X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=dak%2Fsecurity_install.py;h=3aebedc1c587a8ee5aaad8271dbe7f781c76d5bf;hb=b5d21dfae245e479a1dfd261b7f1a9d9bf2e9b99;hp=eb79bb4a85559e6667fa33e883323e971f49e766;hpb=30413cf0ff7bc21b8d2b8b4346406357fe55dc19;p=dak.git diff --git a/dak/security_install.py b/dak/security_install.py old mode 100755 new mode 100644 index eb79bb4a..3aebedc1 --- a/dak/security_install.py +++ b/dak/security_install.py @@ -1,8 +1,7 @@ #!/usr/bin/env python # Wrapper for Debian Security team -# Copyright (C) 2002, 2003, 2004 James Troup -# $Id: amber,v 1.11 2005-11-26 07:52:06 ajt Exp $ +# Copyright (C) 2002, 2003, 2004, 2006 James Troup # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -33,20 +32,21 @@ import commands, os, pwd, re, sys, time import apt_pkg -import katie, utils +from daklib import queue +import daklib.utils ################################################################################ Cnf = None Options = None -Katie = None +Upload = None re_taint_free = re.compile(r"^['/;\-\+\.\s\w]+$") ################################################################################ def usage (exit_code=0): - print """Usage: amber ADV_NUMBER CHANGES_FILE[...] + print """Usage: dak security-install ADV_NUMBER CHANGES_FILE[...] Install CHANGES_FILE(s) as security advisory ADV_NUMBER -h, --help show this help and exit @@ -61,39 +61,36 @@ def do_upload(changes_files): file_list = "" suites = {} component_mapping = {} - for component in Cnf.SubTree("Amber::ComponentMappings").List(): - component_mapping[component] = Cnf["Amber::ComponentMappings::%s" % (component)] + for component in Cnf.SubTree("Security-Install::ComponentMappings").List(): + component_mapping[component] = Cnf["Security-Install::ComponentMappings::%s" % (component)] uploads = {}; # uploads[uri] = file_list changesfiles = {}; # changesfiles[uri] = file_list package_list = {} # package_list[source_name][version] - changes_files.sort(utils.changes_compare) + changes_files.sort(daklib.utils.changes_compare) for changes_file in changes_files: - changes_file = utils.validate_changes_file_arg(changes_file) + changes_file = daklib.utils.validate_changes_file_arg(changes_file) # Reset variables components = {} upload_uris = {} file_list = [] - Katie.init_vars() - # Parse the .katie file for the .changes file - Katie.pkg.changes_file = changes_file - Katie.update_vars() - files = Katie.pkg.files - changes = Katie.pkg.changes - dsc = Katie.pkg.dsc + Upload.init_vars() + # Parse the .dak file for the .changes file + Upload.pkg.changes_file = changes_file + Upload.update_vars() + files = Upload.pkg.files + changes = Upload.pkg.changes + dsc = Upload.pkg.dsc # We have the changes, now return if its amd64, to not upload them to ftp-master if changes["architecture"].has_key("amd64"): print "Not uploading amd64 part to ftp-master\n" continue - if changes["distribution"].has_key("oldstable-security"): - print "Not uploading oldstable-security changes to ftp-master\n" - continue # Build the file list for this .changes file - for file in files.keys(): + for f in files.keys(): poolname = os.path.join(Cnf["Dir::Root"], Cnf["Dir::PoolRoot"], - utils.poolify(changes["source"], files[file]["component"]), - file) + daklib.utils.poolify(changes["source"], files[f]["component"]), + f) file_list.append(poolname) - orig_component = files[file].get("original component", files[file]["component"]) + orig_component = files[f].get("original component", files[f]["component"]) components[orig_component] = "" # Determine