From 6bb9fc6357377882076bfcb135a6d56c47f60bb2 Mon Sep 17 00:00:00 2001
From: Narayan Desai <desai@mcs.anl.gov>
Date: Fri, 9 Dec 2005 03:06:18 +0000
Subject: begin client hardening

git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@1617 ce84e21b-d406-0410-9b95-82705330c041
---
 src/lib/Client/Debian.py  | 17 +++++++++--------
 src/lib/Client/Redhat.py  |  2 +-
 src/lib/Client/Solaris.py |  2 +-
 src/lib/Client/Toolset.py | 12 +++++++++---
 4 files changed, 20 insertions(+), 13 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/Client/Debian.py b/src/lib/Client/Debian.py
index a7960571f..35b398ffd 100644
--- a/src/lib/Client/Debian.py
+++ b/src/lib/Client/Debian.py
@@ -9,13 +9,13 @@ import apt_pkg
 
 from Bcfg2.Client.Toolset import Toolset, saferun
 
-class Debian(Toolset):
+class ToolsetImpl(Toolset):
     '''The Debian toolset implements package and service operations and inherits
     the rest from Toolset.Toolset'''
     __important__ = ["/etc/apt/sources.list", "/var/cache/debconf/config.dat", \
                      "/var/cache/debconf/templates.dat", '/etc/passwd', '/etc/group', \
                      '/etc/apt/apt.conf']
-    pkgtool = {'deb':('DEBIAN_FRONTEND=noninteractive apt-get --reinstall -q=2 --force-yes -y install %s',
+    pkgtool = {'deb':('DEBIAN_FRONTEND=noninteractive apt-get --reinstall -q=2 --force-yes -y install %s >/dev/null 2>&1',
                       ('%s=%s', ['name', 'version']))}
     svcre = regcompile("/etc/.*/[SK]\d\d(?P<name>\S+)")
 
@@ -23,11 +23,11 @@ class Debian(Toolset):
         Toolset.__init__(self, cfg, setup)
         self.cfg = cfg
         environ["DEBIAN_FRONTEND"] = 'noninteractive'
-        system("dpkg --force-confold --configure -a")
+        system("dpkg --force-confold --configure -a > /dev/null 2>&1")
         if not self.setup['build']:
-            system("dpkg-reconfigure -f noninteractive debconf < /dev/null")
-        system("apt-get clean")
-        system("apt-get -q=2 -y update")
+            system("dpkg-reconfigure -f noninteractive debconf < /dev/null > /dev/null 2>&1")
+        system("apt-get clean > /dev/null 2>&1")
+        system("apt-get -q=2 -y update > /dev/null 2>&1")
         self.installed = {}
         self.pkgwork = {'add':[], 'update':[], 'remove':[]}
         for pkg in [cpkg for cpkg in self.cfg.findall(".//Package") if not cpkg.attrib.has_key('type')]:
@@ -75,12 +75,13 @@ class Debian(Toolset):
                 print "Disabling service %s" % (entry.get('name'))
             else:
                 system("/etc/init.d/%s stop > /dev/null 2>&1" % (entry.get('name')))
-                cmdrc = system("update-rc.d -f %s remove" % entry.get('name'))
+                cmdrc = system("/usr/sbin/update-rc.d -f %s remove > /dev/null 2>&1" %
+                               entry.get('name'))
         else:
             if self.setup['dryrun']:
                 print "Enabling service %s" % (entry.attrib['name'])
             else:
-                cmdrc = system("update-rc.d %s defaults" % (entry.attrib['name']))
+                cmdrc = system("/usr/sbin/update-rc.d %s defaults > /dev/null 2>&1" % (entry.attrib['name']))
         if cmdrc:
             return False
         return True
diff --git a/src/lib/Client/Redhat.py b/src/lib/Client/Redhat.py
index 4e83a15c8..57f1a17ba 100644
--- a/src/lib/Client/Redhat.py
+++ b/src/lib/Client/Redhat.py
@@ -8,7 +8,7 @@ from os import popen, system
 
 from Bcfg2.Client.Toolset import Toolset, saferun
 
-class Redhat(Toolset):
+class ToolsetImpl(Toolset):
     '''This class implelements support for rpm packages and standard chkconfig services'''
     pkgtool = {'rpm':("rpm --oldpackage --replacepkgs --quiet -U %s", ("%s", ["url"]))}
 
diff --git a/src/lib/Client/Solaris.py b/src/lib/Client/Solaris.py
index ef4e3d946..a02df4cce 100644
--- a/src/lib/Client/Solaris.py
+++ b/src/lib/Client/Solaris.py
@@ -23,7 +23,7 @@ action=nocheck
 basedir=default
 '''
 
-class Solaris(Toolset):
+class ToolsetImpl(Toolset):
     '''This class implelements support for SYSV/blastware/encap packages
     and standard SMF services'''
     pkgtool = {'sysv':("/usr/sbin/pkgadd %s -d %%s -n all", ("%s", ["url"])),
diff --git a/src/lib/Client/Toolset.py b/src/lib/Client/Toolset.py
index dd1c17be4..32deea99b 100644
--- a/src/lib/Client/Toolset.py
+++ b/src/lib/Client/Toolset.py
@@ -366,7 +366,10 @@ class Toolset(object):
                     except OSError:
                         return False
                 except OSError:
-                    mkdir(current)
+                    try:
+                        mkdir(current)
+                    except OSError:
+                        return False
 
         # If we get here, then the parent directory should exist
         try:
@@ -386,8 +389,11 @@ class Toolset(object):
                 system("cp %s /var/cache/bcfg2/%s" % (entry.get('name')))
             rename(newfile.name, entry.get('name'))
             return True
-        except (OSError, IOError), errmsg:
-            print errmsg
+        except (OSError, IOError), err:
+            if err.errno == 13:
+                self.CondPrint('verbose', "Failed to open %s for writing" % (entry.get('name')))
+            else:
+                print err
             return False
 
     def VerifyPackage(self, entry, modlist):
-- 
cgit v1.2.3-1-g7c22