p fzddlZddlZddlZddlZddlZddlZddlZddlZddlZddl Z ddl Z ddl Z ddl Z ddl Z ddlZddlZddl mZddlZddlmZddlmZddlmZddlmZddlmZddlmZdd lmZmZdd lmZdd l m!Z!dd l"m#Z#m$Z$m%Z%dd l&m'Z'ddgZ( e jRdZ*e!dZ+dZ,dZ-dZ.dZ/dZ0dZ1dZ2dZ3dZ4e jRdZ5e jRdZ6da7dZ8dZ9e jRd e jtZ;d!Zd$Z?e jRd%Z@d&ZAd'ZBGd(d)eCZDy)*Ngetpwall)conf)logger)fileutil) shellutil)textutil) OSUtilError)ustrarray_to_bytes) CryptUtil)FlexibleVersion) RouteEntryNetworkInterfaceCardAddFirewallRules) CommandErrorz3/lib/udev/rules.d/75-persistent-net-generator.rulesz)/etc/udev/rules.d/70-persistent-net.rulesz^[^\d\.]*([\d\.]+).*$z1.4.21c.|r|jdd|S)zY If 'wait' is True, adds the wait option (-w) to the given iptables command line -w)insert)waitcommands G/usr/lib/python3/dist-packages/azurelinuxagent/common/osutil/default.py _add_waitrAs q$ Nc ddgS)Niptablesz --versionrrrget_iptables_version_commandrJs  $$rct|gdS)N)r-tsecurity-L-nxvrrs rget_firewall_list_commandr'Ns TG HHrct|gdS)N)rr!r"r#OUTPUTz--zeror)r$r%r&s rget_firewall_packets_commandr*Rs Te ffrcTt|dddtjdd|dddd d d d d gS)Nrr!r"r)-d-ptcp-m conntrack --ctstate INVALID,NEW-jACCEPTrrDELETE_COMMANDr destinations r,get_firewall_delete_conntrack_accept_commandr9XsO T $ 4D4S4SU]_ceprvx}@DFQ!=$B CCrcNtjtj||S)Nr&)rget_accept_tcp_ruler6r7s rget_delete_accept_tcp_ruler<^s  / /0@0O0OQ\cg hhrcft|dddtjdd|dddd d t|d d gS) Nrr!r"r)r,r-r.r/ownerz --uid-ownerr3r4)rrr6str)rr8 owner_uids r(get_firewall_delete_owner_accept_commandrAbsV TJj:J:Y:Y[ceikvx|DFJLS)3y>4K LLrcTt|dddtjdd|dddd d d d d gS)Nrr!r"r)r,r-r.r/r0r1r2r3DROPr5r7s r*get_firewall_delete_conntrack_drop_commandrDgsO T $ 4D4S4SU]_ceprvx}@DFQ!=$@ AArz'^\s*(\d+)\s+(\d+)\s+DROP\s+.*{0}[^\d]*$z^cpu .*z^Mem.*Tzdmidecode --string system-uuidz/sys/class/dmi/id/product_uuidz5^\s*[A-F0-9]{8}(?:\-[A-F0-9]{4}){3}\-[A-F0-9]{12}\s*$iii'z^\d+:\s+(\w+):\s+(.*)$z/sys/bus/vmbus/devices/z$f8b3781a-1e82-4818-a1c3-63d806ec15bbceZdZdZedZedZedZdhdZdZ dZ d Z d Z d Z dhd Zed ZdZdZdZedZdZdidZdjdZdZdkdZdZedZdZdZdZdZdZdZ dZ!dld Z" dmd!Z#dnd"Z$dod#Z%d$Z&d%Z'dpd&Z(dqd'Z)dod(Z*d)Z+dhd*Z,dhd+Z-d,Z.d-Z/ed.Z0d/Z1d0Z2ed1Z3ed2Z4ed3Z5d4Z6d5Z7d6Z8d7Z9ed8Z:d9Z;d:Zd=Z?d>Z@d?ZAd@ZBdAZCdBZDdCZEdDZFdEZGdFZHdGZIdHZJedIZKedhdJZLdKZMdLZNdMZOdrdNZPdOZQdPZRdQZSdRZTedSZUedTZVdUZWdVZXdWZYedXZZdYZ[dZZ\d[Z]d\Z^d]Z_e`d^Zaed_Zbed`ZcedaZddsdbZeedcZfeddZgedodeZhedtdfZiedhdgZjy)u DefaultOSUtilcfd|_d|_d|_d|_|j |_y)Nz/etc/waagent.confF)agent_conf_file_pathselinuxdisable_route_warning jit_enabledget_service_name service_nameselfs r__init__zDefaultOSUtil.__init__s2$7! %*"  113rcy)NwaagentrrrrrMzDefaultOSUtil.get_service_namesrcy)Nz/lib/systemd/systemrrrr"get_systemd_unit_file_install_pathz0DefaultOSUtil.get_systemd_unit_file_install_paths$rcy)Nz /usr/sbinrrrrget_agent_bin_pathz DefaultOSUtil.get_agent_bin_pathsrNctsy |j} tjt |}t j tj|}|jdD]1}|j|}|t|jdcS y#t$r\}t|tr#|j dk(s|j dk(rYd}~yt#j$dt'|Yd}~yd}~wwxYw#t$r9}dat#j$d jt'|Yd}~yd}~wwxYw) Nr rz#Failed to get firewall packets: {0}Fz.Unable to retrieve firewall packets dropped{0})_enable_firewallget_firewall_will_waitr run_commandr*recompilePACKET_PATTERNformatsplitmatchintgroup Exception isinstancer returncoderwarnr )rPdst_iproutputpatternlinemes rget_firewall_dropped_packetsz*DefaultOSUtil.get_firewall_dropped_packetss  ..0D "../KD/QR**^%:%:6%BC"LL./D d+A}"1771:./ a.ALLA4EYZIZ A47K  $  KK$fT!Wo /  sSDA-B'B'$B'' D 0.DD#DDD  D E/E  Ec tjt}tj|}|1dj |}t j|t|t|jdtk\rd}|Sd}|S#t$r?