"""This module hosts OS-specific code common for the various Microsoft
Windows OSs."""
-from image_creator.os_type import OSBase, sysprep
+from image_creator.os_type import OSBase, sysprep, add_sysprep_param
from image_creator.util import FatalError, check_guestfs_version, get_command
from image_creator.winexe import WinEXE, WinexeTimeout
import hivex
import tempfile
import os
+import signal
import time
import random
import string
import subprocess
import struct
-kvm = get_command('kvm')
-
BOOT_TIMEOUT = 300
+SHUTDOWN_TIMEOUT = 120
+CONNECTION_RETRIES = 5
# For more info see: http://technet.microsoft.com/en-us/library/jj612867.aspx
KMS_CLIENT_SETUP_KEYS = {
class Windows(OSBase):
"""OS class for Windows"""
+
+ @add_sysprep_param('password', 'Image Administrator Password', 20)
def __init__(self, image, **kargs):
super(Windows, self).__init__(image, **kargs)
self.product_name = self.g.inspect_get_product_name(self.root)
- def needed_sysprep_params(self):
- """Returns a list of needed sysprep parameters. Each element in the
- list is a SysprepParam object.
- """
- password = self.SysprepParam(
- 'password', 'Image Administrator Password', 20, lambda x: True)
-
- return [password]
-
@sysprep('Disabling IPv6 privacy extensions')
def disable_ipv6_privacy_extensions(self):
"""Disable IPv6 privacy extensions"""
# Query for the maximum number of reclaimable bytes
cmd = (
- r'cmd /Q /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
+ r'cmd /Q /V:ON /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
r'ECHO SELECT DISK 0 > %SCRIPT% & ' +
'ECHO SELECT PARTITION %d >> %%SCRIPT%% & ' % self.last_part_num +
r'ECHO SHRINK QUERYMAX >> %SCRIPT% & ' +
r'ECHO EXIT >> %SCRIPT% & ' +
r'DISKPART /S %SCRIPT% & ' +
- r'IF ERRORLEVEL 1 EXIT /B 1 & ' +
+ r'IF NOT !ERRORLEVEL! EQU 0 EXIT /B 1 & ' +
r'DEL /Q %SCRIPT%"')
stdout, stderr, rc = self._guest_exec(cmd)
self.out.warn("Not enought available space to shrink the image!")
return
+ self.out.output("\tReclaiming %dMB ..." % querymax)
+
cmd = (
- r'cmd /Q /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
+ r'cmd /Q /V:ON /C "SET SCRIPT=%TEMP%\QUERYMAX_%RANDOM%.TXT & ' +
r'ECHO SELECT DISK 0 > %SCRIPT% & ' +
'ECHO SELECT PARTITION %d >> %%SCRIPT%% & ' % self.last_part_num +
'ECHO SHRINK DESIRED=%d >> %%SCRIPT%% & ' % querymax +
r'ECHO EXIT >> %SCRIPT% & ' +
r'DISKPART /S %SCRIPT% & ' +
- r'IF ERRORLEVEL 1 EXIT /B 1 & ' +
+ r'IF NOT !ERRORLEVEL! EQU 0 EXIT /B 1 & ' +
r'DEL /Q %SCRIPT%"')
stdout, stderr, rc = self._guest_exec(cmd)
raise FatalError("Image is already syspreped!")
txt = "System preparation parameter: `%s' is needed but missing!"
- for param in self.needed_sysprep_params():
- if param[0] not in self.sysprep_params:
- raise FatalError(txt % param[0])
+ for param in self.needed_sysprep_params:
+ if param not in self.sysprep_params:
+ raise FatalError(txt % param)
self.mount(readonly=False)
try:
self.out.output("Starting windows VM ...", False)
monitorfd, monitor = tempfile.mkstemp()
os.close(monitorfd)
- vm, display = self._create_vm(monitor)
- self.out.success("started (console on vnc display: %d)." % display)
+ vm = _VM(self.image.device, monitor)
+ self.out.success("started (console on vnc display: %d)." %
+ vm.display)
self.out.output("Waiting for OS to boot ...", False)
- if not self._wait_on_file(monitor, token):
- raise FatalError("Windows booting timed out.")
