From commits-return-5016-archive-asf-public=cust-asf.ponee.io@ranger.apache.org Wed Nov 21 15:07:12 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 27E6318067B for ; Wed, 21 Nov 2018 15:07:09 +0100 (CET) Received: (qmail 2662 invoked by uid 500); 21 Nov 2018 14:07:09 -0000 Mailing-List: contact commits-help@ranger.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ranger.apache.org Delivered-To: mailing list commits@ranger.apache.org Received: (qmail 2646 invoked by uid 99); 21 Nov 2018 14:07:09 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Nov 2018 14:07:09 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 985E3E00A4; Wed, 21 Nov 2018 14:07:08 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: pradeep@apache.org To: commits@ranger.apache.org Date: Wed, 21 Nov 2018 14:07:09 -0000 Message-Id: <524a8de1bfd542eea4d566cbeecd47df@git.apache.org> In-Reply-To: <6e83b7d7eddc4ee3bbf9055fe6a267a3@git.apache.org> References: <6e83b7d7eddc4ee3bbf9055fe6a267a3@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [2/3] ranger git commit: RANGER-2286: Ranger install may be prevented by leftover DB entry http://git-wip-us.apache.org/repos/asf/ranger/blob/6093b553/security-admin/scripts/db_setup.py ---------------------------------------------------------------------- diff --git a/security-admin/scripts/db_setup.py b/security-admin/scripts/db_setup.py index 73b24ac..c20b6a2 100644 --- a/security-admin/scripts/db_setup.py +++ b/security-admin/scripts/db_setup.py @@ -29,6 +29,7 @@ os_name = os_name.upper() ranger_version='' jisql_debug=True retryPatchAfterSeconds=120 +stalePatchEntryHoldTimeInMinutes=10 java_patch_regex="^Patch.*?J\d{5}.class$" is_unix = os_name == "LINUX" or os_name == "DARWIN" @@ -91,8 +92,8 @@ def populate_global_dict(): value = '' value = value.strip() globalDict[key] = value - if 'ranger_admin_max_heap_size' not in globalDict: - globalDict['ranger_admin_max_heap_size']='1g' + if 'ranger_admin_max_heap_size' not in globalDict: + globalDict['ranger_admin_max_heap_size']='1g' def jisql_log(query, db_password): if jisql_debug == True: @@ -120,17 +121,19 @@ def subprocessCallWithRetry(query): if(returnCode!=0 and retryCount>=3): break return returnCode + def dbversionBasedOnUserName(userName): - version = "" - if userName == "admin" : - version = 'DEFAULT_ADMIN_UPDATE' - if userName == "rangerusersync" : - version = 'DEFAULT_RANGER_USERSYNC_UPDATE' - if userName == "rangertagsync" : - version = 'DEFAULT_RANGER_TAGSYNC_UPDATE' - if userName == "keyadmin" : - version = 'DEFAULT_KEYADMIN_UPDATE' - return version + version = "" + if userName == "admin" : + version = 'DEFAULT_ADMIN_UPDATE' + if userName == "rangerusersync" : + version = 'DEFAULT_RANGER_USERSYNC_UPDATE' + if userName == "rangertagsync" : + version = 'DEFAULT_RANGER_TAGSYNC_UPDATE' + if userName == "keyadmin" : + version = 'DEFAULT_KEYADMIN_UPDATE' + return version + class BaseDB(object): def check_connection(self, db_name, db_user, db_password): @@ -161,38 +164,17 @@ class BaseDB(object): else: log("[I] No patches to apply!","info") - def auditdb_operation(self, xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): - log("[I] ----------------- Audit DB operations ------------", "info") - - def apply_auditdb_patches(self, xa_sqlObj,xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, PATCHES_PATH, TABLE_NAME): - #first get all patches and then apply each patch - if not os.path.exists(PATCHES_PATH): - log("[I] No patches to apply!","info") - else: - # files: coming from os.listdir() sorted alphabetically, thus not numerically - files = os.listdir(PATCHES_PATH) - if files: - sorted_files = sorted(files, key=lambda x: str(x.split('.')[0])) - for filename in sorted_files: - currentPatch = os.path.join(PATCHES_PATH, filename) - self.import_auditdb_patches(xa_sqlObj, xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, currentPatch, TABLE_NAME) - else: - log("[I] No patches to apply!","info") - def execute_java_patches(xa_db_host, db_user, db_password, db_name): log("[I] ----------------- Executing java patches ------------", "info") - def create_synonym(db_name, db_user, db_password,audit_db_user): - log("[I] ----------------- Creating Synonym ------------", "info") - def change_admin_default_password(xa_db_host, db_user, db_password, db_name,userName,oldPassword,newPassword): - log("[I] ----------------- Changing Ranger "+ userName +" default password ------------", "info") + log("[I] ----------------- Changing Ranger "+ userName +" default password ------------", "info") def import_core_db_schema(self, db_name, db_user, db_password, file_name,first_table,last_table): log("[I] ---------- Importing Core DB Schema ----------", "info") - def is_new_install(xa_db_host, db_user, db_password, db_name): - log("[I] ----------------- Checking Ranger Version ------------", "info") + def is_new_install(self,xa_db_host, db_user, db_password, db_name): + log("[I] ----------------- Checking Ranger Version ------------", "info") class MysqlConf(BaseDB): # Constructor @@ -244,26 +226,6 @@ class MysqlConf(BaseDB): log("[I] Please run DB setup first or contact Administrator.." ,"info") sys.exit(1) - def grant_audit_db_user(self, db_user, audit_db_name, audit_db_user, audit_db_password, db_password,TABLE_NAME): - hosts_arr =["%", "localhost"] - hosts_arr.append(self.host) - for host in hosts_arr: - log("[I] ---------------Granting privileges TO '"+ audit_db_user + "' on '" + audit_db_name+"'-------------" , "info") - get_cmd = self.get_jisql_cmd(db_user, db_password, audit_db_name) - if is_unix: - query = get_cmd + " -query \"GRANT INSERT ON %s.%s TO '%s'@'%s';\"" %(audit_db_name,TABLE_NAME,audit_db_user,host) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd + " -query \"GRANT INSERT ON %s.