|
 |
e296c6 |
From 477dc8accccab568002bd19caa3fbf898bc05aad Mon Sep 17 00:00:00 2001
|
|
|
e296c6 |
From: Ray Strode <rstrode@redhat.com>
|
|
|
e296c6 |
Date: Tue, 25 Aug 2020 10:34:03 -0400
|
|
|
e296c6 |
Subject: [PATCH 07/15] subman: Force re-subscribe if the admin already
|
|
|
e296c6 |
subscribed
|
|
|
e296c6 |
|
|
|
e296c6 |
It's possible for an admin to to half-enroll the system with RHN,
|
|
|
e296c6 |
using the CLI tools.
|
|
|
e296c6 |
|
|
|
e296c6 |
Meaning, it's possible for them to register the system with the
|
|
|
e296c6 |
service, but not attach to a purchased license for the machine,
|
|
|
e296c6 |
the, so called, entitlements.
|
|
|
e296c6 |
|
|
|
e296c6 |
The subman module always does both halves of the registration process
|
|
|
e296c6 |
in lock step. This means, if an admin tries to register using GNOME
|
|
|
e296c6 |
while in a half-registered state, subman will fail because the first
|
|
|
e296c6 |
step, the registration step, is already finished.
|
|
|
e296c6 |
|
|
|
e296c6 |
This commit addresses that problem by trying to unregister up front
|
|
|
e296c6 |
before registering.
|
|
|
e296c6 |
---
|
|
|
e296c6 |
plugins/subman/gsd-subman-helper.c | 11 +++++++++--
|
|
|
e296c6 |
1 file changed, 9 insertions(+), 2 deletions(-)
|
|
|
e296c6 |
|
|
|
e296c6 |
diff --git a/plugins/subman/gsd-subman-helper.c b/plugins/subman/gsd-subman-helper.c
|
|
|
e296c6 |
index f84e91bf..3931ef2e 100644
|
|
|
e296c6 |
--- a/plugins/subman/gsd-subman-helper.c
|
|
|
e296c6 |
+++ b/plugins/subman/gsd-subman-helper.c
|
|
|
e296c6 |
@@ -51,61 +51,60 @@ _helper_convert_error (const gchar *json_txt, GError **error)
|
|
|
e296c6 |
json_root = json_parser_get_root (json_parser);
|
|
|
e296c6 |
json_obj = json_node_get_object (json_root);
|
|
|
e296c6 |
if (!json_object_has_member (json_obj, "message")) {
|
|
|
e296c6 |
g_set_error (error,
|
|
|
e296c6 |
G_IO_ERROR,
|
|
|
e296c6 |
G_IO_ERROR_INVALID_DATA,
|
|
|
e296c6 |
"no message' in %s", json_txt);
|
|
|
e296c6 |
return;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
message = json_object_get_string_member (json_obj, "message");
|
|
|
e296c6 |
if (g_strstr_len (message, -1, "Invalid user credentials") != NULL) {
|
|
|
e296c6 |
g_set_error_literal (error,
|
|
|
e296c6 |
G_IO_ERROR,
|
|
|
e296c6 |
G_IO_ERROR_PERMISSION_DENIED,
|
|
|
e296c6 |
message);
|
|
|
e296c6 |
return;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
g_set_error_literal (error,
|
|
|
e296c6 |
G_IO_ERROR,
|
|
|
e296c6 |
G_IO_ERROR_NOT_SUPPORTED,
|
|
|
e296c6 |
message);
|
|
|
e296c6 |
}
|
|
|
e296c6 |
|
|
|
e296c6 |
static gboolean
|
|
|
e296c6 |
_helper_unregister (GError **error)
|
|
|
e296c6 |
{
|
|
|
e296c6 |
g_autoptr(GDBusProxy) proxy = NULL;
|
|
|
e296c6 |
g_autoptr(GVariantBuilder) proxy_options = NULL;
|
|
|
e296c6 |
g_autoptr(GVariant) res = NULL;
|
|
|
e296c6 |
|
|
|
e296c6 |
- g_debug ("unregistering");
|
|
|
e296c6 |
proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,
|
|
|
e296c6 |
G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES |
|
|
|
e296c6 |