- else:
- time.sleep(10) # Just to be sure everything is up
- self.out.success('done')
+ self._wait_vm_boot(vm, monitor, token)
+ self.out.success('done')
+
+ self.out.output("Checking connectivity to the VM ...", False)
+ self._check_connectivity()
+ self.out.success('done')
self.out.output("Disabling automatic logon ...", False)
self._disable_autologon()
self.out.success('done')
- self.out.output('Preparing system from image creation:')
+ self.out.output('Preparing system for image creation:')
tasks = self.list_syspreps()
enabled = filter(lambda x: x.enabled, tasks)
self.out.success("done")
self.out.output("Waiting for windows to shut down ...", False)
- vm.wait()
+ vm.wait(SHUTDOWN_TIMEOUT)
self.out.success("done")
finally:
if monitor is not None:
os.unlink(monitor)
- if vm is not None:
- self._destroy_vm(vm)
-
- self.out.output("Relaunching helper VM (may take a while) ...",
- False)
- self.g.launch()
- self.out.success('done')
-
- self.mount(readonly=False)
try:
- if disabled_uac:
- self._update_uac_remote_setting(0)
-
- self._update_firewalls(*firewall_states)
+ if vm is not None:
+ self.out.output("Destroying windows VM ...", False)
+ vm.destroy()
+ self.out.success("done")
finally:
- self.umount()
-
- def _create_vm(self, monitor):
- """Create a VM with the image attached as the disk
-
- monitor: a file to be used to monitor when the OS is up
- """
-
- def random_mac():
- mac = [0x00, 0x16, 0x3e,
- random.randint(0x00, 0x7f),
- random.randint(0x00, 0xff),
- random.randint(0x00, 0xff)]
-
- return ':'.join(map(lambda x: "%02x" % x, mac))
-
- # Use ganeti's VNC port range for a random vnc port
- vnc_port = random.randint(11000, 14999)
- display = vnc_port - 5900
-
- vm = kvm(
- '-smp', '1', '-m', '1024', '-drive',
- 'file=%s,format=raw,cache=unsafe,if=virtio' % self.image.device,
- '-netdev', 'type=user,hostfwd=tcp::445-:445,id=netdev0',
- '-device', 'virtio-net-pci,mac=%s,netdev=netdev0' % random_mac(),
- '-vnc', ':%d' % display, '-serial', 'file:%s' % monitor, _bg=True)
+ self.out.output("Relaunching helper VM (may take a while) ...",
+ False)
+ self.g.launch()
+ self.out.success('done')
- return vm, display
+ self.mount(readonly=False)
+ try:
+ if disabled_uac:
+ self._update_uac_remote_setting(0)
- def _destroy_vm(self, vm):
- """Destroy a VM previously created by _create_vm"""
- if vm.process.alive:
- vm.terminate()
+ self._update_firewalls(*firewall_states)
+ finally:
+ self.umount()
def _shutdown(self):
"""Shuts down the windows VM"""
self._guest_exec(r'shutdown /s /t 5')
- def _wait_on_file(self, fname, msg):
- """Wait until a message appears on a file"""
+ def _wait_vm_boot(self, vm, fname, msg):
+ """Wait until a message appears on a file or the vm process dies"""
for i in range(BOOT_TIMEOUT):
time.sleep(1)
for line in f:
if line.startswith(msg):
return True
- return False
+ if not vm.isalive():
+ raise FatalError("Windows VM died unexpectedly!")
+
+ raise FatalError("Windows VM booting timed out!")
def _disable_autologon(self):
"""Disable automatic logon on the windows image"""
h = hivex.Hivex(sam)
- key = h.root()
+ # Navigate to /SAM/Domains/Account/Users
+ users_node = h.root()
+ for child in ('SAM', 'Domains', 'Account', 'Users'):
+ users_node = h.node_get_child(users_node, child)
+
# Navigate to /SAM/Domains/Account/Users/Names
- for child in ('SAM', 'Domains', 'Account', 'Users', 'Names'):
- key = h.node_get_child(key, child)
+ names_node = h.node_get_child(users_node, 'Names')
- users = [h.node_name(x) for x in h.node_children(key)]
+ # HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\%RID%
+ # HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names\%Username%
+ #
+ # The RID (relative identifier) of each user is stored as the type!
+ # (not the value) of the default key of the node under Names whose
+ # name is the user's username. Under the RID node, there in a F
+ # value that contains information about this user account.