%s TO '%s'@'%s';\" -c ;" %(audit_db_name,TABLE_NAME,audit_db_user,host) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(query) - if ret == 0: - log("[I] Granting privileges to '" + audit_db_user+"' done on '"+ audit_db_name+"'", "info") - else: - log("[E] Granting privileges to '" +audit_db_user+"' failed on '" + audit_db_name+"'", "error") - sys.exit(1) - def import_db_file(self, db_name, db_user, db_password, file_name): isImported=False name = basename(file_name) @@ -294,6 +256,7 @@ class MysqlConf(BaseDB): version = name.split('-')[0] log("[I] Executing patch on " + db_name + " from file: " + name,"info") get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) + ##check whether patch is already applied or not if is_unix: query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) elif os_name == "WINDOWS": @@ -303,6 +266,8 @@ class MysqlConf(BaseDB): if output.strip(version + " |"): log("[I] Patch "+ name +" is already applied" ,"info") else: + #before executing the patch first check whether its in progress from any host. + executePatch=False if is_unix: query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": @@ -310,12 +275,69 @@ class MysqlConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): + #check whether process is in progress from different host if yes then wait until it finishes. + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + #check whether process is in progress from same host and entry was created in less than $stalePatchEntryHoldTimeInMinutes minute from current time + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) while(output.strip(version + " |")): - log("[I] Patch "+ name +" is being applied by some other process" ,"info") + #wait for process to complete or $stalePatchEntryHoldTimeInMinutes minutes + log("[I] Patch "+ name +" is being applied by some other process of current host" ,"info") time.sleep(retryPatchAfterSeconds) jisql_log(query, db_password) output = check_output(query) + ##check whether process is in progress from same host and entry was created before $stalePatchEntryHoldTimeInMinutes minute from current time + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + if(output.strip(version + " |")): + #delete the $stalePatchEntryHoldTimeInMinutes minute old entry and allow the same host to proceed with patch execution + if is_unix: + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] deleted old entry of patch:"+name, "info") + #if patch is still in progress from any host then wait for its completion or forever + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + #if patch entry does not exist then allow patch execution to the current host. + if not (output.strip(version + " |")): + executePatch=True else: + executePatch=True + ##if patch entry does not exist in x_db_version_h table then insert the entry with active='N' and execute the patch. + if executePatch: if is_unix: query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), '%s', now(), '%s','N') ;\"" %(version,ranger_version,client_host) jisql_log(query, db_password) @@ -382,97 +404,6 @@ class MysqlConf(BaseDB): log("[E] "+name + " import failed!","error") sys.exit(1) - def import_auditdb_patches(self, xa_sqlObj,xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): - log("[I] --------- Checking XA_ACCESS_AUDIT table to apply audit db patches --------- ","info") - output = self.check_table(audit_db_name, db_user, db_password, TABLE_NAME) - if output == True: - name = basename(file_name) - if os.path.isfile(file_name): - version = name.split('-')[0] - log("[I] Executing patch on " + audit_db_name + " from file: " + name,"info") - get_cmd1 = xa_sqlObj.get_jisql_cmd(db_user, db_password, db_name) - if is_unix: - query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) - jisql_log(query, db_password) - output = check_output(query) - if output.strip(version + " |"): - log("[I] Patch "+ name +" is already applied" ,"info") - else: - if is_unix: - query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) - jisql_log(query, db_password) - output = check_output(query) - if output.strip(version + " |"): - while(output.strip(version + " |")): - log("[I] Patch "+ name +" is being applied by some other process" ,"info") - time.sleep(retryPatchAfterSeconds) - jisql_log(query, db_password) - output = check_output(query) - else: - if is_unix: - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), '%s', now(), '%s','N') ;\"" %(version,ranger_version,client_host) - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), '%s', now(), '%s','N') ;\" -c ;" %(version,ranger_version,client_host) - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log ("[I] Patch "+ name +" is being applied..","info") - else: - log("[E] Patch "+ name +" failed", "error") - sys.exit(1) - get_cmd2 = self.get_jisql_cmd(db_user, db_password, audit_db_name) - if is_unix: - query = get_cmd2 + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd2 + " -input %s -c ;" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") - if is_unix: - query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] Patch version updated", "info") - else: - if is_unix: - query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) - jisql_log(query, db_password) - ret = subprocess.call(query) - log("[E] Updating patch version failed", "error") - sys.exit(1) - else: - if is_unix: - query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) - jisql_log(query, db_password) - ret = subprocess.call(query) - log("[E] "+name + " import failed!","error") - sys.exit(1) - else: - log("[I] Table XA_ACCESS_AUDIT does not exists in " +audit_db_name,"error") - sys.exit(1) - def check_table(self, db_name, db_user, db_password, TABLE_NAME): get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) if is_unix: @@ -488,15 +419,6 @@ class MysqlConf(BaseDB): log("[I] Table " + TABLE_NAME +" does not exist in database " + db_name + "","info") return False - def auditdb_operation(self, xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): - log("[I] --------- Check ranger user connection ---------","info") - self.check_connection(audit_db_name, db_user, db_password) - log("[I] --------- Check audit table exists --------- ","info") - output = self.check_table(audit_db_name, db_user, db_password, TABLE_NAME) - if output == False: - self.import_db_file(audit_db_name ,db_user, db_password, file_name) - self.grant_audit_db_user(db_user, audit_db_name, audit_db_user, audit_db_password, db_password,TABLE_NAME) - def execute_java_patches(self, xa_db_host, db_user, db_password, db_name): global globalDict my_dict = {} @@ -537,6 +459,8 @@ class MysqlConf(BaseDB): if output.strip(version + " |"): log("[I] Java patch "+ className +" is already applied" ,"info") else: + #before executing the patch first check whether its in progress from any host. + executePatch=False