################################################################################
-import os, pg, sys, time, errno, fcntl, tempfile, pwd
+import os, pg, sys, time, errno, fcntl, tempfile, pwd, re
import apt_pkg
import daklib.database
import daklib.utils
Options = None
projectB = None
+re_broken_package = re.compile(r"[a-zA-Z]\w+\s+\-.*")
+
################################################################################
+#####################################
+#### This may run within sudo !! ####
+#####################################
def init():
global Cnf, Options, projectB
projectB = pg.connect(Cnf["DB::Name"], Cnf["DB::Host"], int(Cnf["DB::Port"]))
daklib.database.init(Cnf, projectB)
-
+
################################################################################
def usage (exit_code=0):
################################################################################
+#####################################
+#### This may run within sudo !! ####
+#####################################
def load_transitions(trans_file):
# Parse the yaml file
sourcefile = file(trans_file, 'r')
sourcecontent = sourcefile.read()
+ failure = False
try:
trans = syck.load(sourcecontent)
except syck.error, msg:
# Someone fucked it up
print "ERROR: %s" % (msg)
return None
- # could do further validation here
+
+ # lets do further validation here
+ checkkeys = ["source", "reason", "packages", "new", "rm"]
+
+ # If we get an empty definition - we just have nothing to check, no transitions defined
+ if type(trans) != dict:
+ # This can be anything. We could have no transitions defined. Or someone totally fucked up the
+ # file, adding stuff in a way we dont know or want. Then we set it empty - and simply have no
+ # transitions anymore. User will see it in the information display after he quit the editor and
+ # could fix it
+ trans = ""
+ return trans
+
+ try:
+ for test in trans:
+ t = trans[test]
+
+ # First check if we know all the keys for the transition and if they have
+ # the right type (and for the packages also if the list has the right types
+ # included, ie. not a list in list, but only str in the list)
+ for key in t:
+ if key not in checkkeys:
+ print "ERROR: Unknown key %s in transition %s" % (key, test)
+ failure = True
+
+ if key == "packages":
+ if type(t[key]) != list:
+ print "ERROR: Unknown type %s for packages in transition %s." % (type(t[key]), test)
+ failure = True
+ try:
+ for package in t["packages"]:
+ if type(package) != str:
+ print "ERROR: Packages list contains invalid type %s (as %s) in transition %s" % (type(package), package, test)
+ failure = True
+ if re_broken_package.match(package):
+ # Someone had a space too much (or not enough), we have something looking like
+ # "package1 - package2" now.
+ print "ERROR: Invalid indentation of package list in transition %s, around package(s): %s" % (test, package)
+ failure = True
+ except TypeError:
+ # In case someone has an empty packages list
+ print "ERROR: No packages defined in transition %s" % (test)
+ failure = True
+ continue
+
+ elif type(t[key]) != str:
+ if key == "new" and type(t[key]) == int:
+ # Ok, debian native version
+ continue
+ else:
+ print "ERROR: Unknown type %s for key %s in transition %s" % (type(t[key]), key, test)
+ failure = True
+
+ # And now the other way round - are all our keys defined?
+ for key in checkkeys:
+ if key not in t:
+ print "ERROR: Missing key %s in transition %s" % (key, test)
+ failure = True
+ except TypeError:
+ # In case someone defined very broken things
+ print "ERROR: Unable to parse the file"
+ failure = True
+
+
+ if failure:
+ return None
+
return trans
################################################################################
-def lock_file(file):
+#####################################
+#### This may run within sudo !! ####
+#####################################
+def lock_file(f):
for retry in range(10):
- lock_fd = os.open(file, os.O_RDWR | os.O_CREAT)
+ lock_fd = os.open(f, os.O_RDWR | os.O_CREAT)
try:
fcntl.lockf(lock_fd, fcntl.LOCK_EX | fcntl.LOCK_NB)
return lock_fd
else:
raise
- daklib.utils.fubar("Couldn't obtain lock for %s." % (lockfile))
+ daklib.utils.fubar("Couldn't obtain lock for %s." % (f))
################################################################################
+#####################################
+#### This may run within sudo !! ####
+#####################################
def write_transitions(from_trans):
"""Update the active transitions file safely.
