"""This module hosts OS-specific code common for the various Microsoft
Windows OSs."""
-from image_creator.os_type import OSBase, sysprep
-from image_creator.util import FatalError, check_guestfs_version, get_command
+from image_creator.os_type import OSBase, sysprep, add_sysprep_param
+from image_creator.util import FatalError, get_kvm_binary
+from image_creator.winexe import WinEXE, WinexeTimeout
import hivex
import tempfile
import os
+import signal
import time
import random
import string
import subprocess
import struct
-kvm = get_command('kvm')
-
-BOOT_TIMEOUT = 300
-
# For more info see: http://technet.microsoft.com/en-us/library/jj612867.aspx
KMS_CLIENT_SETUP_KEYS = {
"Windows 8 Professional": "NG4HW-VH26C-733KW-K6F98-J8CK4",
"Windows Server 2008 for Itanium-Based Systems":
"4DWFP-JF3DJ-B7DTH-78FJB-PDRHK"}
+_POSINT = lambda x: type(x) == int and x >= 0
+
class Windows(OSBase):
"""OS class for Windows"""
+ @add_sysprep_param(
+ 'shutdown_timeout', int, 120, "Shutdown Timeout (seconds)", _POSINT)
+ @add_sysprep_param(
+ 'boot_timeout', int, 300, "Boot Timeout (seconds)", _POSINT)
+ @add_sysprep_param(
+ 'connection_retries', int, 5, "Connection Retries", _POSINT)
+ @add_sysprep_param('password', str, None, 'Image Administrator Password')
def __init__(self, image, **kargs):
super(Windows, self).__init__(image, **kargs)
- device = self.g.part_to_dev(self.root)
-
- self.last_part_num = self.g.part_list(device)[-1]['part_num']
+ # The commit with the following message was added in
+ # libguestfs 1.17.18:
+ #
+ # When a Windows guest doesn't have a HKLM\SYSTEM\MountedDevices node,
+ # inspection fails. However inspection should not completely fail just
+ # because we cannot get the drive letter mapping from a guest.
+ #
+ # Since Microsoft Sysprep removes the aforementioned key, image
+ # creation for windows can only be supported if the installed guestfs
+ # version is 1.17.18 or higher
+ if self.image.check_guestfs_version(1, 17, 18) < 0:
+ raise FatalError(
+ 'For windows support libguestfs 1.17.18 or above is required')
+
+ device = self.image.g.part_to_dev(self.root)
+
+ self.last_part_num = self.image.g.part_list(device)[-1]['part_num']
self.last_drive = None
self.system_drive = None
- for drive, partition in self.g.inspect_get_drive_mappings(self.root):
- if partition == "%s%d" % (device, self.last_part_num):
+ for drive, part in self.image.g.inspect_get_drive_mappings(self.root):
+ if part == "%s%d" % (device, self.last_part_num):
self.last_drive = drive
- if partition == self.root:
+ if part == self.root:
self.system_drive = drive
assert self.system_drive
- self.product_name = self.g.inspect_get_product_name(self.root)
-
- def needed_sysprep_params(self):
- """Returns a list of needed sysprep parameters. Each element in the
- list is a SysprepParam object.
- """
- password = self.SysprepParam(
- 'password', 'Image Administrator Password', 20, lambda x: True)
-
- return [password]
+ self.product_name = self.image.g.inspect_get_product_name(self.root)
+ self.syspreped = False
@sysprep('Disabling IPv6 privacy extensions')
def disable_ipv6_privacy_extensions(self):
return
self._guest_exec(
- "cscript \Windows\system32\slmgr.vbs /ipk %s" % setup_key)
+ r"cscript \Windows\system32\slmgr.vbs /ipk %s" % setup_key)
@sysprep('Shrinking the last filesystem')
def shrink(self):
# Query for the maximum number of reclaimable bytes
cmd = (
- r'cmd /Q /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
+ r'cmd /Q /V:ON /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
r'ECHO SELECT DISK 0 > %SCRIPT% & ' +
'ECHO SELECT PARTITION %d >> %%SCRIPT%% & ' % self.last_part_num +
r'ECHO SHRINK QUERYMAX >> %SCRIPT% & ' +
r'ECHO EXIT >> %SCRIPT% & ' +
r'DISKPART /S %SCRIPT% & ' +
- r'IF ERRORLEVEL 1 EXIT /B 1 & ' +
+ r'IF NOT !ERRORLEVEL! EQU 0 EXIT /B 1 & ' +
r'DEL /Q %SCRIPT%"')
stdout, stderr, rc = self._guest_exec(cmd)
self.out.warn("Not enought available space to shrink the image!")