if is_unix: query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": @@ -544,12 +468,64 @@ class MysqlConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): + #check whether process is in progress from different host if yes then wait until it finishes. + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Java patch "+ className +" is being applied by some other host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + #check whether process is in progress from same host + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) while(output.strip(version + " |")): - log("[I] Java patch "+ className +" is being applied by some other process" ,"info") + log("[I] Java patch "+ className +" is being applied by some other process of current host" ,"info") time.sleep(retryPatchAfterSeconds) jisql_log(query, db_password) output = check_output(query) + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + if(output.strip(version + " |")): + if is_unix: + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N' and updated_by='%s';\"" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] deleted old entry of patch:"+className, "info") + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Java patch "+ className +" is being applied by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if not (output.strip(version + " |")): + executePatch=True else: + executePatch=True + ##if patch entry does not exist in x_db_version_h table then insert the entry with active='N' and execute the patch. + if executePatch: if is_unix: query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J%s', now(), '%s', now(), '%s','N') ;\"" %(version,ranger_version,client_host) jisql_log(query, db_password) @@ -609,7 +585,7 @@ class MysqlConf(BaseDB): def change_admin_default_password(self, xa_db_host, db_user, db_password, db_name,userName,oldPassword,newPassword): version = "" className = "ChangePasswordUtil" - version = dbversionBasedOnUserName(userName) + version = dbversionBasedOnUserName(userName) app_home = os.path.join(RANGER_ADMIN_HOME,"ews","webapp") ranger_log = os.path.join(RANGER_ADMIN_HOME,"ews","logs") filePath = os.path.join(app_home,"WEB-INF","classes","org","apache","ranger","patch","cliutil","ChangePasswordUtil.class") @@ -623,8 +599,10 @@ class MysqlConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): - log("[I] Ranger "+ userName +" default password has already been changed!!","info") + log("[I] Ranger "+ userName +" default password has already been changed!!","info") else: + #before executing the patch first check whether its in progress from any host. + executePatch=False if is_unix: query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": @@ -632,19 +610,71 @@ class MysqlConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): - countTries = 0 + #check whether process is in progress from different host if yes then wait until it finishes. + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + countTries = 0 + while(output.strip(version + " |")): + if countTries < 3: + log("[I] Ranger Password change utility is being executed by some other host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + countTries += 1 + else: + log("[E] Tried updating the password "+ str(countTries) + " times","error") + log("[E] If Ranger "+ userName +" user password is not being changed by some other host then manually delete the entry from ranger database table x_db_version_h table where version is " + version ,"error") + sys.exit(1) + #check whether process is in progress from same host + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) while(output.strip(version + " |")): - if countTries < 3: - log("[I] Ranger Password change utility is being executed by some other process" ,"info") - time.sleep(retryPatchAfterSeconds) - jisql_log(query, db_password) - output = check_output(query) - countTries += 1 - else: - log("[E] Tried updating the password "+ str(countTries) + " times","error") - log("[E] If Ranger "+ userName +" user password is not being changed by some other process then manually delete the entry from ranger database table x_db_version_h table where version is " + version ,"error") - sys.exit(1) + log("[I] Ranger Password change utility for user "+ userName +" is being executed by some other process of current host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + if(output.strip(version + " |")): + if is_unix: + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] deleted old entry for user:"+userName, "info") + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Ranger Password change utility for user "+ userName +" is being applied by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if not (output.strip(version + " |")): + executePatch=True else: + executePatch=True + + if executePatch: if is_unix: query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), '%s', now(), '%s','N') ;\"" %(version,ranger_version,client_host) jisql_log(query, db_password) @@ -654,15 +684,15 @@ class MysqlConf(BaseDB): jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log ("[I] Ranger "+ userName +" default password change request is in process..","info") + log ("[I] Ranger "+ userName +" default password change request is in process..","info") else: - log("[E] Ranger "+ userName +" default password change request failed", "error") - sys.exit(1) + log("[E] Ranger "+ userName +" default password change request failed", "error") + sys.exit(1) if is_unix: path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) elif os_name == "WINDOWS": path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.cliutil.%s %s %s %s -default"%(self.JAVA_BIN,ranger_log,path,className,'"'+userName+'"','"'+oldPassword+'"','"'+newPassword+'"') + get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.cliutil.