}dj t |}t j|t|d}~wwxYw)Nz,Unable to determine version of iptables: {0}z0iptables did not return version information: {0}rr) rr_rrhrcr rrk_IPTABLES_VERSION_PATTERNrerrg_IPTABLES_LOCKING_VERSION)rPrmrqmsgrprs rr^z$DefaultOSUtil.get_firewall_will_waits !**+G+IJF & + +F 3 9DKKFSC KK C. qwwqz*.GG    !@GGQPC KK C.  !sB C:CCctddD]} tj|}y#t$rH}|jdk(rYd}~y|jdk(rt dj |Yd}~hd}~wwxYw)z Continually execute the delete operation until the return code is non-zero or the limit has been reached. rdNz$invalid firewall deletion rule '{0}')rangerr_rrjrhrc)rPruleircrqs r _delete_rulezDefaultOSUtil._delete_rules} q# YA Y**40 Y  Y<<1$<<1$#$J$Q$QRV$WXX% Ys) A:A5)A55A:cxtsy |jt|||jt|||jt ||||jt ||y#t $r9}datjdjt|Yd}~yd}~wwxYw)NFTzBUnable to remove firewall -- no further attempts will be made: {0}) r]rr9r<rArDrhrinforcr )rPrluidrrqs rremove_firewallzDefaultOSUtil.remove_firewalls     J4QWX Y   8vF G   FtVUXY Z   HvV W $  KK$fT!Wo /  sA-A77 B9/B44B9c |j}|jt||y#t$r7}t j dj t|Yd}~yd}~wwxYw)NzNUnable to remove legacy firewall rule, won't try removing it again. Error: {0})r^rr9rhrrrcr )rPrlrerrors rremove_legacy_firewall_rulez)DefaultOSUtil.remove_legacy_firewall_rulesi v..0D   J4QWX Y v KK`gghlmrhst v v vs+. A.-A))A.cTd}tsd|fS |j} tj|||s,|j |||tj |||d}d|fS#t $rD}|jdk(r+|j |||d}tj|Yd}~Ld}~wt$r$}tjt|d}~wwxYw#t$r=}datjdjt|d|fcYd}~Sd}~wwxYw)aK It checks if every iptable rule exists and add them if not present. It returns a tuple(enable firewall success status, update rules flag) enable firewall success status: Returns True if every firewall rule exists otherwise False update rules flag: Returns True if rules are updated otherwise False FTrzz@please upgrade iptables to a version that supports the -C optionNzEUnable to establish firewall -- no further attempts will be made: {0})r]r^rverify_iptables_rules_existradd_iptables_rulesrrjrrkrhr rrc)rPrlris_firewall_rules_updatedrrqrwrs renable_firewallzDefaultOSUtil.enable_firewalls(%*! 33 3 4..0D 'CCD&RUV((d;$77fcJ04-22 2  <<1$((d;\CKK$ %   DK(   4$  KK$fT!Wo /33 3  4sSC!AA&"C!& C/:B.)C!. C:CCC!! D'*2D"D'"D'c ||j}tjt|}|S#t$r7}t j djt|Yd}~yd}~wwxYw)Nz"Listing firewall rules failed: {0}rt) r^rr_r'rhrrkrcr )rPrrmrqs rget_firewall_listzDefaultOSUtil.get_firewall_list-sd |224**+DT+JKFM  KK<CCDGL M s14 A4-A//A4ctj|s|S|jd}djt j |ddt j |ddt j |dd|d|dgS)a Azure stores the instance ID with an incorrect byte ordering for the first parts. For example, the ID returned by the metadata service: D0DF4C54-4ECB-4A4B-9954-5BDF3ED5C3B8 will be found as: 544CDFD0-CB4E-4B4A-9954-5BDF3ED5C3B8 This code corrects the byte order such that it is consistent with that returned by the metadata service. -rrz)widthrrZr[) UUID_PATTERNrerdjoinr swap_hexstring) instance_idpartss r_correct_instance_idz"DefaultOSUtil._correct_instance_id7s !!+. !!#&xx  # #E!HA 6  # #E!HA 6  # #E!HA 6 !H !H    rcX|j}tjdj|tjdj||j |j k(xs0|j |j |j k(S)z Compare two instance IDs for equality, but allow that some IDs may have been persisted using the incorrect byte ordering. zcurrent instance id: {0}z former instance id: {0})get_instance_idrverboserclowerr)rPid_thatid_thiss ris_current_instance_idz$DefaultOSUtil.is_current_instance_idSs &&(188AB188AB}}'--/1M}}$";";G"D"J"J"LL Mrc|jSN)rIrOs rget_agent_conf_file_pathz&DefaultOSUtil.get_agent_conf_file_path^s(((rcDtjjtr(t j tj }n7tjt\}}|dk7stj|y|j|j S)z Azure records a UUID as the instance ID First check /sys/class/dmi/id/product_uuid. If that is missing, then extracts from dmidecode If nothing works (for old VMs), return the empty string rrt) ospathisfilePRODUCT_ID_FILEr read_filestriprrun_get_output