403Webshell
Server IP : 103.119.228.120  /  Your IP : 18.119.107.159
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /usr/local/ssl/local/ssl/local/ssl/lib/python2.7/site-packages/yum/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :


[ Back ]     

Current File : /usr/local/ssl/local/ssl/local/ssl/lib/python2.7/site-packages/yum/updateinfo.py
import os.path
import re

from yum.i18n import _, P_

from yum.constants import *

from yum.logginglevels import INFO_1

import rpmUtils.miscutils

import misc

import fnmatch

# newpackages is weird, in that we'll never display that because we filter to
# things relevant to installed pkgs...
_update_info_types_ = ("security", "bugfix", "enhancement",
                       "recommended", "newpackage")

def _rpm_tup_vercmp(tup1, tup2):
    """ Compare two "std." tuples, (n, a, e, v, r). """
    return rpmUtils.miscutils.compareEVR((tup1[2], tup1[3], tup1[4]),
                                         (tup2[2], tup2[3], tup2[4]))


def _ysp_safe_refs(refs):
    """ Sometimes refs == None, if so return the empty list here. 
        So we don't have to check everywhere. """
    if not refs:
        return []
    return refs

def _match_sec_cmd(sec_cmds, pkgname, notice):
    for i in sec_cmds:
        if fnmatch.fnmatch(pkgname, i):
            return i
        if fnmatch.fnmatch(notice['update_id'], i):
            return i

        cvei = i
        if not (i.startswith("CVE-") or i.startswith("*")):
            cvei = 'CVE-' + i
        for ref in _ysp_safe_refs(notice['references']):
            if ref['id'] is None:
                continue
            if fnmatch.fnmatch(ref['id'], i):
                return i
            if fnmatch.fnmatch(ref['id'], cvei):
                return i
    return None

def _has_id(used_map, refs, ref_type, ref_ids):
    ''' Check if the given ID is a match. '''
    for ref in _ysp_safe_refs(refs):
        if ref['type'] != ref_type:
            continue
        if ref['id'] not in ref_ids:
            continue
        used_map[ref_type][ref['id']] = True
        return ref
    return None
    
def _ysp_should_filter_pkg(opts, pkgname, notice, used_map):
    """ Do the package filtering for should_show and should_keep. """
    
    rcmd = _match_sec_cmd(opts.sec_cmds, pkgname, notice)
    if rcmd:
        used_map['cmd'][rcmd] = True
        return True
    elif opts.advisory and notice['update_id'] in opts.advisory:
        used_map['id'][notice['update_id']] = True
        return True
    elif (opts.severity and notice['type'] == 'security' and
          notice['severity'] in opts.severity):
        used_map['sev'][notice['severity']] = True
        return True
    elif opts.cve and _has_id(used_map, notice['references'], "cve", opts.cve):
        return True
    elif opts.bz and _has_id(used_map, notice['references'],"bugzilla",opts.bz):
        return True
    # FIXME: Add opts for enhancement/etc.? -- __update_info_types__
    elif (opts.security and notice['type'] == 'security' and
          (not opts.severity or 'severity' not in notice or
           not notice['severity'])):
        return True
    elif opts.bugfixes and notice['type'] == 'bugfix':
        return True
    elif not (opts.advisory or opts.cve or opts.bz or
              opts.security or opts.bugfixes or opts.sec_cmds or opts.severity):
        return True # This is only possible from should_show_pkg

    return False

def _ysp_has_info_md(rname, md):
    if rname in _update_info_types_:
        if md['type'] == rname:
            return md
    for ref in _ysp_safe_refs(md['references']):
        if ref['type'] != rname:
            continue
        return md

def _no_options(opts):
    return not (opts.security or opts.bugfixes or
                opts.advisory or opts.bz or opts.cve or opts.severity)

def _updateinfofilter2opts(updateinfo_filters):
    opts = misc.GenericHolder()
    opts.sec_cmds = []

    opts.advisory = updateinfo_filters.get('advs', [])
    opts.bz       = updateinfo_filters.get('bzs',  [])
    opts.cve      = updateinfo_filters.get('cves', [])
    opts.severity = updateinfo_filters.get('sevs', [])

    opts.bugfixes = updateinfo_filters.get('bugfix', False)
    opts.security = updateinfo_filters.get('security', False)

    return opts

def _args2filters(args):
    # Basically allow args to turn into security filters, for shell command etc.