%s %s %s %s -default"%(self.JAVA_BIN,ranger_log,path,className,'"'+userName+'"','"'+oldPassword+'"','"'+newPassword+'"') if is_unix: status = subprocess.call(shlex.split(get_java_cmd)) elif os_name == "WINDOWS": @@ -677,9 +707,9 @@ class MysqlConf(BaseDB): jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0 and status == 0: - log ("[I] Ranger "+ userName +" default password change request processed successfully..","info") + log ("[I] Ranger "+ userName +" default password change request processed successfully..","info") elif ret == 0 and status == 2: - log ("[I] Ranger "+ userName +" default password change request process skipped!","info") + log ("[I] Ranger "+ userName +" default password change request process skipped!","info") else: if is_unix: query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) @@ -689,7 +719,7 @@ class MysqlConf(BaseDB): query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) jisql_log(query, db_password) ret = subprocess.call(query) - log("[E] Ranger "+ userName +" default password change request failed", "error") + log("[E] Ranger "+ userName +" default password change request failed", "error") sys.exit(1) else: if is_unix: @@ -700,7 +730,7 @@ class MysqlConf(BaseDB): query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) jisql_log(query, db_password) ret = subprocess.call(query) - log("[E] Ranger "+ userName +" default password change request failed", "error") + log("[E] Ranger "+ userName +" default password change request failed", "error") sys.exit(1) def change_all_admin_default_password(self, xa_db_host, db_user, db_password, db_name,userPwdArray): @@ -728,6 +758,8 @@ class MysqlConf(BaseDB): if output.strip(version + " |"): log("[I] Ranger "+ userName +" default password has already been changed!!","info") else: + #before executing the patch first check whether its in progress from any host. + executePatch=False if is_unix: query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": @@ -735,19 +767,71 @@ class MysqlConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): + #check whether process is in progress from different host if yes then wait until it finishes. + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) countTries = 0 while(output.strip(version + " |")): if countTries < 3: - log("[I] Ranger Password change utility is being executed by some other process" ,"info") + log("[I] Ranger Password change utility is being executed by some other host" ,"info") time.sleep(retryPatchAfterSeconds) jisql_log(query, db_password) output = check_output(query) countTries += 1 else: log("[E] Tried updating the password "+ str(countTries) + " times","error") - log("[E] If Ranger "+ userName +" user password is not being changed by some other process then manually delete the entry from ranger database table x_db_version_h table where version is " + version ,"error") + log("[E] If Ranger "+ userName +" user password is not being changed by some other host then manually delete the entry from ranger database table x_db_version_h table where version is " + version ,"error") sys.exit(1) + #check whether process is in progress from same host + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Ranger Password change utility for "+ userName +" is being executed by some other process of current host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + if(output.strip(version + " |")): + if is_unix: + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] deleted old entry of patch for :"+userName, "info") + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Ranger Password change utility "+ userName +" is being applied by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if not (output.strip(version + " |")): + executePatch=True else: + executePatch=True + + if executePatch: if is_unix: query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), '%s', now(), '%s','N') ;\"" %(version,ranger_version,client_host) jisql_log(query, db_password) @@ -845,6 +929,8 @@ class MysqlConf(BaseDB): if output.strip(version + " |"): log("[I] "+version+" is already imported" ,"info") else: + #before executing the patch first check whether its in progress from any host. + executePatch=False if is_unix: query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": @@ -852,44 +938,90 @@ class MysqlConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): + #check whether process is in progress from different host if yes then wait until it finishes. + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) while(output.strip(version + " |")): - log("[I] "+ version +" is being imported by some other process" ,"info") + log("[I] "+ version +" is being applied by some other Host" ,"info") time.sleep(retryPatchAfterSeconds) jisql_log(query, db_password) output = check_output(query) - else: + #check whether process is in progress from same host if is_unix: - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), '%s', now(), '%s','N') ;\"" %(version,ranger_version,client_host) - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), '%s', now(), '%s','N') ;\" -c ;" %(version,ranger_version,client_host) + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)<%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] "+ version +" is being imported by some other process of the same host" ,"info") + time.sleep(retryPatchAfterSeconds) jisql_log(query, db_password) - ret = subprocess.call(query) - if ret != 0: - log("[E] "+ version +" import failed", "error") + output = check_output(query) + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and TIMESTAMPDIFF(MINUTE,inst_at,CURRENT_TIMESTAMP)>=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + if(output.strip(version + " |")): + if is_unix: + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Deleted old entry of patch:"+version, "info") + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] "+ version +" is being applied by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if not (output.strip(version + " |")): + executePatch=True + else: + executePatch=True + + if executePatch: + if is_unix: + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), '%s', now(), '%s','N') ;\"" %(version,ranger_version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), '%s', now(), '%s','N') ;\" -c ;" %(version,ranger_version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret != 0: + log("[E] "+ version +" import failed", "error") sys.exit(1) - isFirstTableExist = self.check_table(db_name, db_user, db_password, first_table) - isLastTableExist = self.check_table(db_name, db_user, db_password, last_table) isSchemaCreated=False - if isFirstTableExist == True and isLastTableExist == True : - isSchemaCreated=True - elif isFirstTableExist == False and isLastTableExist == False : - isImported=self.import_db_file(db_name, db_user, db_password, file_name) - if(isImported==False): - log("[I] "+ version +" might being imported by some other process" ,"info") - time.sleep(retryPatchAfterSeconds) - isLastTableExist=self.check_table(db_name, db_user, db_password, last_table) - if(isLastTableExist==True): + countTries = 0 + while(isSchemaCreated==False or countTries<2): + countTries=countTries+1 + isFirstTableExist = self.check_table(db_name, db_user, db_password, first_table) + isLastTableExist = self.check_table(db_name, db_user, db_password, last_table) + isDBPatchesApplied=self.hasDBnJavaPatchesEntries(db_name, db_user, db_password, "DB_PATCHES") + isJavaPatchesApplied=self.hasDBnJavaPatchesEntries(db_name, db_user, db_password, "JAVA_PATCHES") + if isFirstTableExist == True and isLastTableExist == True and isDBPatchesApplied ==True and isJavaPatchesApplied ==True: isSchemaCreated=True - elif isFirstTableExist == False or isLastTableExist == False : - while(isFirstTableExist == False or isLastTableExist==False): - log("[I] "+ version +" is being imported by some other process" ,"info") - time.sleep(retryPatchAfterSeconds) - isFirstTableExist=self.check_table(db_name, db_user, db_password, first_table) - isLastTableExist=self.check_table(db_name, db_user, db_password, last_table) - if(isFirstTableExist==True and isLastTableExist==True): - isSchemaCreated=True + else: + isImported=self.import_db_file(db_name, db_user, db_password, file_name) + if (isImported==False): + log("[I] Unable to create DB schema, Please drop the database and try again" ,"info") + break if isSchemaCreated == True: if is_unix: query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) @@ -954,24 +1086,37 @@ class MysqlConf(BaseDB): else: log("[I] "+ version +" status entry to x_db_version_h table completed", "info") - def is_new_install(self, xa_db_host, db_user, db_password, db_name): - get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) - if is_unix: - query = get_cmd + " -query \"SELECT version();\"" - elif os_name == "WINDOWS": - query = get_cmd + " -query \"SELECT version();\" -c ;" - output = check_output(query) - if not output.strip('Production |'): - sys.exit(0) - get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) - version="J10001" - if is_unix: - query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) - elif os_name == "WINDOWS": - query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) - output = check_output(query) - if not output.strip(version + " |"): - sys.exit(0) + def is_new_install(self, xa_db_host, db_user, db_password, db_name): + get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) + if is_unix: + query = get_cmd + " -query \"SELECT version();\"" + elif os_name == "WINDOWS": + query = get_cmd + " -query \"SELECT version();\" -c ;" + output = check_output(query) + if not output.strip('Production |'): + sys.exit(0) + get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) + version="J10001" + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) + output = check_output(query) + if not output.strip(version + " |"): + sys.exit(0) + + def hasDBnJavaPatchesEntries(self, db_name, db_user, db_password, version): + get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) + if is_unix: + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active='Y';\"" %(version) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active='Y';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + return True + else: + return False class OracleConf(BaseDB): # Constructor @@ -1017,29 +1162,6 @@ class OracleConf(BaseDB): log("[E] Can't establish connection!", "error") sys.exit(1) - def grant_audit_db_user(self, audit_db_name ,db_user,audit_db_user,db_password,audit_db_password): - get_cmd = self.get_jisql_cmd(db_user, db_password) - if is_unix: - query = get_cmd + " -c \; -query 'GRANT SELECT ON %s.XA_ACCESS_AUDIT_SEQ TO %s;'" % (db_user,audit_db_user) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd + " -query \"GRANT SELECT ON %s.XA_ACCESS_AUDIT_SEQ TO %s;\" -c ;" % (db_user,audit_db_user) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(query) - if ret != 0: - sys.exit(1) - if is_unix: - query = get_cmd + " -c \; -query 'GRANT INSERT ON %s.XA_ACCESS_AUDIT TO %s;'" % (db_user,audit_db_user) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd + " -query \"GRANT INSERT ON %s.XA_ACCESS_AUDIT TO %s;\" -c ;" % (db_user,audit_db_user) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(query) - if ret != 0: - sys.exit(1) - def import_db_file(self, db_name, db_user, db_password, file_name): isImported=False name = basename(file_name) @@ -1064,30 +1186,6 @@ class OracleConf(BaseDB): sys.exit(1) return isImported - def create_synonym(self,db_name, db_user, db_password,audit_db_user): - log("[I] ----------------- Creating Synonym ------------", "info") - get_cmd = self.get_jisql_cmd(db_user, db_password) - if is_unix: - query = get_cmd + " -c \; -query 'CREATE OR REPLACE SYNONYM %s.XA_ACCESS_AUDIT FOR %s.XA_ACCESS_AUDIT;'" % (audit_db_user,db_user) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd + " -query \"CREATE OR REPLACE SYNONYM %s.XA_ACCESS_AUDIT FOR %s.XA_ACCESS_AUDIT;\" -c ;" % (audit_db_user,db_user) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(query) - if ret != 0: - sys.exit(1) - if is_unix: - query = get_cmd + " -c \; -query 'CREATE OR REPLACE SYNONYM %s.XA_ACCESS_AUDIT_SEQ FOR %s.XA_ACCESS_AUDIT_SEQ;'" % (audit_db_user,db_user) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd + " -query \"CREATE OR REPLACE SYNONYM %s.XA_ACCESS_AUDIT_SEQ FOR %s.XA_ACCESS_AUDIT_SEQ;\" -c ;" % (audit_db_user,db_user) - jisql_log(query, db_password) - ret = subprocessCallWithRetry(query) - if ret != 0: - sys.exit(1) - def import_db_patches(self, db_name, db_user, db_password, file_name): if os.path.isfile(file_name): name = basename(file_name) @@ -1103,6 +1201,8 @@ class OracleConf(BaseDB): if output.strip(version +" |"): log("[I] Patch "+ name +" is already applied" ,"info") else: + #before executing the patch first check whether its in progress from any host. + executePatch=False if is_unix: query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": @@ -1110,12 +1210,69 @@ class OracleConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version +" |"): + #check whether process