the upload uri for this .changes file for component in components.keys(): @@ -102,10 +99,10 @@ def do_upload(changes_files): upload_uris[upload_uri] = "" num_upload_uris = len(upload_uris.keys()) if num_upload_uris == 0: - utils.fubar("%s: No valid upload URI found from components (%s)." + daklib.utils.fubar("%s: No valid upload URI found from components (%s)." % (changes_file, ", ".join(components.keys()))) elif num_upload_uris > 1: - utils.fubar("%s: more than one upload URI (%s) from components (%s)." + daklib.utils.fubar("%s: more than one upload URI (%s) from components (%s)." % (changes_file, ", ".join(upload_uris.keys()), ", ".join(components.keys()))) upload_uri = upload_uris.keys()[0] @@ -114,7 +111,7 @@ def do_upload(changes_files): uploads[upload_uri] = [] uploads[upload_uri].extend(file_list) # Update the changes list for the upload uri - if not changes.has_key(upload_uri): + if not changesfiles.has_key(upload_uri): changesfiles[upload_uri] = [] changesfiles[upload_uri].append(changes_file) # Remember the suites and source name/version @@ -141,65 +138,65 @@ def do_upload(changes_files): if not Options["No-Action"]: filename = "%s/testing-processed" % (Cnf["Dir::Log"]) - file = utils.open_file(filename, 'a') + f = daklib.utils.open_file(filename, 'a') for source in package_list.keys(): for version in package_list[source].keys(): - file.write(" ".join([source, version])+'\n') - file.close() + f.write(" ".join([source, version])+'\n') + f.close() ###################################################################### # This function was originally written by aj and NIHishly merged into -# amber by me. +# 'dak security-install' by me. def make_advisory(advisory_nr, changes_files): adv_packages = [] updated_pkgs = {}; # updated_pkgs[distro][arch][file] = {path,md5,size} for arg in changes_files: - arg = utils.validate_changes_file_arg(arg) - Katie.pkg.changes_file = arg - Katie.init_vars() - Katie.update_vars() - - src = Katie.pkg.changes["source"] - if src not in adv_packages: - adv_packages += [src] - - suites = Katie.pkg.changes["distribution"].keys() - for suite in suites: - if not updated_pkgs.has_key(suite): + arg = daklib.utils.validate_changes_file_arg(arg) + Upload.pkg.changes_file = arg + Upload.init_vars() + Upload.update_vars() + + src = Upload.pkg.changes["source"] + if src not in adv_packages: + adv_packages += [src] + + suites = Upload.pkg.changes["distribution"].keys() + for suite in suites: + if not updated_pkgs.has_key(suite): updated_pkgs[suite] = {} - files = Katie.pkg.files - for file in files.keys(): - arch = files[file]["architecture"] - md5 = files[file]["md5sum"] - size = files[file]["size"] - poolname = Cnf["Dir::PoolRoot"] + \ - utils.poolify(src, files[file]["component"]) - if arch == "source" and file.endswith(".dsc"): - dscpoolname = poolname - for suite in suites: - if not updated_pkgs[suite].has_key(arch): - updated_pkgs[suite][arch] = {} - updated_pkgs[suite][arch][file] = { + files = Upload.pkg.files + for f in files.keys(): + arch = files[f]["architecture"] + md5 = files[f]["md5sum"] + size = files[f]["size"] + poolname = Cnf["Dir::PoolRoot"] + \ + daklib.utils.poolify(src, files[f]["component"]) + if arch == "source" and f.endswith(".dsc"): + dscpoolname = poolname + for suite in suites: + if not updated_pkgs[suite].has_key(arch): + updated_pkgs[suite][arch] = {} + updated_pkgs[suite][arch][f] = { "md5": md5, "size": size, "poolname": poolname } - dsc_files = Katie.pkg.dsc_files - for file in dsc_files.keys(): - arch = "source" - if not dsc_files[file].has_key("files id"): + dsc_files = Upload.pkg.dsc_files + for f in dsc_files.keys(): + arch = "source" + if not dsc_files[f].has_key("files id"): continue - # otherwise, it's already in the pool and needs to be - # listed specially - md5 = dsc_files[file]["md5sum"] - size = dsc_files[file]["size"] - for suite in suites: - if not updated_pkgs[suite].has_key(arch): - updated_pkgs[suite][arch] = {} - updated_pkgs[suite][arch][file] = { + # otherwise, it's already in the pool and needs to be + # listed specially + md5 = dsc_files[f]["md5sum"] + size = dsc_files[f]["size"] + for suite in suites: + if not updated_pkgs[suite].has_key(arch): + updated_pkgs[suite][arch] = {} + updated_pkgs[suite][arch][f] = { "md5": md5, "size": size, "poolname": dscpoolname } @@ -211,79 +208,79 @@ def make_advisory(advisory_nr, changes_files): username = whoamifull[4].split(",")[0] Subst = { - "__ADVISORY__": advisory_nr, - "__WHOAMI__": username, - "__DATE__": time.strftime("%B %d, %Y", time.gmtime(time.time())), - "__PACKAGE__": ", ".join(adv_packages), - "__KATIE_ADDRESS__": Cnf["Dinstall::MyEmailAddress"] + "__ADVISORY__": advisory_nr, + "__WHOAMI__": username, + "__DATE__": time.strftime("%B %d, %Y", time.gmtime(time.time())), + "__PACKAGE__": ", ".join(adv_packages), + "__DAK_ADDRESS__": Cnf["Dinstall::MyEmailAddress"] } if Cnf.has_key("Dinstall::Bcc"): Subst["__BCC__"] = "Bcc: %s" % (Cnf["Dinstall::Bcc"]) adv = "" - archive = Cnf["Archive::%s::PrimaryMirror" % (utils.where_am_i())] + archive = Cnf["Archive::%s::PrimaryMirror" % (daklib.utils.where_am_i())] for suite in updated_pkgs.keys(): suite_header = "%s %s (%s)" % (Cnf["Dinstall::MyDistribution"], Cnf["Suite::%s::Version" % suite], suite) adv += "%s\n%s\n\n" % (suite_header, "-"*len(suite_header)) - arches = Cnf.ValueList("Suite::%s::Architectures" % suite) - if "source" in arches: + arches = Cnf.ValueList("Suite::%s::Architectures" % suite) + if "source" in arches: arches.remove("source") - if "all" in arches: + if "all" in arches: arches.remove("all") - arches.sort() + arches.sort() - adv += " %s was released for %s.\n\n" % ( - suite.capitalize(), utils.join_with_commas_and(arches)) + adv += " %s was released for %s.\n\n" % ( + suite.capitalize(), daklib.utils.join_with_commas_and(arches)) - for a in ["source", "all"] + arches: - if not updated_pkgs[suite].has_key(a): + for a in ["source", "all"] + arches: + if not updated_pkgs[suite].has_key(a): continue - if a == "source": - adv += " Source archives:\n\n" - elif a == "all": - adv += " Architecture independent packages:\n\n" - else: - adv += " %s architecture (%s)\n\n" % (a, - Cnf["Architectures::%s" % a]) - - for file in updated_pkgs[suite][a].keys(): - adv += " http://%s/%s%s\n" % ( - archive, updated_pkgs[suite][a][file]["poolname"], file) - adv += " Size/MD5 checksum: %8s %s\n" % ( - updated_pkgs[suite][a][file]["size"], - updated_pkgs[suite][a][file]["md5"]) - adv += "\n" + if a == "source": + adv += " Source archives:\n\n" + elif a == "all": + adv += " Architecture independent packages:\n\n" + else: + adv += " %s architecture (%s)\n\n" % (a, + Cnf["Architectures::%s" % a]) + + for f in updated_pkgs[suite][a].keys(): + adv += " http://%s/%s%s\n" % ( + archive, updated_pkgs[suite][a][f]["poolname"], f) + adv += " Size/MD5 checksum: %8s %s\n" % ( + updated_pkgs[suite][a][f]["size"], + updated_pkgs[suite][a][f]["md5"]) + adv += "\n" adv = adv.rstrip() Subst["__ADVISORY_TEXT__"] = adv - adv = utils.TemplateSubst(Subst, Cnf["Dir::Templates"]+"/amber.advisory") + adv = daklib.utils.TemplateSubst(Subst, Cnf["Dir::Templates"]+"/security-install.advisory") if not Options["No-Action"]: - utils.send_mail (adv) + daklib.utils.send_mail (adv) else: print "[]" ###################################################################### def init(): - global Cnf, Katie, Options + global Cnf, Upload, Options apt_pkg.init() - Cnf = utils.get_conf() + Cnf = daklib.utils.get_conf() - Arguments = [('h', "help", "Amber::Options::Help"), - ('n', "no-action", "Amber::Options::No-Action")] + Arguments = [('h', "help", "Security-Install::Options::Help"), + ('n', "no-action", "Security-Install::Options::No-Action")] for i in [ "help", "no-action" ]: - Cnf["Amber::Options::%s" % (i)] = "" + Cnf["Security-Install::Options::%s" % (i)] = "" arguments = apt_pkg.ParseCommandLine(Cnf,Arguments,sys.argv) - Options = Cnf.SubTree("Amber::Options") - Katie = katie.Katie(Cnf) + Options = Cnf.SubTree("Security-Install::Options") + Upload = queue.Upload(Cnf) if Options["Help"]: usage(0) @@ -294,17 +291,17 @@ def init(): advisory_number = arguments[0] changes_files = arguments[1:] if advisory_number.endswith(".changes"): - utils.warn("first argument must be the advisory number.") + daklib.utils.warn("first argument must be the advisory number.") usage(1) - for file in changes_files: - file = utils.validate_changes_file_arg(file) + for f in changes_files: + f = daklib.utils.validate_changes_file_arg(f) return (advisory_number, changes_files) ###################################################################### def yes_no(prompt): while 1: - answer = utils.our_raw_input(prompt+" ").lower() + answer = daklib.utils.our_raw_input(prompt+" ").lower() if answer == "y" or answer == "n": break else: @@ -315,39 +312,42 @@ def yes_no(prompt): def spawn(command): if not re_taint_free.match(command): - utils.fubar("Invalid character in \"%s\"." % (command)) + daklib.utils.fubar("Invalid character in \"%s\"." % (command)) if Options["No-Action"]: print "[%s]" % (command) else: (result, output) = commands.getstatusoutput(command) if (result != 0): - utils.fubar("Invocation of '%s' failed:\n%s\n" % (command, output), result) + daklib.utils.fubar("Invocation of '%s' failed:\n%s\n" % (command, output), result) ###################################################################### def main(): + print "Disabled. See your team@security email, and/or contact aj on OFTC." + sys.exit(1) + (advisory_number, changes_files) = init() if not Options["No-Action"]: print "About to install the following files: " - for file in changes_files: - print " %s" % (file) + for f in changes_files: + print " %s" % (f) answer = yes_no("Continue (Y/n)?") if answer == "n": sys.exit(0) os.chdir(Cnf["Dir::Queue::Accepted"]) print "Installing packages into the archive..." - spawn("%s/kelly -pa %s" % (Cnf["Dir::Katie"], " ".join(changes_files))) - os.chdir(Cnf["Dir::Katie"]) + spawn("dak process-accepted -pa %s" % (" ".join(changes_files))) + os.chdir(Cnf["Dir::Dak"]) print "Updating file lists for apt-ftparchive..." - spawn("./jenna") + spawn("dak make-suite-file-list") print "Updating Packages and Sources files..." - spawn("apt-ftparchive generate %s" % (utils.which_apt_conf_file())) + spawn("apt-ftparchive generate %s" % (daklib.utils.which_apt_conf_file())) print "Updating Release files..." - spawn("./ziyi") + spawn("dak generate-releases") if not Options["No-Action"]: os.chdir(Cnf["Dir::Queue::Done"])