DMIDECODE_CMDrrer)rPsr~s rrzDefaultOSUtil.get_instance_idast 77>>/ *""?399;A,,];EBQw,,,Q/7((33rcL tj|S#t$rYywxYwr)pwdgetpwnamKeyError)usernames r get_userentryzDefaultOSUtil.get_userentryrs( <<) )  s  ##ctjry|j|}d} tjdd}|t |j d}|dk(rd}|dk7r |d|kryy#t$r }Yd}~$d}~wwxYw) z Check whether use is a system user. If reset sys user is allowed in conf, return False Otherwise, check whether UID is less than UID_MIN FNUID_MINz/etc/login.defsrryrzT)rget_allow_reset_sys_userrrget_line_startingwithrfrdIOError)rPr userentryuidmin uidmin_defrqs r is_sys_userzDefaultOSUtil.is_sys_userys  ( ( *&&x0  !77 8IKJ%Z--/23 T>F  1!6   s4A44 BBc|j|}|tjd|y|dd|d|g}ndd|g}||jd|g|j |dj |y) z5 Create user account with 'username' Nz%User {0} already exists, skip useradduseraddr/z-ez-cz!Failed to create user account:{0}err_msg)rrrextend _run_command_raising_OSUtilErrorrc)rPr expirationcommentrcmds rrzDefaultOSUtil.useradds&&x0  KK? J   !dHdJ?CdH-C   JJg ' --c;^;e;efn;o-prc|j|rtdj|tj|||}|j dd||gdj|y)Nz1User {0} is a system user, will not set password.usermodr-zFailed to set password for {0}r)rr rcr gen_password_hashr)rPrpasswordcrypt_idsalt_len passwd_hashs rchpasswdzDefaultOSUtil.chpasswdsp   H % 89?9IK K008XN  --y$ X.V6V6]6]^f6g . irctSrrrOs r get_userszDefaultOSUtil.get_userss zrctj}tjj |d}|s$tjj |skt j|tjj |tjd}dj|}t j||d}|rdj|}ndj|}tjj|rt j||dur%t j|dj|t j|dytjj|ra t j|} | jd } | D cgc] } || vs|  } } t j |d j | yycc} w#t"$r} t%d j| d} ~ wwxYw) NrSsudoersz #includedir {0} z{0} ALL=(ALL) NOPASSWD: ALLz{0} ALL=(ALL) ALLFz{0} i rYzFailed to remove sudoer: {0})rget_sudoers_dirrrrisdirrmkdirpardirrc append_filerfindstr_in_filechmodrrd write_filerr ) rPrnopasswdremove sudoers_dirsudoers_wagent sudoers_fileinclude_sudoers_dirsudoercontentrxrqs r conf_sudoerzDefaultOSUtil.conf_sudoers**, k9=77==-{+!ww||KIN &;&B&B;&O#$$\3FGF6==hG,33H=77>>.1,,^VDM$$^W^^F5KL NN>5 1ww~~n-P&00@G%mmD1G*1GQXQ5FqGGG'' '8JK .HP%&D&K&KA&NOOPs0<*G"& G0G4'G"G"" H +HH c tj}tj|}|j d}|Dcgc]}|j dr|}}|j ddtj|dj|ycc}w#t$r}tdj|d}~wwxYw)NrYzroot:rzroot:*LOCK*:14600::::::z"Failed to delete root password:{0}) rget_passwd_file_pathrrrd startswithrrrrr rc)rPpasswd_file_pathpasswd_contentpasswdr new_passwdrqs rdel_root_passwordzDefaultOSUtil.del_root_passwords N#88: %//0@AN#))$/F%+I1<<3H!IJI   a!: ;    0$))J2G HJ NBII!LM M Ns/>BBB9BB C#B==Cctj}tjj |j d|}|S)Nz$HOME)r get_home_dirrrnormpathreplace)filepathhomers r _norm_pathzDefaultOSUtil._norm_paths6  "ww 0 0$ ?@ rc|\}}|j|}tjj|}t j |d|t j}tjj||dz}tjj|stdj|tj|||dz}tt j} | j!|} t j"|| |j%|d|j%|dtj&|dtj&|dy ) z. Deploy id_rsa and id_rsa.pub moder>z.prvzCan't find {0}.prv.pub#unconfined_u:object_r:ssh_home_t:s0N)rrrdirnamerrr get_lib_dirrrr rcshutilcopyfiler get_openssl_cmdget_pubkey_from_prvrset_selinux_contextr) rPrkeypairr thumbprintdir_pathlib_dirprv_pathpub_path crytputilpubs rdeploy_ssh_keypairz DefaultOSUtil.deploy_ssh_keypairs#jt$77??4(xe8<""$77<<f)<=ww~~h'299*EF F$'&=d2245 ++H5Hc*   +PQ   'LM u 5!rcbttj}|j||yr)r rr crt_to_ssh)rP input_file output_file cryptutils ropenssl_to_opensshz DefaultOSUtil.openssl_to_opensshs%d2245 Z5rc*|\}}}| tdttj}|j |}t j j|}tj|d||Y|jdstdj||jds|dz }tj||n|tj}t j j||dz} t j j!| std j|t j j||d z} |j#| } tj| | |j%| d |j'| |tj(| d n td |j%|d tj*||tj(|dy)z' Deploy authorized_key NzPublic key path is Nonerrzssh-zBad public key: {0}rYz.crtzCan't find {0}.crtrrrz-SSH public key Fingerprint and Value are Noner)r r rrrrrrrrrrcendswithrrrrget_pubkey_from_crtrr rchowner) rPrpubkeyrrvaluerrrcrt_pathrrs rdeploy_ssh_pubkeyzDefaultOSUtil.deploy_ssh_pubkeys#)j% <78 8d2245 t$77??4(xe8<  ##F+!"7">">u"EFF>>$'    e ,  #&&(Gww||GZ&-@AH77>>(+!"6"="=j"IJJww||GZ&-@AH//9C   # .  $ $X%J L  # #Hd 3 NN8U +MN N   'LMx(tU#rc|jdk(r4tjdddk(rd|_|jSd|_|jS)zX Checks and sets self.selinux = True if SELinux is available on system. Nzwhich getenforceFchk_errrT)rJrrunrOs ris_selinux_systemzDefaultOSUtil.is_selinux_system$sJ <<4 }}/?1D# || % ||rcv|jr)tjdd}|jdSy)zS Calls shell command 'getenforce' and returns True if 'Enforcing'. getenforcer EnforcingF)rrrr)rPrms ris_selinux_enforcingz"DefaultOSUtil.is_selinux_enforcing/s9  ! ! #--l;A>F$$[1 1rc<|jr`tjj|s%t j dj |y tjd||gdyy#tj$r}|jcYd}~Sd}~wwxYw)za Calls shell 'chcon' with 'path' and 'con' context. Returns exit result. zPath does not exist: {0}rchconT log_errorNr) rrrexistsrrrcrr_rrj)rPrconcmd_errs rrz!DefaultOSUtil.set_selinux_context9s  ! ! #77>>$' 7>>tDE *%%wT&:dK $)) *))) *sA22B BBBc|rdnd}tj}tj|j d}t j |d|t j |d|t j |dttjtj|dj|tjdj|rdnd tjd y) NnoyesrYPasswordAuthenticationChallengeResponseAuthenticationClientAliveIntervalz.{0} SSH password-based authentication methods.DisabledEnabledz8Configured SSH client probing to keep connections alive.)rget_sshd_conf_file_pathrrrdr set_ssh_configr?get_ssh_client_alive_intervalrrrrrc)rPdisable_passwordoptionconf_file_path conf_files r conf_sshdzDefaultOSUtil.conf_sshdIs)u557&&~6<rget_dvd_mount_pointrrget_mount_pointrrrrrmakedirsr{r@rktimesleepr ) rP max_retryr dvd_device mount_point sleep_time mount_listexistingerrretry return_codes r mount_dvdzDefaultOSUtil.mount_dvd`s+  ,,.J  224K--g6q9 '' J?   KK7X N ww}}[) KK $1i( +E#zz**51W27 * 9 Ka 67 KM  9$JJz* + :#F F rc|tj}|j||}|r |dk7rtdj |yy)Nrrz#Failed to unmount dvd device at {0})rrCumountr rc)rPrrJrPs r umount_dvdzDefaultOSUtil.umount_dvdsP  224Kkk+wk? {a'CJJ;WX X(7rcl|j}|jddd}d}tj||ry t j d|gy#tj $rH}|rrsplitr`searchrr_rrcrjstdoutstderrr )rPrr<r;rnr%rws r eject_dvdzDefaultOSUtil.eject_dvds!!#jja # 99Wc "  '  ! !7C. 1%% 'TVG..O"#&&  'sAB3+>B..B3c |jy#t$r.}tjdj |Yd}~yd}~wwxYw)Nz Could not load ATAPI driver: {0})load_atapiix_modrhrrkrc)rPrqs rtry_load_atapiix_modz"DefaultOSUtil.try_load_atapiix_modsA F  ! ! # F KK:AA!D E E Fs A $AA c|jrytjd\}}|dk7r tdtj j d|jdd}tj j|stdj|tjd|z\}}|dk7r td |jd s td y) Nzuname -rrzFailed to call uname -rz /lib/modulesrYzkernel/drivers/ata/ata_piix.kozCan't find module file:{0}zinsmod z,Error calling insmod for ATAPI CD-ROM driverrZ)rHz"Failed to load ATAPI CD-ROM driver) is_atapiix_mod_loadedrrrhrrrrrrc)rPret kern_versionmod_pathrms rr^zDefaultOSUtil.load_atapiix_mods  % % ' %44Z@\ !856 677<< , 2 24 8 @Bww~~h'8??IJ J..y8/CD V !8JK K))A)6@A A7rctd|D]S}tjdd}|dk(rtjdy||dz ks?t j dUy)Nrzlsmod | grep ata_piixFrz2Module driver for ATAPI CD-ROM is already present.Tr)r{rrrrrFrG)rPrHrOrbs rraz#DefaultOSUtil.is_atapiix_mod_loadeds\1i( E-- 7GCax PQy1}$ 1  rc4|sg}dg}|j|||gz tj||}d|fS#tj$rJ}dj ||j |j |j}|j |fcYd}~Sd}~wwxYw)Nr@r!z-[{0}] returned {1}: stdout: {2} stderr: {3}r)rrr_rrcrjrZr[) rPdevicerJr2rrrmr%details rr@zDefaultOSUtil.mountsFi 6V[112 .