return
+ self.out.output("\tReclaiming %dMB ..." % querymax)
+
cmd = (
- r'cmd /Q /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
+ r'cmd /Q /V:ON /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
r'ECHO SELECT DISK 0 > %SCRIPT% & ' +
'ECHO SELECT PARTITION %d >> %%SCRIPT%% & ' % self.last_part_num +
'ECHO SHRINK DESIRED=%d >> %%SCRIPT%% & ' % querymax +
r'ECHO EXIT >> %SCRIPT% & ' +
r'DISKPART /S %SCRIPT% & ' +
- r'IF ERRORLEVEL 1 EXIT /B 1 & ' +
+ r'IF NOT !ERRORLEVEL! EQU 0 EXIT /B 1 & ' +
r'DEL /Q %SCRIPT%"')
- stdout, stderr, rc = self._guest_exec(cmd)
+ stdout, stderr, rc = self._guest_exec(cmd, False)
+ if rc != 0:
+ FatalError("Shrinking failed. Please make sure the media is "
+ "defraged with a command like this: "
+ "`Defrag.exe /U /X /W'")
for line in stdout.splitlines():
if line.find('shrunk') >= 0:
self.out.output(line)
raise FatalError("Image is already syspreped!")
txt = "System preparation parameter: `%s' is needed but missing!"
- for param in self.needed_sysprep_params():
- if param[0] not in self.sysprep_params:
- raise FatalError(txt % param[0])
+ for name, param in self.needed_sysprep_params.items():
+ if name not in self.sysprep_params:
+ raise FatalError(txt % name)
self.mount(readonly=False)
try:
firewall_states = self._update_firewalls(0, 0, 0)
# Delete the pagefile. It will be recreated when the system boots
- systemroot = self.g.inspect_get_windows_systemroot(self.root)
- pagefile = "%s/pagefile.sys" % systemroot
- self.g.rm_rf(self.g.case_sensitive_path(pagefile))
+ systemroot = self.image.g.inspect_get_windows_systemroot(self.root)
+ try:
+ pagefile = "%s/pagefile.sys" % systemroot
+ self.image.g.rm_rf(self.image.g.case_sensitive_path(pagefile))
+ except RuntimeError:
+ pass
finally:
self.umount()
- self.out.output("Shutting down helper VM ...", False)
- self.g.sync()
- # guestfs_shutdown which is the prefered way to shutdown the backend
- # process was introduced in version 1.19.16
- if check_guestfs_version(self.g, 1, 19, 16) >= 0:
- ret = self.g.shutdown()
- else:
- ret = self.g.kill_subprocess()
-
- self.out.success('done')
+ self.image.disable_guestfs()
vm = None
monitor = None
self.out.output("Starting windows VM ...", False)
monitorfd, monitor = tempfile.mkstemp()
os.close(monitorfd)
- vm, display = self._create_vm(monitor)
- self.out.success("started (console on vnc display: %d)." % display)
+ vm = _VM(self.image.device, monitor, self.sysprep_params)
+ self.out.success("started (console on vnc display: %d)." %
+ vm.display)
self.out.output("Waiting for OS to boot ...", False)
- if not self._wait_on_file(monitor, token):
- raise FatalError("Windows booting timed out.")