is in progress from different host if yes then wait until it finishes. + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + #check whether process is in progress from same host and entry was created in less than $stalePatchEntryHoldTimeInMinutes minute from current time + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)<%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)<%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) while(output.strip(version + " |")): - log("[I] Patch "+ name +" is being applied by some other process" ,"info") + #wait for process to complete or $stalePatchEntryHoldTimeInMinutes minutes + log("[I] Patch "+ name +" is being applied by some other process of current host" ,"info") time.sleep(retryPatchAfterSeconds) jisql_log(query, db_password) output = check_output(query) + ##check whether process is in progress from same host and entry was created before $stalePatchEntryHoldTimeInMinutes minute from current time + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)>=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)>=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + if(output.strip(version + " |")): + #delete the $stalePatchEntryHoldTimeInMinutes minute old entry and allow the same host to proceed with patch execution + if is_unix: + query = get_cmd + " -c \; -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] deleted old entry of patch:"+name, "info") + #if patch is still in progress from any host then wait for its completion or forever + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + #if patch entry does not exist then allow patch execution to the current host. + if not (output.strip(version + " |")): + executePatch=True else: + executePatch=True + ##if patch entry does not exist in x_db_version_h table then insert the entry with active='N' and execute the patch. + if executePatch: if is_unix: query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s','N');\"" %(version, ranger_version, client_host) jisql_log(query, db_password) @@ -1181,96 +1338,6 @@ class OracleConf(BaseDB): log("[E] "+name + " Import failed!","error") sys.exit(1) - def import_auditdb_patches(self, xa_sqlObj,xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): - log("[I] --------- Checking XA_ACCESS_AUDIT table to apply audit db patches --------- ","info") - output = self.check_table(db_name, db_user, db_password, TABLE_NAME) - if output == True: - if os.path.isfile(file_name): - name = basename(file_name) - version = name.split('-')[0] - log("[I] Executing patch on " + audit_db_name + " from file: " + name,"info") - get_cmd1 = xa_sqlObj.get_jisql_cmd(db_user, db_password) - if is_unix: - query = get_cmd1 + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) - jisql_log(query, db_password) - output = check_output(query) - if output.strip(version +" |"): - log("[I] Patch "+ name +" is already applied" ,"info") - else: - if is_unix: - query = get_cmd1 + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) - jisql_log(query, db_password) - output = check_output(query) - if output.strip(version +" |"): - while(output.strip(version + " |")): - log("[I] Patch "+ name +" is being applied by some other process" ,"info") - time.sleep(retryPatchAfterSeconds) - jisql_log(query, db_password) - output = check_output(query) - else: - if is_unix: - query = get_cmd1 + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s','N');\"" %(version, ranger_version, client_host) - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s','N');\" -c ;" %(version, ranger_version, client_host) - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log ("[I] Patch "+ name +" is being applied..","info") - else: - log("[E] Patch "+ name +" failed", "error") - get_cmd2 = self.get_jisql_cmd(db_user, db_password) - if is_unix: - query = get_cmd2 + " -input %s -c /" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd2 + " -input %s -c /" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") - if is_unix: - query = get_cmd1 + " -c \; -query \"update x_db_version_h set active='Y' where version='%s' and active='N' and updated_by='%s';\"" %(version, client_host) - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version, client_host) - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] Patch version updated", "info") - else: - if is_unix: - query = get_cmd1 + " -c \; -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version, client_host) - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version, client_host) - jisql_log(query, db_password) - ret = subprocess.call(query) - log("[E] Updating patch version failed", "error") - sys.exit(1) - else: - if is_unix: - query = get_cmd1 + " -c \; -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version, client_host) - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) - elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version, client_host) - jisql_log(query, db_password) - ret = subprocess.call(query) - log("[E] "+name + " Import failed!","error") - sys.exit(1) - else: - log("[I] Patch file not found","error") - sys.exit(1) - def check_table(self, db_name, db_user, db_password, TABLE_NAME): get_cmd = self.get_jisql_cmd(db_user ,db_password) if is_unix: @@ -1301,19 +1368,6 @@ class OracleConf(BaseDB): log("[E] "+db_user + " user already assigned to some other tablespace , provide different DB name.","error") sys.exit(1) - def auditdb_operation(self, xa_db_host , audit_db_host , db_name ,audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): - log("[I] --------- Check admin user connection ---------","info") - self.check_connection(db_name, db_user, db_password) - log("[I] --------- Check audit user connection ---------","info") - self.check_connection(audit_db_name, audit_db_user, audit_db_password) - log("[I] --------- Check table ---------","info") - if self.check_table(db_name, db_user, db_password, TABLE_NAME): - pass - else: - self.import_db_file(audit_db_name, db_user, db_password ,file_name) - log("[I] ---------------Granting privileges TO '"+ audit_db_user + "' on audit table-------------" , "info") - self.grant_audit_db_user( audit_db_name ,db_user, audit_db_user, db_password,audit_db_password) - def execute_java_patches(self, xa_db_host, db_user, db_password, db_name): global globalDict my_dict = {} @@ -1365,35 +1419,63 @@ class OracleConf(BaseDB): if output.strip(version + " |"): #Fix to handle Ranger Upgrade failure for Oracle DB flavor if is_unix: - queryUpgradeCaseCheck = get_cmd + " -c \; -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and inst_by!