg.changes_file = c
587         Upload.update_vars()
588         del Upload.pkg.changes["adv id"]
589         Upload.dump_vars(os.getcwd())
590     quit()
591
592 def do_Edit():
593     adv_file = "./advisory.%s" % (advisory)
594     if not os.path.exists(adv_file):
595         utils.copy(Cnf["Dir::Templates"]+"/security-install.advisory", adv_file)
596     editor = os.environ.get("EDITOR", "vi")
597     result = os.system("%s %s" % (editor, adv_file))
598     if result != 0:
599         utils.fubar("%s invocation failed for %s." % (editor, adv_file))
600
601 def do_Show():
602     adv_file = "./advisory.%s" % (advisory)
603     if not os.path.exists(adv_file):
604         adv_file = Cnf["Dir::Templates"]+"/security-install.advisory"
605     print "====\n%s\n====" % (generate_advisory(adv_file))
606
607 def do_Quit():
608     quit()
609
610 def main():
611     global changes
612
613     args = init()
614     extras = load_args(args)
615     if advisory:
616         load_adv_changes()
617     if extras:
618         if not advisory:
619             changes = extras
620         else:
621             if srcverarches == {}:
622                 if not yes_no("Create new advisory %s?" % (advisory)):
623                     print "Not doing anything, then"
624                     quit()
625             else:
626                 advisory_info()
627                 doextras = []
628                 for c in extras:
629                     if yes_no("Add %s to %s?" % (c, advisory)):
630                         doextras.append(c)
631                 extras = doextras
632             add_changes(extras)
633
634     if not advisory:
635         utils.fubar("Must specify an advisory id")
636
637     if not changes:
638         utils.fubar("No changes specified")
639
640     if Options["Approve"]:
641         advisory_info()
642         do_Approve()
643     elif Options["Reject"]:
644         advisory_info()
645         do_Reject()
646     elif Options["Disembargo"]:
647         advisory_info()
648         do_Disembargo()
649     elif Options["Drop-Advisory"]:
650         advisory_info()
651         do_DropAdvisory()
652     else:
653         while 1:
654             default = "Q"
655             opts = ["Approve", "Edit advisory"]
656             if os.path.exists("./advisory.%s" % advisory):
657                 default = "A"
658             else:
659                 default = "E"
660             if os.getcwd() == Cnf["Dir::Queue::Embargoed"].rstrip("/"):
661                 opts.append("Disembargo")
662             opts += ["Show advisory", "Reject", "Quit"]
663
664             advisory_info()
665             what = prompt(opts, default)
666
667             if what == "Quit":
668                 do_Quit()
669             elif what == "Approve":
670                 do_Approve()
671             elif what == "Edit advisory":
672                 do_Edit()
673             elif what == "Show advisory":
674                 do_Show()
675             elif what == "Disembargo":
676                 do_Disembargo()
677             elif what == "Reject":
678                 do_Reject()
679             else:
680                 utils.fubar("Impossible answer '%s', wtf?" % (what))
681
682 ################################################################################
683
684 if __name__ == '__main__':
685     main()
686
687 ################################################################################