- else:
- time.sleep(10) # Just to be sure everything is up
- self.out.success('done')
+ self._wait_vm_boot(vm, monitor, token)
+ self.out.success('done')
+
+ self.out.output("Checking connectivity to the VM ...", False)
+ self._check_connectivity()
+ self.out.success('done')
self.out.output("Disabling automatic logon ...", False)
self._disable_autologon()
self.out.success('done')
- self.out.output('Preparing system from image creation:')
+ self.out.output('Preparing system for image creation:')
tasks = self.list_syspreps()
- enabled = filter(lambda x: x.enabled, tasks)
+ enabled = [task for task in tasks if task.enabled]
size = len(enabled)
# Make sure shrink runs in the end, before ms sysprep
- enabled = filter(lambda x: self.sysprep_info(x).name != 'shrink',
- enabled)
+ enabled = [task for task in enabled if
+ self.sysprep_info(task).name != 'shrink']
- shrink_enabled = False
if len(enabled) != size:
enabled.append(self.shrink)
- shrink_enabled = True
# Make sure the ms sysprep is the last task to run if it is enabled
- enabled = filter(
- lambda x: self.sysprep_info(x).name != 'microsoft-sysprep',
- enabled)
+ enabled = [task for task in enabled if
+ self.sysprep_info(task).name != 'microsoft-sysprep']
ms_sysprep_enabled = False
if len(enabled) != size:
self.out.success("done")
self.out.output("Waiting for windows to shut down ...", False)
- vm.wait()
+ vm.wait(self.sysprep_params['shutdown_timeout'])
self.out.success("done")
finally:
if monitor is not None:
os.unlink(monitor)
- if vm is not None:
- self._destroy_vm(vm)
-
- self.out.output("Relaunching helper VM (may take a while) ...",
- False)
- self.g.launch()
- self.out.success('done')
-
- self.mount(readonly=False)
try:
- if disabled_uac:
- self._update_uac_remote_setting(0)
-
- self._update_firewalls(*firewall_states)
+ if vm is not None:
+ self.out.output("Destroying windows VM ...", False)
+ vm.destroy()
+ self.out.success("done")
finally:
- self.umount()
-
- def _create_vm(self, monitor):
- """Create a VM with the image attached as the disk
-
- monitor: a file to be used to monitor when the OS is up
- """
-
- def random_mac():
- mac = [0x00, 0x16, 0x3e,
- random.randint(0x00, 0x7f),
- random.randint(0x00, 0xff),
- random.randint(0x00, 0xff)]
-
- return ':'.join(map(lambda x: "%02x" % x, mac))
-
- # Use ganeti's VNC port range for a random vnc port
- vnc_port = random.randint(11000, 14999)
- display = vnc_port - 5900
+ self.image.enable_guestfs()
- vm = kvm(
- '-smp', '1', '-m', '1024', '-drive',
- 'file=%s,format=raw,cache=unsafe,if=virtio' % self.image.device,
- '-netdev', 'type=user,hostfwd=tcp::445-:445,id=netdev0',
- '-device', 'virtio-net-pci,mac=%s,netdev=netdev0' % random_mac(),
- '-vnc', ':%d' % display, '-serial', 'file:%s' % monitor, _bg=True)
+ self.mount(readonly=False)
+ try:
+ if disabled_uac:
+ self._update_uac_remote_setting(0)
- return vm, display
-
- def _destroy_vm(self, vm):
- """Destroy a VM previously created by _create_vm"""
- if vm.process.alive:
- vm.terminate()
+ self._update_firewalls(*firewall_states)
+ finally:
+ self.umount()
def _shutdown(self):
"""Shuts down the windows VM"""
self._guest_exec(r'shutdown /s /t 5')
- def _wait_on_file(self, fname, msg):
- """Wait until a message appears on a file"""
+ def _wait_vm_boot(self, vm, fname, msg):
+ """Wait until a message appears on a file or the vm process dies"""
- for i in range(BOOT_TIMEOUT):
+ for _ in range(self.sysprep_params['boot_timeout']):
time.sleep(1)
with open(fname) as f:
for line in f:
if line.startswith(msg):
return True
- return False
+ if not vm.isalive():
+ raise FatalError("Windows VM died unexpectedly!")