    T_map = {'advs' : 'advs',
             'advisory' : 'advs',
             'advisories' : 'advs',

             'bzs' : 'bzs',
             'bz' : 'bzs',

             'cves' : 'cves',
             'cve' : 'cves',

             'security-severity' : 'sevs',
             'security-severities' : 'sevs',
             'severity' : 'sevs',
             'severities' : 'sevs',
             'sevs' : 'sevs',
             'sev' : 'sevs',

             'security' : 'security',
             'sec' : 'security',

             'bugfix' : 'bugfix',
             'bugfixes' : 'bugfix',
             'bugs' : 'bugfix',

             }

    filters = {'security' : False, 'bugfix' : False}

    for arg0 in args:
        arg0 = arg0.replace(" ", ',')
        T = 'advs'
        if '=' in arg0:
            T, arg1 = arg0.split('=', 1)
        elif arg0 not in T_map:
            arg1 = arg0
        else:
            T = arg0
            arg1 = 'true'

        if T not in T_map:
            continue # Error message?

        T = T_map[T]

        if T in ('security', 'bugfix'):
            filters[T] = not filters[T]
        else:
            filters[T] = filters.get(T, []) + arg1.split(',')
        return filters

def _ysp_gen_opts(filters, sec_cmds=None):
    def strip_respin(id_):
        # Example: RHSA-2016:1234-2 -> RHSA-2016:1234
        pattern = r'^(RH[BES]A\-\d+\:\d+)(\-\d+)?$'
        match = re.match(pattern, id_)
        if match:
            return match.group(1)
        return id_

    opts = _updateinfofilter2opts(filters)
    if sec_cmds is not None:
        opts.sec_cmds = sec_cmds

    # If a RH advisory was specified with a respin suffix, strip it out, as we
    # don't include these suffixes in the notice update_id attribute either (we
    # use the version attribute for that).  Note that there's no ambiguity in
    # which notice version we should match then, as updateinfo.xml should only
    # contain one per advisory ID (we give a warning when duplicate IDs are
    # detected in it).  The reason we are handling this is that we sometimes
    # refer to advisories in this form (e.g. on rhn.redhat.com/errata/...) and
    # the user may then use it with yum too, in which case we would yield no
    # matches.
    #
    # However, we used to put these suffixes in update_id in the past, so let's
    # also keep the original (unstripped) form around in opts, just in case we
    # are dealing with such an old updateinfo.xml.
    for attr in ['sec_cmds', 'advisory']:
        oldlist = getattr(opts, attr)
        stripped = map(strip_respin, oldlist)
        newlist = list(set(oldlist) | set(stripped))
        setattr(opts, attr, newlist)

    return opts

def _ysp_gen_used_map(opts):
    used_map = {'bugzilla' : {}, 'cve' : {}, 'id' : {}, 'cmd' : {}, 'sev' : {}}
    if True:
        return used_map
    for i in opts.sec_cmds:
        used_map['cmd'][i] = False
    for i in opts.advisory:
        used_map['id'][i] = False
    for i in opts.bz:
        used_map['bugzilla'][i] = False
    for i in opts.cve:
        used_map['cve'][i] = False
    for i in opts.severity:
        used_map['sev'][i] = False
    return used_map