G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS,
|
|
|
e296c6 |
NULL,
|
|
|
e296c6 |
"com.redhat.RHSM1",
|
|
|
e296c6 |
"/com/redhat/RHSM1/Unregister",
|
|
|
e296c6 |
"com.redhat.RHSM1.Unregister",
|
|
|
e296c6 |
NULL, error);
|
|
|
e296c6 |
if (proxy == NULL) {
|
|
|
e296c6 |
g_prefix_error (error, "Failed to get proxy: ");
|
|
|
e296c6 |
return FALSE;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
proxy_options = g_variant_builder_new (G_VARIANT_TYPE_VARDICT);
|
|
|
e296c6 |
res = g_dbus_proxy_call_sync (proxy,
|
|
|
e296c6 |
"Unregister",
|
|
|
e296c6 |
g_variant_new ("(a{sv}s)",
|
|
|
e296c6 |
proxy_options,
|
|
|
e296c6 |
locale),
|
|
|
e296c6 |
G_DBUS_CALL_FLAGS_NONE,
|
|
|
e296c6 |
DBUS_TIMEOUT,
|
|
|
e296c6 |
NULL, error);
|
|
|
e296c6 |
return res != NULL;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
|
|
|
e296c6 |
static gboolean
|
|
|
e296c6 |
_helper_auto_attach (GError **error)
|
|
|
e296c6 |
{
|
|
|
e296c6 |
const gchar *str = NULL;
|
|
|
e296c6 |
g_autoptr(GDBusProxy) proxy = NULL;
|
|
|
e296c6 |
g_autoptr(GVariantBuilder) proxy_options = NULL;
|
|
|
e296c6 |
@@ -208,60 +207,61 @@ main (int argc, char *argv[])
|
|
|
e296c6 |
{ "prefix", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,
|
|
|
e296c6 |
&prefix, "Registration server prefix", NULL },
|
|
|
e296c6 |
{ "port", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,
|
|
|
e296c6 |
&port, "Registration server port", NULL },
|
|
|
e296c6 |
{ "proxy", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,
|
|
|
e296c6 |
&proxy_server, "Proxy settings", NULL },
|
|
|
e296c6 |
{ NULL}
|
|
|
e296c6 |
};
|
|
|
e296c6 |
|
|
|
e296c6 |
/* check calling UID */
|
|
|
e296c6 |
if (getuid () != 0 || geteuid () != 0) {
|
|
|
e296c6 |
g_printerr ("This program can only be used by the root user\n");
|
|
|
e296c6 |
return G_IO_ERROR_NOT_SUPPORTED;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
|
|
|
e296c6 |
setlocale (LC_ALL, "");
|
|
|
e296c6 |
locale = setlocale (LC_MESSAGES, NULL);
|
|
|
e296c6 |
|
|
|
e296c6 |
g_option_context_add_main_entries (context, options, NULL);
|
|
|
e296c6 |
if (!g_option_context_parse (context, &argc, &argv, &error)) {
|
|
|
e296c6 |
g_printerr ("Failed to parse arguments: %s\n", error->message);
|
|
|
e296c6 |
return G_IO_ERROR_NOT_SUPPORTED;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
|
|
|
e296c6 |
/* uncommon actions */
|
|
|
e296c6 |
if (kind == NULL) {
|
|
|
e296c6 |
g_printerr ("No --kind specified\n");
|
|
|
e296c6 |
return G_IO_ERROR_INVALID_DATA;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
if (g_strcmp0 (kind, "unregister") == 0) {
|
|
|
e296c6 |
+ g_debug ("unregistering");
|
|
|
e296c6 |
if (!_helper_unregister (&error)) {
|
|
|
e296c6 |
g_printerr ("Failed to Unregister: %s\n", error->message);
|
|
|
e296c6 |
return G_IO_ERROR_NOT_INITIALIZED;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
return EXIT_SUCCESS;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
if (g_strcmp0 (kind, "auto-attach") == 0) {
|
|
|
e296c6 |
if (!_helper_auto_attach (&error)) {