+
+ raise FatalError("Windows VM booting timed out!")
def _disable_autologon(self):
"""Disable automatic logon on the windows image"""
def _registry_file_path(self, regfile):
"""Retrieves the case sensitive path to a registry file"""
- systemroot = self.g.inspect_get_windows_systemroot(self.root)
+ systemroot = self.image.g.inspect_get_windows_systemroot(self.root)
path = "%s/system32/config/%s" % (systemroot, regfile)
try:
- path = self.g.case_sensitive_path(path)
- except RuntimeError as e:
+ path = self.image.g.case_sensitive_path(path)
+ except RuntimeError as error:
raise FatalError("Unable to retrieve registry file: %s. Reason: %s"
- % (regfile, str(e)))
+ % (regfile, str(error)))
return path
def _enable_os_monitor(self):
softwarefd, software = tempfile.mkstemp()
try:
os.close(softwarefd)
- self.g.download(path, software)
+ self.image.g.download(path, software)
h = hivex.Hivex(software, write=True)
h.commit(None)
- self.g.upload(software, path)
+ self.image.g.upload(software, path)
finally:
os.unlink(software)
systemfd, system = tempfile.mkstemp()
try:
os.close(systemfd)
- self.g.download(path, system)
+ self.image.g.download(path, system)
h = hivex.Hivex(system, write=True)
'value': struct.pack("<I", new_values.pop(0))})
h.commit(None)
- self.g.upload(system, path)
+ self.image.g.upload(system, path)
finally:
os.unlink(system)
softwarefd, software = tempfile.mkstemp()
try:
os.close(softwarefd)
- self.g.download(path, software)
+ self.image.g.download(path, software)
h = hivex.Hivex(software, write=True)
h.node_set_value(key, new_value)
h.commit(None)
- self.g.upload(software, path)
+ self.image.g.upload(software, path)
finally:
os.unlink(software)
def _get_users(self):
"""Returns a list of users found in the images"""
- path = self._registry_file_path('SAM')
samfd, sam = tempfile.mkstemp()
try:
os.close(samfd)
- self.g.download(path, sam)
+ self.image.g.download(self._registry_file_path('SAM'), sam)
h = hivex.Hivex(sam)
- key = h.root()
+ # Navigate to /SAM/Domains/Account/Users
+ users_node = h.root()
+ for child in ('SAM', 'Domains', 'Account', 'Users'):
+ users_node = h.node_get_child(users_node, child)
+
# Navigate to /SAM/Domains/Account/Users/Names
- for child in ('SAM', 'Domains', 'Account', 'Users', 'Names'):
- key = h.node_get_child(key, child)
+ names_node = h.node_get_child(users_node, 'Names')
- users = [h.node_name(x) for x in h.node_children(key)]
+ # HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\%RID%
+ # HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names\%Username%
+ #
+ # The RID (relative identifier) of each user is stored as the type!
+ # (not the value) of the default key of the node under Names whose
+ # name is the user's username. Under the RID node, there in a F
+ # value that contains information about this user account.
+ #
+ # See sam.h of the chntpw project on how to translate the F value
+ # of an account in the registry. Bytes 56 & 57 are the account type
+ # and status flags. The first bit is the 'account disabled' bit
+ disabled = lambda f: int(f[56].encode('hex'), 16) & 0x01
+
+ users = []
+ for user_node in h.node_children(names_node):
+ username = h.node_name(user_node)
+ rid = h.value_type(h.node_get_value(user_node, ""))[0]
+ # if RID is 500 (=0x1f4), the corresponding node name under
+ # Users is '000001F4'
+ key = ("%8.x" % rid).replace(' ', '0').upper()
+ rid_node = h.node_get_child(users_node, key)
+ f_value = h.value_value(h.node_get_value(rid_node, 'F'))[1]
+
+ if disabled(f_value):
+ self.out.warn("Found disabled `%s' account!" % username)
+ continue
+
+ users.append(username)
finally:
os.unlink(sam)
# Filter out the guest account
- return filter(lambda x: x != "Guest", users)
