import struct import urllib2 import sys import os __author__ = 'Igor Seletskiy' __copyright__ = "Copyright (c) Cloud Linux GmbH & Cloud Linux Software, Inc" __credits__ = 'Igor Seletskiy' __license__ = 'Apache License v2.0' __maintainer__ = 'Igor Seletskiy' __email__ = 'i@kernelcare.com' __status__ = 'Production' __version__ = '1.0' def get_kernel_hash(): try: # noinspection PyCompatibility from hashlib import sha1 except ImportError: from sha import sha as sha1 f = open('/proc/version', 'rb') try: return sha1(f.read()).hexdigest() finally: f.close() def inside_vz_container(): """ determines if we are inside Virtuozzo container :return: True if inside container, false otherwise """ return os.path.exists('/proc/vz/veinfo') and not os.path.exists('/proc/vz/version') def _get_last_byte_from(filename): """ Reading the last byte from the varfile :return: last byte in a file as unsigned int or None if file was empty """ with open(filename, 'rb') as f: last, = struct.unpack("B", f.read()[-1]) return last def is_secure_boot(): """ Detects Secure Boot :return: True if Secure Boot is enabled, false otherwise """ efivars_location = "/sys/firmware/efi/efivars/" if not os.path.isdir(efivars_location): return False for filename in os.listdir(efivars_location): if filename.startswith('SecureBoot'): varfile = os.path.join(efivars_location, filename) return _get_last_byte_from(varfile) == 1 return False def inside_lxc_container(): return '/lxc/' in open('/proc/1/cgroup').read() def is_compat(): url = 'http://patches.kernelcare.com/'+get_kernel_hash()+'/version' try: urllib2.urlopen(url) return True except: return False def myprint(silent, message): if not silent: print(message) def main(): """ if --silent or -q argument provided, don't print anything, just use exit code otherwise print results (COMPATIBLE or UNSUPPORTED) else exit with 0 if COMPATIBLE, 1 or more otherwise """ silent = len(sys.argv) > 1 and (sys.argv[1] == '--silent' or sys.argv[1] == '-q') if is_secure_boot(): myprint(silent, "UNSUPPORTED; SECURE BOOT") return 3 if inside_vz_container() or inside_lxc_container() or is_secure_boot(): myprint(silent, "UNSUPPORTED; INSIDE CONTAINER") return 2 if is_compat(): myprint(silent, "COMPATIBLE") return 0 else: myprint(silent, "UNSUPPORTED") return 1 if __name__ == "__main__": exit(main())