1 # -*- coding: utf-8 -*-
3 # Copyright 2012 GRNET S.A. All rights reserved.
5 # Redistribution and use in source and binary forms, with or
6 # without modification, are permitted provided that the following
9 # 1. Redistributions of source code must retain the above
10 # copyright notice, this list of conditions and the following
13 # 2. Redistributions in binary form must reproduce the above
14 # copyright notice, this list of conditions and the following
15 # disclaimer in the documentation and/or other materials
16 # provided with the distribution.
18 # THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
19 # OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
21 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
22 # CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
25 # USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
26 # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
28 # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 # POSSIBILITY OF SUCH DAMAGE.
31 # The views and conclusions contained in the software and
32 # documentation are those of the authors and should not be
33 # interpreted as representing official policies, either expressed
34 # or implied, of GRNET S.A.
36 """This module hosts OS-specific code common for the various Microsoft
39 from image_creator.os_type import OSBase, sysprep
40 from image_creator.util import FatalError, check_guestfs_version, get_command
49 kvm = get_command('kvm')
52 class Windows(OSBase):
53 """OS class for Windows"""
55 def needed_sysprep_params(self):
56 """Returns a list of needed sysprep parameters. Each element in the
57 list is a SysprepParam object.
60 password = self.SysprepParam(
61 'password', 'Image Administrator Password', 20, lambda x: True)
65 @sysprep(enabled=True)
66 def disable_ipv6_privacy_extensions(self, print_header=True):
67 """Disable IPv6 privacy extensions"""
70 self.out.output("Disabling IPv6 privacy extensions")
72 out, err, rc = self._guest_exec(
73 'netsh interface ipv6 set global randomizeidentifiers=disabled '
77 raise FatalError("Unable to disable IPv6 privacy extensions: %s" %
80 @sysprep(enabled=True)
81 def microsoft_sysprep(self, print_header=True):
82 """Run the Micorsoft System Preparation Tool on the Image. After this
83 runs, no other task may run.
87 self.out.output("Executing sysprep on the image (may take more "
90 out, err, rc = self._guest_exec(r'C:\windows\system32\sysprep\sysprep '
91 r'/quiet /generalize /oobe /shutdown')
94 raise FatalError("Unable to perform sysprep: %s" % err)
97 """Prepare system for image creation."""
99 if getattr(self, 'syspreped', False):
100 raise FatalError("Image is already syspreped!")
102 txt = "System preparation parameter: `%s' is needed but missing!"
103 for param in self.needed_sysprep_params():
104 if param[0] not in self.sysprep_params:
105 raise FatalError(txt % param[0])
107 self.mount(readonly=False)
109 disabled_uac = self._update_uac_remote_setting(1)
113 self.out.output("Shutting down helper VM ...", False)
115 # guestfs_shutdown which is the prefered way to shutdown the backend
116 # process was introduced in version 1.19.16
117 if check_guestfs_version(self.g, 1, 19, 16) >= 0:
118 ret = self.g.shutdown()
120 ret = self.g.kill_subprocess()
122 self.out.success('done')
124 self.out.output("Starting windows VM ...", False)
127 mac = [0x00, 0x16, 0x3e,
128 random.randint(0x00, 0x7f),
129 random.randint(0x00, 0xff),
130 random.randint(0x00, 0xff)]
131 return ':'.join(map(lambda x: "%02x" % x, mac))
133 vm = kvm('-smp', '1', '-m', '1024', '-drive',
134 'file=%s,format=raw,cache=none,if=virtio' %
136 '-netdev', 'type=user,hostfwd=tcp::445-:445,id=netdev0',
137 '-device', 'virtio-net-pci,mac=%s,netdev=netdev0' %
138 random_mac(), '-vnc', ':0', _bg=True)
140 self.out.success('done')
142 tasks = self.list_syspreps()
143 enabled = filter(lambda x: x.enabled, tasks)
147 # Make sure the ms sysprep is the last task to run if it is enabled
149 lambda x: x.im_func.func_name != 'microsoft_sysprep', enabled)
151 ms_sysprep_enabled = False
152 if len(enabled) != size:
153 enabled.append(self.ms_sysprep)
154 ms_sysprep_enabled = True
159 self.out.output(('(%d/%d)' % (cnt, size)).ljust(7), False)
161 setattr(task.im_func, 'executed', True)
163 if not ms_sysprep_enabled:
171 self.out.output("Relaunching helper VM (may take a while) ...",
174 self.out.success('done')
177 self._update_uac_remote_setting(0)
180 """Shuts down the windows VM"""
182 self.out.output("Shutting down windows VM ...", False)
183 out, err, rc = self._guest_exec(r'shutdown /s /t 5')
186 raise FatalError("Unable to perform shutdown: %s" % err)
188 self.out.success('done')
190 def _registry_file_path(self, regfile):
191 """Retrieves the case sensitive path to a registry file"""
193 systemroot = self.g.inspect_get_windows_systemroot(self.root)
194 path = "%s/system32/config/%s" % (systemroot, regfile)
196 path = self.g.case_sensitive_path(path)
197 except RuntimeError as e:
198 raise FatalError("Unable to retrieve registry file: %s. Reason: %s"
202 def _update_uac_remote_setting(self, value):
203 """Updates the registry key value:
204 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies
205 \System]"LocalAccountTokenFilterPolicy"
207 value = 1 will disable the UAC remote restrictions
208 value = 0 will enable the UAC remote restrictions
210 For more info see here: http://support.microsoft.com/kb/951016
213 True if the key is changed
214 False if the key is unchanged
217 if value not in (0, 1):
218 raise ValueError("Valid values for value parameter are 0 and 1")
220 path = self._registry_file_path('SOFTWARE')
221 softwarefd, software = tempfile.mkstemp()
224 self.g.download(path, software)
226 h = hivex.Hivex(software, write=True)
229 for child in ('Microsoft', 'Windows', 'CurrentVersion', 'Policies',
231 key = h.node_get_child(key, child)
234 for val in h.node_values(key):
235 if h.value_key(val) == "LocalAccountTokenFilterPolicy":
238 if policy is not None:
239 dword = h.value_dword(policy)
246 'key': "LocalAccountTokenFilterPolicy", 't': 4L,
247 'value': '%s\x00\x00\x00' % '\x00' if value == 0 else '\x01'}
249 h.node_set_value(key, new_value)
252 self.g.upload(software, path)
259 def _do_collect_metadata(self):
260 """Collect metadata about the OS"""
261 super(Windows, self)._do_collect_metadata()
262 self.meta["USERS"] = " ".join(self._get_users())
264 def _get_users(self):
265 """Returns a list of users found in the images"""
266 path = self._registry_file_path('SAM')
267 samfd, sam = tempfile.mkstemp()
270 self.g.download(path, sam)
275 # Navigate to /SAM/Domains/Account/Users/Names
276 for child in ('SAM', 'Domains', 'Account', 'Users', 'Names'):
277 key = h.node_get_child(key, child)
279 users = [h.node_name(x) for x in h.node_children(key)]
284 # Filter out the guest account
285 return filter(lambda x: x != "Guest", users)
287 def _guest_exec(self, command):
288 user = "Administrator%" + self.sysprep_params['password']
290 runas = '--runas=%s' % user
291 winexe = subprocess.Popen(
292 ['winexe', '-U', user, "//%s" % addr, runas, command],
293 stdout=subprocess.PIPE, stderr=subprocess.PIPE)
295 result = winexe.communicate()
298 return (result[0], result[1], rc)
300 # vim: set sta sts=4 shiftwidth=4 sw=4 et ai :