X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=dak%2Ftransitions.py;h=e7cb99e805994d3fb259e5bbb8b993eb2bb7380d;hb=9f9da35e524274a0a013279cbe0b52fb8f0d0930;hp=2a4fc9bfdc0fa78527273c1e356a9382ddedf0db;hpb=7db94a5175b28a4e923a25d7d396f622ade42229;p=dak.git diff --git a/dak/transitions.py b/dak/transitions.py index 2a4fc9bf..e7cb99e8 100755 --- a/dak/transitions.py +++ b/dak/transitions.py @@ -23,7 +23,7 @@ ################################################################################ -import os, pg, sys, time, errno, fcntl, tempfile, pwd +import os, pg, sys, time, errno, fcntl, tempfile, pwd, re import apt_pkg import daklib.database import daklib.utils @@ -34,8 +34,13 @@ Cnf = None Options = None projectB = None +re_broken_package = re.compile(r"[a-zA-Z]\w+\s+\-.*") + ################################################################################ +##################################### +#### This may run within sudo !! #### +##################################### def init(): global Cnf, Options, projectB @@ -90,6 +95,9 @@ Options: ################################################################################ +##################################### +#### This may run within sudo !! #### +##################################### def load_transitions(trans_file): # Parse the yaml file sourcefile = file(trans_file, 'r') @@ -104,42 +112,66 @@ def load_transitions(trans_file): # lets do further validation here checkkeys = ["source", "reason", "packages", "new", "rm"] - for test in trans: - t = trans[test] - - # First check if we know all the keys for the transition and if they have - # the right type (and for the packages also if the list has the right types - # included, ie. not a list in list, but only str in the list) - for key in t: - if key not in checkkeys: - print "ERROR: Unknown key %s in transition %s" % (key, test) - failure = True - - if key == "packages": - if type(t[key]) != list: - print "ERROR: Unknown type %s for packages in transition %s." % (type(t[key]), test) - failure = True - try: - for package in t["packages"]: - if type(package) != str: - print "ERROR: Packages list contains invalid type %s (as %s) in transition %s" % (type(package), package, test) - failure = True - except TypeError: - # In case someone has an empty packages list - print "ERROR: No packages defined in transition %s" % (test) - failure = True - continue + # If we get an empty definition - we just have nothing to check, no transitions defined + if type(trans) != dict: + # This can be anything. We could have no transitions defined. Or someone totally fucked up the + # file, adding stuff in a way we dont know or want. Then we set it empty - and simply have no + # transitions anymore. User will see it in the information display after he quit the editor and + # could fix it + trans = "" + return trans - elif type(t[key]) != str: - print "ERROR: Unknown type %s for key %s in transition %s" % (type(t[key]), key, test) - failure = True + try: + for test in trans: + t = trans[test] + + # First check if we know all the keys for the transition and if they have + # the right type (and for the packages also if the list has the right types + # included, ie. not a list in list, but only str in the list) + for key in t: + if key not in checkkeys: + print "ERROR: Unknown key %s in transition %s" % (key, test) + failure = True + + if key == "packages": + if type(t[key]) != list: + print "ERROR: Unknown type %s for packages in transition %s." % (type(t[key]), test) + failure = True + try: + for package in t["packages"]: + if type(package) != str: + print "ERROR: Packages list contains invalid type %s (as %s) in transition %s" % (type(package), package, test) + failure = True + if re_broken_package.match(package): + # Someone had a space too much (or not enough), we have something looking like + # "package1 - package2" now. + print "ERROR: Invalid indentation of package list in transition %s, around package(s): %s" % (test, package) + failure = True + except TypeError: + # In case someone has an empty packages list + print "ERROR: No packages defined in transition %s" % (test) + failure = True + continue + + elif type(t[key]) != str: + if key == "new" and type(t[key]) == int: + # Ok, debian native version + continue + else: + print "ERROR: Unknown type %s for key %s in transition %s" % (type(t[key]), key, test) + failure = True + + # And now the other way round - are all our keys defined? + for key in checkkeys: + if key not in t: + print "ERROR: Missing key %s in transition %s" % (key, test) + failure = True + except TypeError: + # In case someone defined very broken things + print "ERROR: Unable to parse the file" + failure = True - # And now the other way round - are all our keys defined? - for key in checkkeys: - if key not in t: - print "ERROR: Missing key %s in transition %s" % (key, test) - failure = True if failure: return None @@ -148,6 +180,9 @@ def load_transitions(trans_file): ################################################################################ +##################################### +#### This may run within sudo !! #### +##################################### def lock_file(file): for retry in range(10): lock_fd = os.open(file, os.O_RDWR | os.O_CREAT) @@ -166,6 +201,9 @@ def lock_file(file): ################################################################################ +##################################### +#### This may run within sudo !! #### +##################################### def write_transitions(from_trans): """Update the active transitions file safely. This function takes a parsed input file (which avoids invalid @@ -192,10 +230,18 @@ def write_transitions(from_trans): class ParseException(Exception): pass +########################################## +#### This usually runs within sudo !! #### +########################################## def write_transitions_from_file(from_file): """We have a file we think is valid; if we're using sudo, we invoke it here, otherwise we just parse the file and call write_transitions""" + # Lets check if from_file is in the directory we expect it to be in + if not os.path.abspath(from_file).startswith(Cnf["Transitions::TempPath"]): + print "Will not accept transitions file outside of %s" % (Cnf["Transitions::TempPath"]) + sys.exit(3) + if Options["sudo"]: os.spawnl(os.P_WAIT, "/usr/bin/sudo", "/usr/bin/sudo", "-u", "dak", "-H", "/usr/local/bin/dak", "transitions", "--import", from_file) @@ -212,7 +258,7 @@ def temp_transitions_file(transitions): # We need the chmod, as the file is (most possibly) copied from a # sudo-ed script and would be unreadable if it has default mkstemp mode - (fd, path) = tempfile.mkstemp("","transitions") + (fd, path) = tempfile.mkstemp("", "transitions", Cnf["Transitions::TempPath"]) os.chmod(path, 0644) f = open(path, "w") syck.dump(transitions, f) @@ -385,6 +431,9 @@ def transition_info(transitions): def main(): global Cnf + ##################################### + #### This can run within sudo !! #### + ##################################### init() # Check if there is a file defined (and existant) @@ -396,6 +445,15 @@ def main(): daklib.utils.warn("ReleaseTransitions file, %s, not found." % (Cnf["Dinstall::Reject::ReleaseTransitions"])) sys.exit(1) + # Also check if our temp directory is defined and existant + temppath = Cnf.get("Transitions::TempPath", "") + if temppath == "": + daklib.utils.warn("Transitions::TempPath not defined") + sys.exit(1) + if not os.path.exists(temppath): + daklib.utils.warn("Temporary path %s not found." % + (Cnf["Transitions::TempPath"])) + sys.exit(1) if Options["import"]: try: @@ -404,6 +462,9 @@ def main(): print m sys.exit(2) sys.exit(0) + ############################################## + #### Up to here it can run within sudo !! #### + ############################################## # Parse the yaml file transitions = load_transitions(transpath)