+ return users
+
+ def _check_connectivity(self):
+ """Check if winexe works on the Windows VM"""
+
+ retries = self.sysprep_params['connection_retries']
+ # If the connection_retries parameter is set to 0 disable the
+ # connectivity check
+ if retries == 0:
+ return True
+
+ passwd = self.sysprep_params['password']
+ winexe = WinEXE('Administrator', passwd, 'localhost')
+ winexe.uninstall().debug(9)
+
+ for i in range(retries):
+ (stdout, stderr, rc) = winexe.run('cmd /C')
+ if rc == 0:
+ return True
+ log = tempfile.NamedTemporaryFile(delete=False)
+ try:
+ log.file.write(stdout)
+ finally:
+ log.close()
+ self.out.output("failed! See: `%s' for the full output" % log.name)
+ if i < retries - 1:
+ self.out.output("retrying ...", False)
+
+ raise FatalError("Connection to the Windows VM failed after %d retries"
+ % retries)
def _guest_exec(self, command, fatal=True):
"""Execute a command on a windows VM"""
- user = "Administrator%" + self.sysprep_params['password']
- addr = 'localhost'
- runas = '--runas=%s' % user
- winexe = subprocess.Popen(
- ['winexe', '-U', user, runas, "--uninstall", "//%s" % addr,
- command], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+ passwd = self.sysprep_params['password']
- stdout, stderr = winexe.communicate()
- rc = winexe.poll()
+ winexe = WinEXE('Administrator', passwd, 'localhost')
+ winexe.runas('Administrator', passwd).uninstall()
+
+ try:
+ (stdout, stderr, rc) = winexe.run(command)
+ except WinexeTimeout:
+ FatalError("Command: `%s' timeout out." % command)
if rc != 0 and fatal:
reason = stderr if len(stderr) else stdout
return (stdout, stderr, rc)
+
+class _VM(object):
+ """Windows Virtual Machine"""
+ def __init__(self, disk, serial, params):
+ """Create _VM instance
+
+ disk: VM's hard disk
+ serial: File to save the output of the serial port
+ """
+
+ self.disk = disk
+ self.serial = serial
+ self.params = params
+
+ def random_mac():
+ """creates a random mac address"""
+ mac = [0x00, 0x16, 0x3e,
+ random.randint(0x00, 0x7f),
+ random.randint(0x00, 0xff),
+ random.randint(0x00, 0xff)]
+
+ return ':'.join(['%02x' % x for x in mac])
+
+ # Use ganeti's VNC port range for a random vnc port
+ self.display = random.randint(11000, 14999) - 5900
+
+ kvm, needed_args = get_kvm_binary()
+
+ if kvm is None:
+ FatalError("Can't find the kvm binary")
+
+ args = [kvm]
+ args.extend(needed_args)
+
+ args.extend([
+ '-smp', '1', '-m', '1024', '-drive',
+ 'file=%s,format=raw,cache=unsafe,if=virtio' % self.disk,
+ '-netdev', 'type=user,hostfwd=tcp::445-:445,id=netdev0',
+ '-device', 'virtio-net-pci,mac=%s,netdev=netdev0' % random_mac(),
+ '-vnc', ':%d' % self.display, '-serial', 'file:%s' % self.serial,
+ '-monitor', 'stdio'])
+
+ self.process = subprocess.Popen(args, stdin=subprocess.PIPE,
+ stdout=subprocess.PIPE)
+
+ def isalive(self):
+ """Check if the VM is still alive"""
+ return self.process.poll() is None
+
+ def destroy(self):
+ """Destroy the VM"""
+
+ if not self.isalive():
+ return
+
+ def handler(signum, frame):
+ self.process.terminate()
+ time.sleep(1)
+ if self.isalive():
+ self.process.kill()
+ self.process.wait()
+ raise FatalError("VM destroy timed-out")
+
+ signal.signal(signal.SIGALRM, handler)
+
+ signal.alarm(self.params['shutdown_timeout'])
+ self.process.communicate(input="system_powerdown\n")
+ signal.alarm(0)
+
+ def wait(self, timeout=0):
+ """Wait for the VM to terminate"""
+
+ def handler(signum, frame):
+ self.destroy()
+ raise FatalError("VM wait timed-out.")
+
+ signal.signal(signal.SIGALRM, handler)
+
+ signal.alarm(timeout)
+ stdout, stderr = self.process.communicate()
+ signal.alarm(0)
+
+ return (stdout, stderr, self.process.poll())
+
# vim: set sta sts=4 shiftwidth=4 sw=4 et ai :