!22 [sync] 24.03同步master

From: @f16lx 
Reviewed-by: @xingwei-liu 
Signed-off-by: @xingwei-liu

0001-fix-export-error-and-no-migration-details-issue.patch

@@ -1,72 +0,0 @@
-From 854c1d018b9a5f1079f387101c62f86009c3baac Mon Sep 17 00:00:00 2001
-From: Super User <root@localhost.localdomain>
-Date: Mon, 21 Aug 2023 16:19:47 +0800
-Subject: [PATCH] fix export error and no migration details issue
-
----
- ut-Migration-tools/index.py                    | 4 ++--
- ut-Migration-tools/templates/MT_migration.html | 3 ++-
- ut-Migration-tools/views/migration.py          | 6 +++++-
- 3 files changed, 9 insertions(+), 4 deletions(-)
-
-diff --git a/ut-Migration-tools/index.py b/ut-Migration-tools/index.py
-index 59e6830..635c5ac 100644
---- a/ut-Migration-tools/index.py
-+++ b/ut-Migration-tools/index.py
-@@ -218,7 +218,7 @@ def MT_export_migration_reports():
-     :return:
-     """
-     mod = check_methods()
--    f = open("/usr/lib/migration-tools-agent/.passwd.txt","r")
-+    f = open("/usr/lib/migration-tools-server/.passwd.txt","r")
-     password = f.read()
-     f.close()
-     if mod:
-@@ -234,7 +234,7 @@ def MT_export_migration_reports():
-                 print("export report mkdir error:%s" % mkdir_log_pwd)
- 
-         info = mod.split(',')
--        scp_log = "sshpass -p %s" % password + " scp -r %s" % json_data.get('info').split("|")[0] + "@%s" % info[1] \
-+        scp_log = "sshpass -p '%s'" % password + " scp -r %s" % json_data.get('info').split("|")[0] + "@%s" % info[1] \
-                   + ":/var/tmp/uos-migration/UOS*.tar.gz /var/uos-migration/"
-         try:
-             os.system(scp_log)
-diff --git a/ut-Migration-tools/templates/MT_migration.html b/ut-Migration-tools/templates/MT_migration.html
-index 39bed0b..77bf56a 100644
---- a/ut-Migration-tools/templates/MT_migration.html
-+++ b/ut-Migration-tools/templates/MT_migration.html
-@@ -65,7 +65,8 @@
- <script>
- 
- 	$(document).ready(function() {
--        progress = setInterval("check_progress()",2000);
-+		progress = setInterval("check_progress()",2000);
-+		log_info = setInterval("migration_details()",2000);
- 		setInterval("system_migration()",36000);
-     });
- 
-diff --git a/ut-Migration-tools/views/migration.py b/ut-Migration-tools/views/migration.py
-index 33c4b19..2e9c0c5 100644
---- a/ut-Migration-tools/views/migration.py
-+++ b/ut-Migration-tools/views/migration.py
-@@ -38,6 +38,10 @@ def close_tool(data):
- def check_user(data):
-     services = check_services(data, '/check_user')
-     if services:
-+        json_data = json.loads(data)
-+        with open('/usr/lib/migration-tools-server/.passwd.txt','w',encoding='utf-8') as f:
-+            text = json_data['passwd']
-+            f.write(text)
-         return services
- 
- def check_repo(data):
-@@ -85,4 +89,4 @@ def system_migration(data):
- def migration_details(data):
-     services = check_services(data, '/migration_details')
-     if services:
--        return services
-\ No newline at end of file
-+        return services
--- 
-2.41.0
-

0001-use-kill-not-kill-INT-when-stop-service.patch

@@ -0,0 +1,25 @@
+From 192fd69de19a78afe81a5a2c5a8270057f12ee3d Mon Sep 17 00:00:00 2001
+From: lixin <lixinb@uniontech.com>
+Date: Mon, 18 Mar 2024 10:32:17 +0800
+Subject: [PATCH] use kill instead of kill-INT
+
+---
+ server/migration-tools-server.service | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/server/migration-tools-server.service b/server/migration-tools-server.service
+index 8cd53a3..dd16c95 100644
+--- a/server/migration-tools-server.service
++++ b/server/migration-tools-server.service
+@@ -5,7 +5,7 @@ After=network-online.target
+ [Service]
+ Type=simple
+ ExecStart=/usr/bin/python3 /usr/lib/migration-tools-server/index.py
+-ExecStop=/bin/kill-INT $MAINPID
++ExecStop=/bin/kill -HUP $MAINPID
+ 
+ [Install]
+ WantedBy=multi-user.target
+-- 
+2.41.0
+