This function takes a parsed input file (which avoids invalid
trans_file = Cnf["Dinstall::Reject::ReleaseTransitions"]
trans_temp = trans_file + ".tmp"
-
+
trans_lock = lock_file(trans_file)
temp_lock = lock_file(trans_temp)
class ParseException(Exception):
pass
+##########################################
+#### This usually runs within sudo !! ####
+##########################################
def write_transitions_from_file(from_file):
"""We have a file we think is valid; if we're using sudo, we invoke it
here, otherwise we just parse the file and call write_transitions"""
+ # Lets check if from_file is in the directory we expect it to be in
+ if not os.path.abspath(from_file).startswith(Cnf["Transitions::TempPath"]):
+ print "Will not accept transitions file outside of %s" % (Cnf["Transitions::TempPath"])
+ sys.exit(3)
+
if Options["sudo"]:
- os.spawnl(os.P_WAIT, "/usr/bin/sudo", "/usr/bin/sudo", "-u", "dak", "-H",
+ os.spawnl(os.P_WAIT, "/usr/bin/sudo", "/usr/bin/sudo", "-u", "dak", "-H",
"/usr/local/bin/dak", "transitions", "--import", from_file)
else:
trans = load_transitions(from_file)
# NB: file is unlinked by caller, but fd is never actually closed.
# We need the chmod, as the file is (most possibly) copied from a
# sudo-ed script and would be unreadable if it has default mkstemp mode
-
- (fd, path) = tempfile.mkstemp("","transitions")
+
+ (fd, path) = tempfile.mkstemp("", "transitions", Cnf["Transitions::TempPath"])
os.chmod(path, 0644)
f = open(path, "w")
syck.dump(transitions, f)
if result != 0:
os.unlink(edit_file)
daklib.utils.fubar("%s invocation failed for %s, not removing tempfile." % (editor, edit_file))
-
+
# Now try to load the new file
test = load_transitions(edit_file)
print "------------------------------------------------------------------------"
transition_info(test)
- prompt = "[S]ave, Edit again, Drop changes?"
- default = "S"
+ prompt = "[S]ave, Edit again, Drop changes?"
+ default = "S"
answer = "XXX"
while prompt.find(answer) == -1:
print "Committing"
for remove in to_remove:
del transitions[remove]
-
+
edit_file = temp_transitions_file(transitions)
write_transitions_from_file(edit_file)
################################################################################
def print_info(trans, source, expected, rm, reason, packages):
- print """Looking at transition: %s
- Source: %s
- New Version: %s
- Responsible: %s
- Description: %s
- Blocked Packages (total: %d): %s
+ print """Looking at transition: %s
+Source: %s
+New Version: %s
+Responsible: %s
+Description: %s
+Blocked Packages (total: %d): %s
""" % (trans, source, expected, rm, reason, len(packages), ", ".join(packages))
- return
+ return
################################################################################
def main():
global Cnf
+ #####################################
+ #### This can run within sudo !! ####
+ #####################################
init()
-
+
# Check if there is a file defined (and existant)
transpath = Cnf.get("Dinstall::Reject::ReleaseTransitions", "")
if transpath == "":
daklib.utils.warn("ReleaseTransitions file, %s, not found." %
(Cnf["Dinstall::Reject::ReleaseTransitions"]))
sys.exit(1)
-
+ # Also check if our temp directory is defined and existant
+ temppath = Cnf.get("Transitions::TempPath", "")
+ if temppath == "":
+ daklib.utils.warn("Transitions::TempPath not defined")
+ sys.exit(1)
+ if not os.path.exists(temppath):
+ daklib.utils.warn("Temporary path %s not found." %
+ (Cnf["Transitions::TempPath"]))
+ sys.exit(1)
+
if Options["import"]:
try:
write_transitions_from_file(Options["import"])
print m
sys.exit(2)
sys.exit(0)
+ ##############################################
+ #### Up to here it can run within sudo !! ####
+ ##############################################
# Parse the yaml file
transitions = load_transitions(transpath)
transition_info(transitions)
sys.exit(0)
-
+
################################################################################
if __name__ == '__main__':
projects / dak.git / blobdiff