**3'BF &y %% .GNNsT[TfTf0F%%v- - .s:B ?B BBc tjd|g|y#tj$r}|jcYd}~Sd}~wwxYw)NrSr!r)rr_rrj)rPrJrr%s rrSzDefaultOSUtil.umountsE &  ! !8["9W M%% &%% % &sA AAAc`tjddtjddy)Nz-iptables -D INPUT -p udp --dport 68 -j ACCEPTFrz-iptables -I INPUT -p udp --dport 68 -j ACCEPT)rrrOs rallow_dhcp_broadcastz"DefaultOSUtil.allow_dhcp_broadcasts(  E# % E# %rc|t}tj}|D]}tj|}t j j||}t j j|rt j|t j j|stjd||tj||yNzMove rules file {0} to {1})__RULES_FILES__rrr base_namerrrrrrrkrmove)rP rules_filesrsrc file_namedests rremove_rules_filesz DefaultOSUtil.remove_rules_filess  )K""$ 'C **3/I77<<3Dww~~d# $ww~~c" 8)TJ C& 'rc|t}tj}|D]}tj|}t j j||}t j j|rXt j j|sxtjd||tj||yrm) rnrrrrorrrrrrkrrp)rPrqrrtfilenamerrs rrestore_rules_filesz!DefaultOSUtil.restore_rules_filess  )K""$ 'D))$/H'',,w1Cww~~d#ww~~c" 8(DI C& 'rcn|j}|j|}tj|S)zg Convenience function, returns mac addr bound to first non-loopback interface. ) get_if_name get_if_macr hexstr_to_bytearray)rPifnameaddrs r get_mac_addrzDefaultOSUtil.get_mac_addrs1 !!#v&++D11rc tjtjtjtj}t j d|dddzj d}tj|jt|}|jdj|ddDcgc]}d tj|zc}Scc}w) z= Return the mac-address bound to the socket. 256sNzlatin-1rtz%02X)socketAF_INET SOCK_DGRAM IPPROTO_UDPstructpackencodefcntlioctlfilenoIOCTL_SIOCGIFHWADDRcloserr str_to_ord)rPr}sockparamrchars rr{zDefaultOSUtil.get_if_macs}}V^^#..#//1 FVCR[J%?$G$G $RS{{4;;=*=uE wwtBr{St!4!4T!::STTSs8CcJtjd}|dk(rd}|Sd}|S)z Return the sizeof struct ifinfo. On 64-bit platforms the size is 40 bytes; on 32-bit platforms the size is 32 bytes. r32bit ()platform architecture) python_arc struct_sizes r_get_struct_ifconf_sizez%DefaultOSUtil._get_struct_ifconf_sizes6 **,Q/ &'1b 8: rc"d}tj}||z}tjdd|z}tjd||j d}t j t jt jt j}tj|jt|}tjd|d}|j||k(rt!j"d|t%|} i} t'd||D]g} | | | t(zj+ddd} t-| dkDs1| j/d} | | vsGt j0| | d z| d z| | <i| S) z Return a dictionary mapping from interface name to IPv4 address. Interfaces without a name are ignored. rEBiLrz9SIOCGIFCONF returned more than {0} up network interfaces.rrr)rGrarrayrr buffer_inforrrrrrrIOCTL_SIOCGIFCONFunpackrrrkr r{IFNAMSIZrdlendecode inet_ntoa)rPexpectedr array_sizebuffrrrbretsize ifconf_buffifacesr}iface iface_names r_get_all_interfacesz!DefaultOSUtil._get_all_interfacesse #;;=  + {{3 23 D*d.>.>.@.CD}}V^^V->->@R@RSkk$++-):EB==s+A. j KK/19 ;%T* q*k2 VA!h,/55eQ?BE5zA~"\\)4 V+)/)9)9+a"fQQSV:T)UF:&  V  rc|j}|j}||vr|||fS|jD]@}|j|rt j dj ||||fcSy)z Return the interface name, and IPv4 addr of the "primary" interface or, failing that, any active non-loopback interface. zChoosing non-primary [{0}])rtrt)get_primary_interfacerkeys is_loopbackrrrc)rPprimaryrrs r get_first_ifzDefaultOSUtil.get_first_if;s ,,.))+ f F7O+ + ++- 6J##J/ 8?? KL!6*#555 6 rc d}i}|d}td|jdD]}|||j<|dz } |d}|d}|d}|d}|d } |d } g} |dd D]U} | jd}t|dkDs#t|||||||| |||| }| j|W| S#t$r+d j |} t j | gcYSwxYw) z Construct a list of network route entries :param list(str) proc_net_route: Route table lines, including headers, containing at least one route :return: List of network route objects :rtype: list(RouteEntry) rct|dkDS)Nr)r)hs rz1DefaultOSUtil._build_route_list..Xss1vzr rIface DestinationGatewayFlagsMetricMaskz=/proc/net/route is missing key information; headers are [{0}]N) filterrdrrrcrrrrappend)proc_net_routeidx column_index header_lineheader idx_ifaceidx_destidx_gw idx_flags idx_metricidx_maskrw route_listentryroute route_objs r_build_route_listzDefaultOSUtil._build_route_listMsJ $Q' 1;3D3DT3JK F+.L ( 1HC  $W-I#M2H!),F$W-I%h/J#F+H  #AB' -EKK%E5zA~&uY'7x%PV-Y^_gYh',Y'7z9JL !!),  -  QXXYdeC LL I sC1C76C7c td5}tttj|j cdddS#1swYgSxYw#t $r*}tjdt|Yd}~gSd}~wwxYw)a  Return a list of strings comprising the route table, including column headers. Each line is stripped of leading or trailing whitespace but is otherwise unmolested. :return: Entries in the text route table :rtype: list(str) /proc/net/routeNzCannot read route table [{0}]) openlistmapr?r readlinesrhrrr ) routing_tablerqs