|
|
|
e296c6 |
g_printerr ("Failed to AutoAttach: %s\n", error->message);
|
|
|
e296c6 |
return G_IO_ERROR_NOT_INITIALIZED;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
return EXIT_SUCCESS;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
|
|
|
e296c6 |
/* connect to abstract socket for reasons */
|
|
|
e296c6 |
if (address == NULL) {
|
|
|
e296c6 |
g_printerr ("No --address specified\n");
|
|
|
e296c6 |
return G_IO_ERROR_INVALID_DATA;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
conn_private = g_dbus_connection_new_for_address_sync (address,
|
|
|
e296c6 |
G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT,
|
|
|
e296c6 |
NULL, NULL,
|
|
|
e296c6 |
&error);
|
|
|
e296c6 |
if (conn_private == NULL) {
|
|
|
e296c6 |
g_printerr ("Invalid --address specified: %s\n", error->message);
|
|
|
e296c6 |
return G_IO_ERROR_INVALID_DATA;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
proxy = g_dbus_proxy_new_sync (conn_private,
|
|
|
e296c6 |
G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES,
|
|
|
e296c6 |
NULL, /* GDBusInterfaceInfo */
|
|
|
e296c6 |
@@ -277,96 +277,103 @@ main (int argc, char *argv[])
|
|
|
e296c6 |
/* no options */
|
|
|
e296c6 |
subman_options = g_variant_builder_new (G_VARIANT_TYPE("a{ss}"));
|
|
|
e296c6 |
|
|
|
e296c6 |
/* set registration server */
|
|
|
e296c6 |
if (hostname == NULL || hostname[0] == '\0')
|
|
|
e296c6 |
hostname = g_strdup ("subscription.rhsm.redhat.com");
|
|
|
e296c6 |
if (prefix == NULL || prefix[0] == '\0')
|
|
|
e296c6 |
prefix = g_strdup ("/subscription");
|
|
|
e296c6 |
if (port == NULL || port[0] == '\0')
|
|
|
e296c6 |
port = g_strdup ("443");
|
|
|
e296c6 |
subman_conopts = g_variant_builder_new (G_VARIANT_TYPE("a{ss}"));
|
|
|
e296c6 |
g_variant_builder_add (subman_conopts, "{ss}", "host", hostname);
|
|
|
e296c6 |
g_variant_builder_add (subman_conopts, "{ss}", "handler", prefix);
|
|
|
e296c6 |
g_variant_builder_add (subman_conopts, "{ss}", "port", port);
|
|
|
e296c6 |
|
|
|
e296c6 |
/* call into RHSM */
|
|
|
e296c6 |
if (g_strcmp0 (kind, "register-with-key") == 0) {
|
|
|
e296c6 |
g_auto(GStrv) activation_keys = NULL;
|
|
|
e296c6 |
g_autoptr(GError) error_local = NULL;
|
|
|
e296c6 |
g_autoptr(GVariant) res = NULL;
|
|
|
e296c6 |
|
|
|
e296c6 |
if (activation_key == NULL) {
|
|
|
e296c6 |
g_printerr ("Required --activation-key\n");
|
|
|
e296c6 |
return G_IO_ERROR_INVALID_DATA;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
if (organisation == NULL) {
|
|
|
e296c6 |
g_printerr ("Required --organisation\n");
|
|
|
e296c6 |
return G_IO_ERROR_INVALID_DATA;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
|
|
|
e296c6 |
+ g_debug ("trying to unregister in case machine is already registered");
|
|
|
e296c6 |
+ _helper_unregister (NULL);
|
|
|
e296c6 |
+
|
|
|
e296c6 |
g_debug ("registering using activation key");
|
|
|
e296c6 |
activation_keys = g_strsplit (activation_key, ",", -1);
|
|
|
e296c6 |
res = g_dbus_proxy_call_sync (proxy,
|
|
|
e296c6 |
"RegisterWithActivationKeys",
|
|
|