='%s';\"" %(version,ranger_version) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) elif os_name == "WINDOWS": - queryUpgradeCaseCheck = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and inst_by!='%s';\" -c ;" %(version,ranger_version) - jisql_log(queryUpgradeCaseCheck, db_password) - outputUpgradeCaseCheck = check_output(queryUpgradeCaseCheck) - if outputUpgradeCaseCheck.strip(version + " |"): - if is_unix: - queryUpdate = get_cmd + " -c \; -query \"update x_db_version_h set active='Y' where version='J%s' and active='N' and inst_by!='%s';\"" %(version, ranger_version) - jisql_log(queryUpdate, db_password) - retUpdate = subprocess.call(shlex.split(queryUpdate)) - elif os_name == "WINDOWS": - queryUpdate = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N' and inst_by!='%s';\" -c ;" %(version, ranger_version) - jisql_log(queryUpdate, db_password) - retUpdate = subprocess.call(queryUpdate) - if retUpdate == 0: - log ("[I] java patch "+ className +" status has been updated..","info") + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Java patch "+ className +" is being applied by some other host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if is_unix: - query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\"" %(version) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)<=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) elif os_name == "WINDOWS": - query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\" -c ;" %(version) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)<=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) jisql_log(query, db_password) output = check_output(query) - #End of Upgrade failure fix while(output.strip(version + " |")): - log("[I] Java patch "+ className +" is being applied by some other process" ,"info") + log("[I] Java patch "+ className +" is being applied by some other process of current host" ,"info") time.sleep(retryPatchAfterSeconds) jisql_log(query, db_password) output = check_output(query) + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)>=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)>=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + if (output.strip(version + " |")): + if is_unix: + query = get_cmd + " -c \; -query \"delete from x_db_version_h where version='J%s' and active='N' and updated_by='%s';\"" %(version, client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N' and updated_by='%s';\" -c ;" %(version, client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] deleted old entry of patch:"+className, "info") + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + #End of Upgrade failure fix + while(output.strip(version + " |")): + log("[I] Java patch "+ className +" is being applied by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if not (output.strip(version + " |")): + executePatch=True else: + executePatch=True + ##if patch entry does not exist in x_db_version_h table then insert the entry with active='N' and execute the patch. + if executePatch: if is_unix: query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'J%s', sysdate, '%s', sysdate, '%s','N');\"" %(version, ranger_version, client_host) jisql_log(query, db_password) @@ -1454,7 +1536,7 @@ class OracleConf(BaseDB): global globalDict version = "" className = "ChangePasswordUtil" - version = dbversionBasedOnUserName(userName) + version = dbversionBasedOnUserName(userName) app_home = os.path.join(RANGER_ADMIN_HOME,"ews","webapp") ranger_log = os.path.join(RANGER_ADMIN_HOME,"ews","logs") filePath = os.path.join(app_home,"WEB-INF","classes","org","apache","ranger","patch","cliutil","ChangePasswordUtil.class") @@ -1464,12 +1546,14 @@ class OracleConf(BaseDB): if is_unix: query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): - log("[I] Ranger "+ userName +" default password has already been changed!!","info") + log("[I] Ranger "+ userName +" default password has already been changed!!","info") else: + #before executing the patch first check whether its in progress from any host. + executePatch=False if is_unix: query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": @@ -1477,19 +1561,70 @@ class OracleConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): - countTries = 0 + #check whether process is in progress from different host if yes then wait until it finishes. + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + countTries = 0 while(output.strip(version + " |")): - if countTries < 3: - log("[I] Ranger Password change utility is being executed by some other process" ,"info") - time.sleep(retryPatchAfterSeconds) - jisql_log(query, db_password) - output = check_output(query) - countTries += 1 - else: - log("[E] Tried updating the password "+ str(countTries) + " times","error") - log("[E] If Ranger "+ userName +" user password is not being changed by some other process then manually delete the entry from ranger database table x_db_version_h table where version is " + version ,"error") - sys.exit(1) + if countTries < 3: + log("[I] Ranger Password change utility is being executed by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + countTries += 1 + else: + log("[E] Tried updating the password "+ str(countTries) + " times","error") + log("[E] If Ranger "+ userName +" user password is not being changed by some other process then manually delete the entry from ranger database table x_db_version_h table where version is " + version ,"error") + sys.exit(1) + #check whether process is in progress from same host + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)<%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)<%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Ranger Password change utility for user "+ userName +" is being executed by some other process of current host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)>=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)>=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + if(output.strip(version + " |")): + if is_unix: + query = get_cmd + " -c \; -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] deleted old entry for user:"+userName, "info") + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Ranger Password change utility for user "+ userName +" is being applied by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if not (output.strip(version + " |")): + executePatch=True else: + executePatch=True + if executePatch: if is_unix: query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s','N');\"" %(version, ranger_version, client_host) jisql_log(query, db_password) @@ -1499,9 +1634,9 @@ class OracleConf(BaseDB): jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log ("[I] Ranger "+ userName +" default password change request is in process..","info") + log ("[I] Ranger "+ userName +" default password change request is in process..","info") else: - log("[E] Ranger "+ userName +" default password change request failed", "error") + log("[E] Ranger "+ userName +" default password change request failed", "error") sys.exit(1) if is_unix: path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) @@ -1522,9 +1657,9 @@ class OracleConf(BaseDB): jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0 and status == 0: - log ("[I] Ranger "+ userName +" default password change request processed successfully..","info") + log ("[I] Ranger "+ userName +" default password change request processed successfully..","info") elif ret == 0 and status == 2: - log ("[I] Ranger "+ userName +" default password change request process skipped!","info") + log ("[I] Ranger "+ userName +" default password change request process skipped!","info") else: if is_unix: query = get_cmd + " -c \; -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) @@ -1534,7 +1669,7 @@ class OracleConf(BaseDB): query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) jisql_log(query, db_password) ret = subprocess.call(query) - log("[E] Ranger "+ userName +" default password change request failed", "error") + log("[E] Ranger "+ userName +" default password change request failed", "error") sys.exit(1) else: if is_unix: @@ -1545,7 +1680,7 @@ class OracleConf(BaseDB): query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) jisql_log(query, db_password) ret = subprocess.call(query) - log("[E] Ranger "+ userName +" default password change request failed", "error") + log("[E] Ranger "+ userName +" default password change request failed", "error") sys.exit(1) def change_all_admin_default_password(self, xa_db_host, db_user, db_password, db_name,userPwdArray): @@ -1573,26 +1708,79 @@ class OracleConf(BaseDB): if output.strip(version + " |"): log("[I] Ranger "+ userName +" default password has already been changed!!","info") else: + #before executing the patch first check whether its in progress from any host. + executePatch=False if is_unix: - query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): + #check whether process is in progress from different host if yes then wait until it finishes. + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) countTries = 0 while(output.strip(version + " |")): if countTries < 3: - log("[I] Ranger Password change utility is being executed by some other process" ,"info") + log("[I] Ranger Password change utility is being executed by some other host" ,"info") time.sleep(retryPatchAfterSeconds) jisql_log(query, db_password) output = check_output(query) countTries += 1 else: log("[E] Tried updating the password "+ str(countTries) + " times","error") - log("[E] If Ranger "+ userName +" user password is not being changed by some other process then manually delete the entry from ranger database table x_db_version_h table where version is " + version ,"error") + log("[E] If Ranger "+ userName +" user password is not being changed by some other host then manually delete the entry from ranger database table x_db_version_h table where version is " + version ,"error") sys.exit(1) + #check whether process is in progress from same host + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440) <%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)<%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Ranger Password change utility for "+ userName +" is being executed by some other process of current host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440)>=%s;\"" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440) >=%s;\" -c ;" %(version,client_host,stalePatchEntryHoldTimeInMinutes) + jisql_log(query, db_password) + output = check_output(query) + if(output.strip(version + " |")): + if is_unix: + query = get_cmd + " -c \; -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\"" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N' and updated_by='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] deleted old entry of patch for :"+userName, "info") + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] Ranger Password change utility "+ userName +" is being applied by some other process" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + if not (output.strip(version + " |")): + executePatch=True else: + executePatch=True + if executePatch: if is_unix: query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s','N');\"" %(version, ranger_version, client_host) jisql_log(query, db_password) @@ -1690,19 +1878,73 @@ class OracleConf(BaseDB): if output.strip(version + " |"): log("[I] "+version+" is already imported" ,"info") else: + #before executing the patch first check whether its in progress from any host. + executePatch=False if is_unix: - query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): + #check whether process is in progress from different host if yes then wait until it finishes. + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\"" %(version,client_host) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by!='%s';\" -c ;" %(version,client_host) + jisql_log(query, db_password) + output = check_output(query) + while(output.strip(version + " |")): + log("[I] "+ version +" is being applied by some other Host" ,"info") + time.sleep(retryPatchAfterSeconds) + jisql_log(query, db_password) + output = check_output(query) + #check whether process is in progress from same host + if is_unix: + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N' and updated_by='%s' and ((sysdate-INST_AT)*1440) <%s;\"" %(versio