rread_route_tablezDefaultOSUtil.read_route_tableps} C'( GMC =+B+B+DEF G G G   C LL8$q' B B  Cs3 A1A AA AA BBBcg}t|}|dkrtjd|S|dk(rtjd|Stj |}|S)z Construct a list of all network routes known to this system. :param list(str) route_table: List of text entries from route table, including headers :return: a list of network routes :rtype: list(RouteEntry) rz"/proc/net/route is missing headersz"/proc/net/route contains no routes)rrrrGr) route_tablercounts rget_list_of_routesz DefaultOSUtil.get_list_of_routesse K  19 LL= >  aZ LL= >'88EJrc d d d}|jstjdtj } fd}t t |tj|}t|dkDrd}t||}|j}|d }|js{td 5}|j}tjd tjd j|tjd d|_ddd|S|Stjdj|d|_|S#1swY|SxYw)a Get the name of the primary interface, which is the one with the default route attached to it; if there are multiple default routes, the primary has the lowest Metric. :return: the interface which has the default route rz00000000Nz-Examine /proc/net/route for primary interfacec\|jk(xrt|jzk(Sr)r8rfflags)r DEFAULT_DEST RTF_GATEWAYs r is_defaultz7DefaultOSUtil.get_primary_interface..is_defaults-$$ 4fU[[9IK9W[f9f frrc,t|jSr)rfmetric)rs r get_metricz7DefaultOSUtil.get_primary_interface..get_metrics5<<((r)keyrtrzOCould not determine primary interface, please ensure /proc/net/route is correctz Contents of /proc/net/route: {0}z1Primary interface examination will retry silentlyTzPrimary interface is [{0}]F)rKrrrGrrrrrmin interfacerreadrkrc) rPprimary_interfacerr candidatesr primary_routerouting_table_fhrouting_table_textrrs @@rrz#DefaultOSUtil.get_primary_interfacesH !  )) KKG H#446  g&]-M-Mk-Z[\ z?Q  ) ;M - 7 7   $ " --+,60@)9)>)>)@&KK!KLKK C J JK] ^_KK ST15D. 6!    KK4;;(E(Eh(OP,9+>+>t+D(+7.?.F.F #$4$:$:1$=r B #$4$:$:1$=r B #$4$:$:1$=r B #$4$:$:1$=r B /DO5D $ DJ   KK5<|gethostname[(,)]))z/etc/dhcp/dhclient.confz/etc/dhcp3/dhclient.confz/etc/dhclient.confzsend host-namezsend host-name "{0}";)rrrrfindre_in_fileupdate_conf_filerc)rPr\autosenddhclient_filesr4s rset_dhcp_hostnamezDefaultOSUtil.set_dhcp_hostnameseMf' PI77>>),&&y(;  % %i&6&=&D&DX&N P  Prc|dz}td|D]}tjdj|||krdgng}|dk(ryt j dj||||kr:t j dj|tj|t j dy)Nrzifdown {0} && ifup {0})expected_errorsrz&failed to restart {0}: return code {1}zretrying in {0} secondszexceeded restart retries) r{rrrcrrkrrFrG)rPr}retriesr retry_limitattemptrPs r restart_ifzDefaultOSUtil.restart_ifsk Q , 8G#--(@(G(G(Ohoryhybcad@BCKa KK@GGP[\ ]$ 5<>sCI((3G))+A.557H7"##Iw7 J*# 3?rc|rW|rU|jdD]A}tj||s|j}t|dkDr|dcSdcSy)a Example of mountlist: /dev/sda1 on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw,rootcontext="system_u:object_r:tmpfs_t:s0") none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) /dev/sdb1 on /mnt/resource type ext4 (rw) rYrzN)rdr`rYr)rP mountlistrgrtokenss rrDzDefaultOSUtil.get_mount_pointsZ &". BIIfe,"[[]F(+F a6!9ATA  B rc#.KtjjtrntjtD]Q}t j tjjt|d}|jd}||fSyyw)z Enumerate all storage device IDs. Args: None Returns: Iterator[Tuple[str, str]]: VmBus and storage devices. device_idz{} N) rrr#STORAGE_DEVICE_PATHr8rrrr)vmbusdeviceidguids r_enumerate_device_idz"DefaultOSUtil._enumerate_device_idss 77>>- .$78 "#--bggll;NPUWb.cd~~f-Tk! " /sBBc d}tjdj|| tj D]\}}|j |s||k(st jt|zD]\}}}|jd}|ddk(r*||k7s|djdddk(r |d }|ccS|D]:} d| vsd| jdd k(s | jdd }|cccS y#ttf$r+} tjd ||t| Yd} ~ yd} ~ wwxYw) a Search the filesystem for a device by ID or prefix. Args: gen1_device_prefix (str): Gen1 resource disk prefix. gen2_device_id (str): Gen2 resource device ID. Returns: str: The found device. Nz%Searching gen1 prefix {0} or gen2 {1}rVr\block:1rrz(Error getting device for {0} or {1}: {2})rrrcrGrrrwalkr}rdOSErrorrrkr ) gen1_device_prefixgen2_device_idrgr~rrootdirsfilesroot_path_partsdexcs rsearch_for_resource_diskz&DefaultOSUtil.search_for_resource_disksP ;BBCUWefg s,AAC 2 t??