o Pf8@sPddlZddlZddlZddlZddlZddlZddlZddlmZm Z ddl m Z m Z m Z mZmZmZmZmZddl mZddl mZmZddl mZddl mZmZmZddlmZmZmZm Z dd l!m"Z"m#Z#dd l$m%Z%m&Z&m'Z'm(Z(e)Z*e+e,e-Z.d Z/d Z0d e j1dej2dejfddZ3 d8d e j1deej4dej2dejde5f ddZ6 d8d e j1de7de5de5ddf ddZ8 d9d e j1de j9ddfddZ:dd ddd!d e j1d"e7d#e5d$e7de5d%e ee7f d&d'Z;ddd(d e j1d)e e7d*e5fd+d,Zd-e7ddfd.d/Z< d:d-e7d0e ee=ddfd1d2Z>d e j1fd3d4Z?d e j1d5e7fd6d7Z@dS);N)ListOptional)apicloudsconfigcontract entitlements event_logger exceptions livepatch)log)messagessecret_manager)status)systemtimerutil)APPARMOR_PROFILESCLOUD_BUILD_INFODEFAULT_CONFIG_FILEDEFAULT_LOG_PREFIX) machine_tokennotices)AttachmentDataattachment_data_filemachine_id_filetimer_jobs_state_file)zapt-news.servicezesm-cache.servicezua-timer.servicezua-timer.timerzua-auto-attach.pathzua-auto-attach.servicezua-reboot-cmds.servicezubuntu-advantage.service cfgcontract_client attached_atcCs<ddlm}tt|dtj|d|||dS)Nrupdate_motd_messagesr r)uaclient.timer.update_messagingr"rwriter ua_statusrupdate_activity_token)rrr r"r)2/usr/lib/python3/dist-packages/uaclient/actions.py_handle_partial_attach8s   r+Fservices_to_be_enabledsilentc CsDd}g}g}z'|D]"}t||j|j|d\} } || M}| s$||jq tj|jdq WnJtjyH} zt|jt |||| d} ~ wtj yY||jd}Ynt yw} zd}||j|| WYd} ~ nd} ~ ww|st |||t ||rtj ddt||Ddtjdd|DddS) NT)rnamevariantr-)serviceFcSs,g|]\}}|tjjt|tdfqS)) error_msglog_path)r UNEXPECTED_ERRORformatstrpro_logget_user_or_root_log_file_path).0r. exceptionr)r)r* qsz,_enable_default_services..)failed_servicescSsg|]}|tjfqSr))r !E_ATTACH_FAILURE_DEFAULT_SERVICES)r8r.r)r)r*r:s)enable_entitlement_by_namer.r/appendeventservice_processedr ConnectivityErrorservice_failedr+UbuntuProError Exceptionservices_failedAttachFailureUnknownErrorzipAttachFailureDefaultServices) rr,rr r-retr;unexpected_errorsenable_by_default_serviceent_retreasonexcer)r)r*_enable_default_servicesEs^       rPtoken allow_enablereturnc Csddlm}ddlm}tj|t|}t |}t j j t j jd}|j||d} tj} | didi} tdd | d gD} | d id id d} | rvt| }| | krjtj|j|jdtjtjj|j|jd|| z||Wntjy}z| |d}~wwtj!"| didt!|}t#||rt $||%}t&|||||dt't(|d||t)*dS)aC Common functionality to take a token and attach via contract backend :raise ConnectivityError: On unexpected connectivity issues to contract server or inability to access identity doc from metadata service. :raise ContractAPIError: On unexpected errors when talking to the contract server. r)+check_entitlement_apt_directives_are_uniquer!)tz)contract_token attachment_dtmachineTokenInfo contractInfocss,|]}|ddkr|d|fVqdS)typesupportN)get)r8rOr)r)r* s z$attach_with_token..resourceEntitlementsr[ affordances onlySeriesN)releaseseries_codename machineId)rr,rr r-r#)+uaclient.entitlementsrTr%r"rsecrets add_secretrget_machine_token_filerUAContractClientdatetimenowtimezoneutcadd_contract_machinerget_release_infoseriesr\dictget_distro_infor AttachFailureRestrictedReleaserarbraddNoticeLIMITED_TO_RELEASEr&%EntitlementsAPTDirectivesAreNotUniquedeleteget_machine_id cache_clearrget_enabled_by_default_servicesrrPrrrstart)rrQrRr-rTr"machine_token_filerr new_machine_tokencurrent_seriesrYsupport_resource only_seriesallowed_releaserO machine_idr,r)r)r*attach_with_tokensv                rTcloudcCs0t|}|j|d}|d}t|||ddS)a\ :raise ConnectivityError: On unexpected connectivity issues to contract server or inability to access identity doc from metadata service. :raise ContractAPIError: On unexpected errors when talking