def _ysp_chk_used_map(used_map, msg):
    for i in used_map['cmd']:
        if not used_map['cmd'][i]:
            msg('No update information found for \"%s\"' % i)
    for i in used_map['id']:
        if not used_map['id'][i]:
            msg('Advisory \"%s\" not found applicable for this system' % i)
    for i in used_map['bugzilla']:
        if not used_map['bugzilla'][i]:
            msg('BZ \"%s\" not found applicable for this system' % i)
    for i in used_map['cve']:
        if not used_map['cve'][i]:
            msg('CVE \"%s\" not found applicable for this system' % i)
    for i in used_map['sev']:
        if not used_map['sev'][i]:
            msg('Severity \"%s\" not found applicable for this system' % i)


def _get_name2pkgtup(base, pkgtups):
    name2tup = {}
    for pkgtup in pkgtups:
        # Get the latest "old" pkgtups
        if (pkgtup[0] in name2tup and
            _rpm_tup_vercmp(name2tup[pkgtup[0]], pkgtup) > 0):
            continue
        name2tup[pkgtup[0]] = pkgtup
    return name2tup
def _get_name2oldpkgtup(base):
    """ Get the pkgtups for all installed pkgs. which have an update. """
    oupdates = map(lambda x: x[1], base.up.getUpdatesTuples())
    return _get_name2pkgtup(base, oupdates)
def _get_name2instpkgtup(base):
    """ Get the pkgtups for all installed pkgs. """
    return _get_name2pkgtup(base, base.rpmdb.simplePkgList())
def _get_name2allpkgtup(base):
    """ Get the pkgtups for all installed pkgs. and munge that to be the
        first possible pkgtup. """
    ofirst = [(pt[0], pt[1], '0','0','0') for pt in base.rpmdb.simplePkgList()]
    return _get_name2pkgtup(base, ofirst)
def _get_name2aallpkgtup(base):
    """ Get the pkgtups for all available pkgs. and munge that to be the
        first possible pkgtup. """
    ofirst = [(pt[0], pt[1],'0','0','0') for pt in base.pkgSack.simplePkgList()]
    return _get_name2pkgtup(base, ofirst)


#  You might think we'd just call delPackage
# and indeed that works for list updates etc.
#
# __but__ that doesn't work for dependancies on real updates
#
#  So to fix deps. we need to do it at the preresolve stage and take the
# "transaction package list" and then remove packages from that.
#
# __but__ that doesn't work for lists ... so we do it two ways
#
def _ysp_should_keep_pkg(opts, pkgtup, md_info, used_map):
    """ Do we want to keep this package to satisfy the security limits. """
    name = pkgtup[0]
    for (pkgtup, notice) in md_info.get_applicable_notices(pkgtup):
        if _ysp_should_filter_pkg(opts, name, notice, used_map):
            return True
    return False

def _repos_downloaded(repos):
    dled = True
    for repo in repos:
        try:
            data = repo.repoXML.getData('updateinfo');
        except:
            continue # No data is fine...

        # Note that this doesn't check that it's decompressed...
        path = repo.cachedir +'/'+ os.path.basename(data.location[1])
        if not os.path.exists(path):
            dled = False
            break

    return dled

def _check_running_kernel(yb, md_info, msg):
    kern_pkgtup = misc.get_running_kernel_pkgtup(yb.ts)
    if kern_pkgtup[0] is None:
        return

    found_sec = False
    for (pkgtup, notice) in md_info.get_applicable_notices(kern_pkgtup):
        if found_sec or notice['type'] != 'security':
            continue
        found_sec = True
        ipkg = yb.rpmdb.searchPkgTuple(pkgtup)
        if not ipkg:
            continue # Not installed
        ipkg = ipkg[0]

        e = ''
        if kern_pkgtup[2] != '0':
            e = '%s:' % kern_pkgtup[2]
        rpkg = '%s-%s%s-%s.%s' % (kern_pkgtup[0], e,
                                  kern_pkgtup[3], kern_pkgtup[4],
                                  kern_pkgtup[1])

        msg(_('Security: %s is an installed security update') % ipkg)
        msg(_('Security: %s is the currently running version') % rpkg)
        break

def remove_txmbrs(base, filters=None):
    '''
    Remove packages from the transaction, using the updateinfo data.
    '''