+ #
+ # See sam.h of the chntpw project on how to translate the F value
+ # of an account in the registry. Bytes 56 & 57 are the account type
+ # and status flags. The first bit is the 'account disabled' bit
+ disabled = lambda f: int(f[56].encode('hex'), 16) & 0x01
+
+ users = []
+ for user_node in h.node_children(names_node):
+ username = h.node_name(user_node)
+ rid = h.value_type(h.node_get_value(user_node, ""))[0]
+ # if RID is 500 (=0x1f4), the corresponding node name under
+ # Users is '000001F4'
+ key = ("%8.x" % rid).replace(' ', '0').upper()
+ rid_node = h.node_get_child(users_node, key)
+ f_value = h.value_value(h.node_get_value(rid_node, 'F'))[1]
+
+ if disabled(f_value):
+ self.out.warn("Found disabled `%s' account!" % username)
+ continue
+
+ users.append(username)
finally:
os.unlink(sam)
# Filter out the guest account
- return filter(lambda x: x != "Guest", users)
+ return users
+
+ def _check_connectivity(self):
+ """Check if winexe works on the Windows VM"""
+
+ passwd = self.sysprep_params['password']
+ winexe = WinEXE('Administrator', passwd, 'localhost')
+ winexe.uninstall().debug(9)
+
+ for i in range(CONNECTION_RETRIES):
+ (stdout, stderr, rc) = winexe.run('cmd /C')
+ if rc == 0:
+ return True
+ log = tempfile.NamedTemporaryFile(delete=False)
+ try:
+ log.file.write(stdout)
+ finally:
+ log.close()
+ self.out.output("failed! See: `%' for the full output" % log.name)
+ if i < CONNECTION_RETRIES - 1:
+ self.out.output("Retrying ...", False)
+ raise FatalError("Connection to the VM failed after %d retries" %
+ CONNECTION_RETRIES)
def _guest_exec(self, command, fatal=True):
"""Execute a command on a windows VM"""
return (stdout, stderr, rc)
+
+class _VM(object):
+ """Windows Virtual Machine"""
+ def __init__(self, disk, serial):
+ """Create _VM instance
+
+ disk: VM's hard disk
+ serial: File to save the output of the serial port
+ """
+
+ self.disk = disk
+ self.serial = serial
+
+ def random_mac():
+ mac = [0x00, 0x16, 0x3e,
+ random.randint(0x00, 0x7f),
+ random.randint(0x00, 0xff),
+ random.randint(0x00, 0xff)]
+
+ return ':'.join(map(lambda x: "%02x" % x, mac))
+
+ # Use ganeti's VNC port range for a random vnc port
+ self.display = random.randint(11000, 14999) - 5900
+
+ args = [
+ 'kvm', '-smp', '1', '-m', '1024', '-drive',
+ 'file=%s,format=raw,cache=unsafe,if=virtio' % self.disk,
+ '-netdev', 'type=user,hostfwd=tcp::445-:445,id=netdev0',
+ '-device', 'virtio-net-pci,mac=%s,netdev=netdev0' % random_mac(),
+ '-vnc', ':%d' % self.display, '-serial', 'file:%s' % self.serial,
+ '-monitor', 'stdio']
+
+ self.process = subprocess.Popen(args, stdin=subprocess.PIPE,
+ stdout=subprocess.PIPE)
+
+ def isalive(self):
+ """Check if the VM is still alive"""
+ return self.process.poll() is None
+
+ def destroy(self):
+ """Destroy the VM"""
+
+ if not self.isalive():
+ return
+
+ def handler(signum, frame):
+ self.process.terminate()
+ time.sleep(1)
+ if self.isalive():
+ self.process.kill()
+ self.process.wait()
+ self.out.output("timed-out")
+ raise FatalError("VM destroy timed-out")
+
+ signal.signal(signal.SIGALRM, handler)
+
+ signal.alarm(SHUTDOWN_TIMEOUT)
+ self.process.communicate(input="system_powerdown\n")
+ signal.alarm(0)
+
+ def wait(self, timeout=0):
+ """Wait for the VM to terminate"""
+
+ def handler(signum, frame):
+ self.destroy()
+ raise FatalError("VM wait timed-out.")
+
+ signal.signal(signal.SIGALRM, handler)
+
+ signal.alarm(timeout)
+ stdout, stderr = self.process.communicate()
+ signal.alarm(0)
+
+ return (stdout, stderr, self.process.poll())
+
# vim: set sta sts=4 shiftwidth=4 sw=4 et ai :
projects / snf-image-creator / blobdiff