to the contract server. :raise NonAutoAttachImageError: If this cloud type does not have auto-attach support. )instance contractToken)rQrRN)rrh%get_contract_token_for_cloud_instancer)rrrRr tokenResponserQr)r)r* auto_attachs r) access_onlyr/r- extra_argsr.rr/rc Csftj|||||d}|sttjj|jd|t \}}|r/|s/ttj j|jd||fS)z Constructs an entitlement based on the name provided. Passes kwargs onto the entitlement constructor. :raise EntitlementNotFoundError: If no entitlement with the given name is found, then raises this error. )rr.r/rr)title) rentitlement_factoryr?infor ENABLING_TMPLr4renablerProgressWrapper ENABLED_TMPL) rr.rr/r-r entitlementrLrMr)r)r*r=sr=)simulate_with_tokenshow_allrrcCs:|rtj|||d\}}||fStj||d}d}||fS)z6 Construct the current Pro status dictionary. )rrQrrrr)r'simulate_statusr)rrrrrIr)r)r*rs   rfilenamec Csgd}d}d}z t|\}}Wn'tjy8}ztdt|td|t|WYd}~dSd}~ww|r[g}| dD] }t ||rO| |qBt|d |dSdS)z Helper which gets ubuntu_pro apparmor logs from the kernel from the last day and writes them to the specified filename. ) journalctlz-bz-kz--since=1 day agoz7apparmor=\".*(profile=\"ubuntu_pro_|name=\"ubuntu_pro_)Nz!Failed to collect kernel logs: %s{}-error )rsubpr ProcessExecutionErrorLOGwarningr5 write_filer4splitresearchr>join)rcmd apparmor_re kernel_logs_rO apparmor_logs kernel_liner)r)r*_write_apparmor_logs_to_file)s$$  r return_codesc Csrz tj||d\}}Wntjy,}ztd|t|WYd}~dSd}~wwt|d||dS)zCHelper which runs a command and writes output or error to filename.)rcsrNzstdout: {} stderr: {})rrrr rrr4r5)rrrouterrrOr)r)r*_write_command_output_to_fileBs$ rcs,jptjtjjtgfddtjDS)Nc3s(|]}t|tjjr|jVqdSN) issubclassrrepoRepoEntitlement repo_file)r8entitlement_clsr$r)r*r]Ws  z#_get_state_files..) cfg_pathrlog_filerua_filepathrrENTITLEMENT_CLASSESr$r)r$r*_get_state_filesPs r output_dirc Cstdd|tdtjd|tdd|tdd|td d d d tDd |tD]}td|d||ddgdq9t|dd\}}td|t j |t j dt }td|t |t|}t rtdtntg}t|D]7\}} zt t| } ttj|d|| Wqty} ztd| t| WYd} ~ qd} ~ ww|ttdD]K} tj| rzt| } Wnty} ztd| t| WYd} ~ qd} ~ wwt | } t r t| | ttj|tj | | qt!d|t"D]1} tj| rRz t#$| |Wq"tyQ} ztd| t| WYd} ~ q"d} ~ wwq"dS)zG Write all relevant Ubuntu Pro logs to the specified directory zcloud-idz{}/cloud-id.txtz {} statusz{}/livepatch-status.txtzsystemctl list-timers --allz{}/systemd-timers.txtzujournalctl --boot=0 -o short-precise -u cloud-init-local.service -u cloud-init-config.service -u cloud-config.servicez{}/cloud-init-journal.txtzjournalctl -o short-precise {} cSsg|] }d|vrd|qS)z.servicez-u {})r4)r8sr)r)r*r:zsz collect_logs..z{}/pro-journal.txtzsystemctl status {}z {}/{}.txtr)rFrz{}/pro-status.json)clsz{}/environment_vars.jsonNz user{}.logz&Failed to collect user log file: %s %s*zFailed to load file: %s %sz{}/apparmor_logs.txtzFailed to copy file: %s %s)%rr4r LIVEPATCH_CMDr UA_SERVICESrrrjsondumpsrDatetimeAwareJSONEncoderget_pro_environmentrwe_are_currently_rootr6get_all_user_log_filesUSER_LOG_COLLECTED_LIMITget_user_log_file enumerateredact_sensitive_logs load_fileosrrDrrr5globrisfilebasenamerrshutilcopy) rrr0 pro_statusrenv_vars state_filesuser_log_files log_file_idxrcontentrOfr)r)r* collect_logs_s          r)F)Tr)Arirrloggingrrrtypingrruaclientrrrrrr r r r r6r rrr'rrruaclient.defaultsrrrruaclient.filesrruaclient.files.state_filesrrrrget_event_loggerr? getLoggerreplace_top_level_logger_name__name__rrrUAConfigrhr+EnableByDefaultServiceboolrPr5rAutoAttachCloudInstancerr=rintrrrr)r)r)r*s(     F V   %