    def ysp_del_pkg(tspkg):
        """ Deletes a package within a transaction. """
        base.verbose_logger.log(INFO_1,
                                _(" --> %s from %s removed (updateinfo)") %
                                (tspkg.po, tspkg.po.ui_from_repo))
        tsinfo.remove(tspkg.pkgtup)

    if filters is None:
        filters = base.updateinfo_filters
    opts = _ysp_gen_opts(filters)

    if _no_options(opts):
        return 0, 0, 0

    md_info = base.upinfo
    tot = 0
    cnt = 0
    used_map = _ysp_gen_used_map(opts)
    tsinfo = base.tsInfo
    tspkgs = tsinfo.getMembers()
    #  Ok, here we keep any pkgs that pass "ysp" tests, then we keep all
    # related pkgs ... Ie. "installed" version marked for removal.
    keep_pkgs = set()

    count_states = set(TS_INSTALL_STATES + [TS_ERASE])
    count_pkgs = set()
    for tspkg in tspkgs:
        if tspkg.output_state in count_states:
            count_pkgs.add(tspkg.po)

    name2tup = _get_name2oldpkgtup(base)
    for tspkg in tspkgs:
        if tspkg.output_state in count_states:
            tot += 1
        name = tspkg.po.name
        if (name not in name2tup or
            not _ysp_should_keep_pkg(opts, name2tup[name], md_info, used_map)):
            continue
        if tspkg.output_state in count_states:
            cnt += 1
        keep_pkgs.add(tspkg.po)

    scnt = cnt
    mini_depsolve_again = True
    while mini_depsolve_again:
        mini_depsolve_again = False

        for tspkg in tspkgs:
            if tspkg.po in keep_pkgs:
                # Find any related pkgs, and add them:
                for (rpkg, reason) in tspkg.relatedto:
                    if rpkg not in keep_pkgs:
                        if rpkg in count_pkgs:
                            cnt += 1
                        keep_pkgs.add(rpkg)
                        mini_depsolve_again = True
            else:
                # If related to any keep pkgs, add us
                for (rpkg, reason) in tspkg.relatedto:
                    if rpkg in keep_pkgs:
                        if rpkg in count_pkgs:
                            cnt += 1
                        keep_pkgs.add(tspkg.po)
                        mini_depsolve_again = True
                        break

    for tspkg in tspkgs:
        if tspkg.po not in keep_pkgs:
            ysp_del_pkg(tspkg)

    _ysp_chk_used_map(used_map, lambda x: base.verbose_logger.warn("%s", x))
    
    if cnt:
        base.verbose_logger.log(INFO_1, _('%d package(s) needed (+%d related) for security, out of %d available') % (scnt, cnt - scnt, tot))
    else:
        base.verbose_logger.log(INFO_1, _('No packages needed for security; %d packages available') % tot)

    return cnt, scnt, tot

def exclude_updates(base, filters=None):
    '''
    Exclude all packages to do with updates, using the updateinfo data.
    '''
    
    def ysp_del_pkg(pkg, reason="updateinfo"):
        """ Deletes a package from all trees that yum knows about """
        base.verbose_logger.log(INFO_1,
                                _(" --> %s from %s excluded (%s)") %
                                (pkg,pkg.repoid, reason))
        pkg.repo.sack.delPackage(pkg)

    if filters is None:
        filters = base.updateinfo_filters
    opts = _ysp_gen_opts(filters)

    if _no_options(opts):
        return 0, 0

    md_info = base.upinfo

    used_map = _ysp_gen_used_map(opts)

    tot = len(set(base.doPackageLists(pkgnarrow='updates').updates + \
                  base.doPackageLists(pkgnarrow='obsoletes').obsoletes))

    pkgs = base.pkgSack.returnPackages()
    name2tup = _get_name2oldpkgtup(base)
    
    pkgs_to_del = []
    for pkg in pkgs:
        name = pkg.name
        if (name not in name2tup or
            not _ysp_should_keep_pkg(opts, name2tup[name], md_info, used_map)):
            pkgs_to_del.append(pkg.name)
            continue
    if pkgs_to_del:
        for p in base.doPackageLists(pkgnarrow='available', patterns=pkgs_to_del, showdups=True).available:
            ysp_del_pkg(p)

    cnt = len(set(base.doPackageLists(pkgnarrow='updates').updates + \
                  base.doPackageLists(pkgnarrow='obsoletes').obsoletes))