e296c6 |
g_variant_new ("(s^asa{ss}a{ss}s)",
|
|
|
e296c6 |
organisation,
|
|
|
e296c6 |
activation_keys,
|
|
|
e296c6 |
subman_options,
|
|
|
e296c6 |
subman_conopts,
|
|
|
e296c6 |
locale),
|
|
|
e296c6 |
G_DBUS_CALL_FLAGS_NO_AUTO_START,
|
|
|
e296c6 |
DBUS_TIMEOUT,
|
|
|
e296c6 |
NULL, &error_local);
|
|
|
e296c6 |
if (res == NULL) {
|
|
|
e296c6 |
g_dbus_error_strip_remote_error (error_local);
|
|
|
e296c6 |
_helper_convert_error (error_local->message, &error);
|
|
|
e296c6 |
g_printerr ("Failed to RegisterWithActivationKeys: %s\n", error->message);
|
|
|
e296c6 |
return error->code;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
} else if (g_strcmp0 (kind, "register-with-username") == 0) {
|
|
|
e296c6 |
g_autoptr(GError) error_local = NULL;
|
|
|
e296c6 |
g_autoptr(GVariant) res = NULL;
|
|
|
e296c6 |
|
|
|
e296c6 |
- g_debug ("registering using username and password");
|
|
|
e296c6 |
if (username == NULL) {
|
|
|
e296c6 |
g_printerr ("Required --username\n");
|
|
|
e296c6 |
return G_IO_ERROR_INVALID_DATA;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
if (password == NULL) {
|
|
|
e296c6 |
g_printerr ("Required --password\n");
|
|
|
e296c6 |
return G_IO_ERROR_INVALID_DATA;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
if (organisation == NULL) {
|
|
|
e296c6 |
g_printerr ("Required --organisation\n");
|
|
|
e296c6 |
return G_IO_ERROR_INVALID_DATA;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
+
|
|
|
e296c6 |
+ g_debug ("trying to unregister in case machine is already registered");
|
|
|
e296c6 |
+ _helper_unregister (NULL);
|
|
|
e296c6 |
+
|
|
|
e296c6 |
+ g_debug ("registering using username and password");
|
|
|
e296c6 |
res = g_dbus_proxy_call_sync (proxy,
|
|
|
e296c6 |
"Register",
|
|
|
e296c6 |
g_variant_new ("(sssa{ss}a{ss}s)",
|
|
|
e296c6 |
organisation,
|
|
|
e296c6 |
username,
|
|
|
e296c6 |
password,
|
|
|
e296c6 |
subman_options,
|
|
|
e296c6 |
subman_conopts,
|
|
|
e296c6 |
locale),
|
|
|
e296c6 |
G_DBUS_CALL_FLAGS_NO_AUTO_START,
|
|
|
e296c6 |
DBUS_TIMEOUT,
|
|
|
e296c6 |
NULL, &error_local);
|
|
|
e296c6 |
if (res == NULL) {
|
|
|
e296c6 |
g_dbus_error_strip_remote_error (error_local);
|
|
|
e296c6 |
_helper_convert_error (error_local->message, &error);
|
|
|
e296c6 |
g_printerr ("Failed to Register: %s\n", error->message);
|
|
|
e296c6 |
return error->code;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
} else {
|
|
|
e296c6 |
g_printerr ("Invalid --kind specified: %s\n", kind);
|
|
|
e296c6 |
return G_IO_ERROR_INVALID_DATA;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
|
|
|
e296c6 |
/* set the new hostname */
|
|
|
e296c6 |
if (!_helper_save_config ("server.hostname", hostname, &error)) {
|
|
|
e296c6 |
g_printerr ("Failed to save hostname: %s\n", error->message);
|
|
|
e296c6 |
return G_IO_ERROR_NOT_INITIALIZED;
|
|
|
e296c6 |
}
|
|
|
e296c6 |
if (!_helper_save_config ("server.prefix", prefix, &error)) {
|
|
|
e296c6 |
g_printerr ("Failed to save prefix: %s\n", error->message);
|
|
|
e296c6 |
--
|
|
|
e296c6 |
2.30.0
|
|
|
e296c6 |
|