#56$.:P-/WW5H55P-Q2)dE*.**S/+2.'9 $ 6 / 3 9 9# >r Bc I%)!WF#)M&*2#&!81773<?0J-.WWS\!_F+1M2!2 20! s KKBDVXfhlmphq r r ss60DA%D D D"D>DD?!D::D?c|dkDryd}|dkDrd}|dz }dj||}tj|t}t j d j||S) z> Return device name attached to ide port 'n'. rZNrr00000001rzz {0}-000{1})rrzFound device: {0})rcrGrGEN2_DEVICE_IDrr)rPport_idg0rrgs rdevice_for_ide_portz!DefaultOSUtil.device_for_ide_portsu Q;  Q;BkG)00W=771)8   '..v67 rcVtjtj|y)N)contents)rrrget_published_hostnamer^s rrmz!DefaultOSUtil.set_hostname_recordsD779HMrc\tj}tjj |sc|j }|)t jdtj}t jd|||j|tj|}|S)Nz.Retrieving hostname using socket.gethostname()zLPublished hostname record does not exist, creating [{0}] with hostname [{1}]) rrrrr#_get_cloud_init_hostnamerrr gethostnamermrr)rPhostname_recordr\records rget_hostname_recordz!DefaultOSUtil.get_hostname_records557ww~~o.446H LM!--/ KKfhwzB C  $ $X .##O4 rc\d} tjj|rItjd|t |d5}t j|}ddddvr|dSy#1swYxYw#t$r)}tjdt|Yd}~yd}~wwxYw)z Retrieves the hostname set by cloud-init; returns None if cloud-init did not set the hostname or if there is an error retrieving it. z /var/lib/cloud/data/set-hostnamezRetrieving hostname from {0}rNr\zError retrieving hostname: {0}) rrr#rrrjsonloadrhrkr ) hostname_filefile_ hostname_inforUs rrz&DefaultOSUtil._get_cloud_init_hostname(s ;  Kww~~m, :MJ--5$(IIe$4M5.(44 55 K KK8$y/ J J Ks0AA9A-A9-A62A99 B+B&&B+c|j|rtjd||jddg|jddd|g|j |dy) Nz){0} is a system user. Will not delete it.touchz /var/run/utmpuserdelz-fz-rT)r)rrrr]r)rPrs r del_accountzDefaultOSUtil.del_accountCs\   H % LLDh O ))7O*DE ))9dD(*KL $/rcJtj|jdS)Nzutf-8)base64 b64decoder)rPdatas rdecode_customdatazDefaultOSUtil.decode_customdataKs%,,W55rc^tjdtjdzdz S)N SC_PAGE_SIZE SC_PHYS_PAGES)rsysconfrOs r get_total_memzDefaultOSUtil.get_total_memNs$zz.)BJJ,GG9UUrc*tjSr)multiprocessing cpu_countrOs rget_processor_coresz!DefaultOSUtil.get_processor_coresRs((**rc t|}tj|dy#ttf$rYyt $r,}|j t jk(rYd}~yYd}~yd}~wwxYw)NrFT)rfrkill ValueError TypeErrorrerrnoEPERM)rPpidos_errors rcheck_pid_alivezDefaultOSUtil.check_pid_aliveUsZ c(C GGCO I&  ~~, s!$A)A)A$$A)c(tjdkDS)Nl)sysmaxsizerOs ris_64bitzDefaultOSUtil.is_64bitas{{W$$rcd} tjd}|S#ttf$r4}t j dj |jd}~wwxYw)aE Get the contents of /proc/stat. # cpu 813599 3940 909253 154538746 874851 0 6589 0 0 0 # cpu0 401094 1516 453006 77276738 452939 0 3312 0 0 0 # cpu1 412505 2423 456246 77262007 421912 0 3276 0 0 0 :return: A single string with the contents of /proc/stat :rtype: str Nz /proc/statzCouldn't read /proc/stat: {0})rrrrrrkrcstrerror)resultsexs r_get_proc_statzDefaultOSUtil._get_proc_states[ ((6G  !  KK7>>r{{K L  sA/AAcd}tj}|P|jD]=}tj |st d|j ddD}|S|S)z Compute the number of USER_HZ units of time that have elapsed in all categories, across all cores, since boot. :return: int rc32K|]}t|ywr)rf).0r}s r z?DefaultOSUtil.get_total_cpu_ticks_since_boot..s%;#$A%;srr)rGrr ALL_CPUS_REGEXresumrd) system_cpu proc_statros rget_total_cpu_ticks_since_bootz,DefaultOSUtil.get_total_cpu_ticks_since_bootysx !002  !,,. !''-!