    _ysp_chk_used_map(used_map, lambda x: base.verbose_logger.warn("%s", x))

    if cnt:
        base.verbose_logger.log(INFO_1, _('%d package(s) needed for security, out of %d available') % (cnt, tot))
    else:
        base.verbose_logger.log(INFO_1, _('No packages needed for security; %d packages available' % tot))

    return cnt, tot

def exclude_all(base, filters=None):
    '''
    Exclude all packages, using the updateinfo data.
    '''
    
    def ysp_del_pkg(pkg, reason="updateinfo"):
        """ Deletes a package from all trees that yum knows about """
        base.verbose_logger.log(INFO_1,
                                _(" --> %s from %s excluded (%s)") %
                                (pkg,pkg.repoid, reason))
        pkg.repo.sack.delPackage(pkg)

    if filters is None:
        filters = base.updateinfo_filters
    opts = _ysp_gen_opts(filters)

    if _no_options(opts):
        return 0, 0

    md_info = base.upinfo

    used_map = _ysp_gen_used_map(opts)

    pkgs = base.pkgSack.returnPackages()
    name2tup = _get_name2aallpkgtup(base)
    
    tot = 0
    cnt = 0
    for pkg in pkgs:
        tot += 1
        name = pkg.name
        if (name not in name2tup or
            not _ysp_should_keep_pkg(opts, name2tup[name], md_info, used_map)):
            ysp_del_pkg(pkg)
            continue
        cnt += 1

    _ysp_chk_used_map(used_map, lambda x: base.verbose_logger.warn("%s", x))

    if cnt:
        base.verbose_logger.log(INFO_1, _('%d package(s) needed for security, out of %d available') % (cnt, tot))
    else:
        base.verbose_logger.log(INFO_1, _('No packages needed for security; %d packages available' % tot))

    return cnt, tot

def update_minimal(base, extcmds=[]):
    """Mark the specified items to be updated, in the minimal way.
    :param extcmds: the user specified arguments
    :return: a list of transaction members added to the
       transaction set by this function
    """
    txmbrs = []

    used_map = _ysp_gen_used_map(base.updateinfo_filters)
    opts     = _ysp_gen_opts(base.updateinfo_filters)
    ndata    = _no_options(opts)

    # NOTE: Not doing obsoletes processing atm. ... maybe we should? --
    # Also worth pointing out we don't go backwards for obsoletes in the:
    # update --security case etc.

    # obsoletes = base.up.getObsoletesTuples(newest=False)
    # for (obsoleting, installed) in sorted(obsoletes, key=lambda x: x[0]):
    #   pass

    # Tuples == (n, a, e, v, r)
    oupdates  = map(lambda x: x[1], base.up.getUpdatesTuples())
    for oldpkgtup in sorted(oupdates):
        data = base.upinfo.get_applicable_notices(oldpkgtup)
        if ndata: # No options means pick the oldest update
            data.reverse()

        for (pkgtup, notice) in data:
            name = pkgtup[0]
            if extcmds and not _match_sec_cmd(extcmds, name, notice):
                continue
            if (not ndata and
                not _ysp_should_filter_pkg(opts, name, notice, used_map)):
                continue
            txmbrs.extend(base.update(name=pkgtup[0], arch=pkgtup[1],
                                      epoch=pkgtup[2],
                                      version=pkgtup[3], release=pkgtup[4]))
            break

    # _ysp_chk_used_map(used_map, msg)

    return txmbrs


Youez - 2016 - github.com/yon3zu
LinuXploit