$%;(, Qq(9%;";J   rcdx}}ddg}tj|}|jdD]D}tj |s|j}t |d}t |d}F|dz |dz fS)ak Get the contents of free -b in bytes. # free -b # total used free shared buff/cache available # Mem: 8340144128 619352064 5236809728 1499136 2483982336 7426314240 # Swap: 0 0 0 :return: used and available memory in megabytes rfreez-brYrzr)rr_rdALL_MEMS_REGEXrerf)used_mem available_memfree_cmdmemoryromemss r$get_used_and_available_system_memoryz2DefaultOSUtil.get_used_and_available_system_memorys$%$=D>&&x0LL& -D##D)zz|tAw< #DG  - #]I%>>>rci}gd}gd}gd} tj|}|r)d}||} ||} dj |||| || S|j|||j||tjd |j||tjd |S#tj$r/}tjdt ||rdnicYd}~Sd}~wwxYw) a% Capture NIC state (IPv4 and IPv6 addresses plus link state). :return: By default returns a dictionary of NIC state objects, with the NIC name as key. If as_string is True returns the state as a string :rtype: dict(str,NetworkInformationCard) )r-arAlink)rz-4rrAaddress)rz-6rrArz"Could not fetch NIC link info: {0}rtNc tj|S#tj$r}t|cYd}~Sd}~wwxYwr)rr_rr?)r command_errors rr_z0DefaultOSUtil.get_nic_state..run_commands9.$0099 --.}--.s? :??z9Executing {0}: {1} Executing {2}: {3} Executing {4}: {5} zan IPv4 addresszan IPv6 address) rr_rrrr rc_update_nic_state_all_update_nic_stateradd_ipv4add_ipv6) rP as_stringstate all_command inet_command inet6_command all_outputrr_ inet_output inet6_outputs r get_nic_statezDefaultOSUtil.get_nic_states0 : ;  +"..{;J  . &l3K&}5LT[[\gisvBDOQ^`lm m  & &uj 9  " "5,8L8U8UWh i  " "5-9M9V9VXi jL'%% + NN?mAT U"2 * +sB((C*;$C%C*%C*c|jD]I}tj|}|s|jd}t ||jd||<Ky)Nrrz)r IP_COMMAND_OUTPUTrergr)rcommand_outputrrnames rrz#DefaultOSUtil._update_nic_state_allsV#..0 JE ',,U3F||A24aId  Jrc tj|}|jD]p}tj |}|s|j d}||vr||||j dLt jdj||ry#tj$r9}t jddj|t|Yd}~yd}~wwxYw)a Update the state of NICs based on the output of a specified ip subcommand. :param dict(str, NetworkInterfaceCard) state: Dictionary of NIC state objects :param str ip_command: The ip command to run :param handler: A method on the NetworkInterfaceCard class :param str description: Description of the particular information being added to the state rrzz'Interface {0} has {1} but no link statez[{0}] failed: {1}rN) rr_r rrergrrrcrrr?) r ip_commandhandler descriptionrmrrinterface_namers rrzDefaultOSUtil._update_nic_states X**:6F**, t+007%+\\!_N%.n 5v||AG %N%U%UVdfq%rs t %% X LL,chhz.BC DV W W Xs?BABC'./C""C'cR tj||y#t$rYywxYwNr!rr_rh)rr"s rr]z*DefaultOSUtil._run_command_without_raisings)   ! !# ;   s  &&cj|D]} tj||y#t$r|rY+YywxYwrr)commandsr"continue_on_errorrs r&_run_multiple_commands_without_raisingz4DefaultOSUtil._run_multiple_commands_without_raisings@ C %%cY?  $ s ! 22c B tj|d|S#tj$r@}tdj ||j |j |jd}~wt$r*}tdj |dt|d}~wwxYw)NT)r"inputz*{0}, Retcode: {1}, Output: {2}, Error: {3}z{0}, Retcode: {1}, Error: {2}r\) rr_rr rcrjrZr[rhr )rr cmd_inputrqs rrz.DefaultOSUtil._run_command_raising_OSUtilErrors \((IN N%% p<CCGQ\\[\[c[cefememnp p \=DDWbRVWXRYZ[ [ \s B;A(( B4%BBr)NN)r )FF)z/dev)rTNN)TN)T)rr4)rZr)F)TF)k__name__ __module__ __qualname__rQ staticmethodrMrUrWrrr^rrrrrrrrrrrrrrrrrrr rrrrr5r>rQrTr\r_r^rar@rSrkrurxrr{rrrrrrrrrrrr#rzr(r.r2r5r7r9r<r>r@rBrDrFrHrNrRrVrZr_rerkrnrsrqrDrrrrmrrrrrrrpropertyrrrrrrrr]rrrrrrGrGs4%%!F( Y0 v(4T  6 M)4" 2q&iPB N ",6$$L  P .!" 'GRY'$F B$ % ' '2 U>$  D &+!Z6 ;;z &        ..9S P 8 < *("""((T&N 406V+ %%& ??(#J J JXX>\\rrG)Err rrr rrrrrr`rrrrrFrrazurelinuxagent.commonrrazurelinuxagent.common.utilsrrr azurelinuxagent.common.exceptionr azurelinuxagent.common.futurer r &azurelinuxagent.common.utils.cryptutilr -azurelinuxagent.common.utils.flexible_versionr(azurelinuxagent.common.utils.networkutilrrr&azurelinuxagent.common.utils.shellutilrrnrarurvrrr'r*r9r<rArDrbrrr]rr IGNORECASErrrrrrr}robjectrGrrrrsX&    ')1218><Igg?H>@ 'BJJ'?@+H5%Ig C iL A <I&H%0 2rzz<MM  BJJ89/7H\FH\r