0002-fix-uefi-boot-failed.patch

@@ -1,32 +0,0 @@
-From b7df99566ea6988c5411468b2b9d7e02f25bc85a Mon Sep 17 00:00:00 2001
-From: Super User <root@localhost.localdomain>
-Date: Wed, 6 Sep 2023 17:14:29 +0800
-Subject: [PATCH] allow uefi boot
-
----
- .../centos7/openeuler/centos72openeuler.py                      | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/ut-Migration-tools/ut-Migration-tools-0.1/centos7/openeuler/centos72openeuler.py b/ut-Migration-tools/ut-Migration-tools-0.1/centos7/openeuler/centos72openeuler.py
-index 1cedebf..f24d765 100644
---- a/ut-Migration-tools/ut-Migration-tools-0.1/centos7/openeuler/centos72openeuler.py
-+++ b/ut-Migration-tools/ut-Migration-tools-0.1/centos7/openeuler/centos72openeuler.py
-@@ -195,7 +195,6 @@ def main():
- 
-     if system_sync():
-         subprocess.run('dnf -y groupinstall Minimal Install', shell=True)
--        conf_grub()
-     else:
-         print("Removing confilct package yum...")
-         os.system("rpm -e --nodeps yum")
-@@ -216,6 +215,7 @@ def main():
-     if os.path.exists(yum_conflict_dir):
-         shutil.rmtree(yum_conflict_dir)
-     print("Installing yum...")
-+    conf_grub()
-     run_subprocess('dnf install -y yum'.split())
-     
-     print("System migration completed, rebooting system")
--- 
-2.41.0
-

0003-modify-grub-rules-to-match-NIC-name.patch

@@ -1,72 +0,0 @@
-From 76920b1ab0b7204c2feaf7dc2fa04b6d72730b5a Mon Sep 17 00:00:00 2001
-From: lixin <lixinb@uniontech.com>
-Date: Wed, 6 Sep 2023 17:23:29 +0800
-Subject: [PATCH] modify grub rules to match NIC name
-
----
- .../centos7/openeuler/centos72openeuler.py    | 41 ++++++++++++++++++-
- 1 file changed, 40 insertions(+), 1 deletion(-)
-
-diff --git a/ut-Migration-tools/ut-Migration-tools-0.1/centos7/openeuler/centos72openeuler.py b/ut-Migration-tools/ut-Migration-tools-0.1/centos7/openeuler/centos72openeuler.py
-index f24d765..2be7b6b 100644
---- a/ut-Migration-tools/ut-Migration-tools-0.1/centos7/openeuler/centos72openeuler.py
-+++ b/ut-Migration-tools/ut-Migration-tools-0.1/centos7/openeuler/centos72openeuler.py
-@@ -83,6 +83,43 @@ def add_boot_option():
-     except Exception as e:
-         print(e)
- 
-+
-+def set_grub_biosdev_rules():
-+    """
-+    Set grub bisodev rule which can be don`t modify network configuration names.
-+    When the leapp has been made initrd, the function will set net.ifnames in /etc/default/grub.
-+    Returns:
-+    """
-+    default_grub_path = "/etc/default/grub"
-+    set_content = "net.ifnames=0  biosdevname=0"
-+    if not os.path.exists(default_grub_path):
-+        return
-+    with open(default_grub_path, 'r') as gf:
-+        gret = gf.readlines()
-+        gf.close()
-+    grub_content = ''
-+    for i in range(len(gret)):
-+        if "GRUB_CMDLINE_LINUX" in gret[i]:
-+            cmdline_tmp = gret[i].split('"', -1)[1]
-+            grub_content += 'GRUB_CMDLINE_LINUX="' + cmdline_tmp + ' ' + set_content + '"\n'
-+            continue
-+        grub_content += gret[i]
-+    try:
-+        if not os.path.exists(default_grub_path + '.disable'):
-+            shutil.copyfile(default_grub_path, default_grub_path + '.disable')
-+            os.remove(default_grub_path)
-+        else:
-+            print("grub file has been modified")
-+            return
-+    except Exception as e:
-+        print(e)
-+        return
-+    with open(default_grub_path, 'w+') as wgf:
-+        wgf.write(grub_content)
-+        wgf.close()
-+    return True
-+
-+
- def swap_release(release):
-     tmp_dir = '/var/tmp'
-     rpme_release = 'rpm -qf /etc/os-release | xargs -i rpm -e --nodeps {}'
-@@ -214,8 +251,10 @@ def main():
-     yum_conflict_dir = '/etc/yum/'
-     if os.path.exists(yum_conflict_dir):
-         shutil.rmtree(yum_conflict_dir)
--    print("Installing yum...")
-+    print("Configuring grub...")
-+    set_grub_biosdev_rules()
-     conf_grub()
-+    print("Installing yum...")
-     run_subprocess('dnf install -y yum'.split())
-     
-     print("System migration completed, rebooting system")
--- 
-2.41.0
-

100-CVE-2024-24892.patch

@@ -0,0 +1,85 @@
+From 27f65f5c5e38b6d0cee28db3591784266a47de9e Mon Sep 17 00:00:00 2001
+From: lixin <lixinb@uniontech.com>
+Date: Tue, 12 Mar 2024 10:42:07 +0800
+Subject: [PATCH] CVE-2024-24892
+
+---
+ index.py | 50 ++++++++++++++++++++++++++++++++------------------
+ 1 file changed, 32 insertions(+), 18 deletions(-)
+
+diff --git a/index.py b/index.py
+index 239148e..f604fc2 100644
+--- a/index.py
++++ b/index.py
+@@ -4,6 +4,7 @@
+ # SPDX-License-Identifier:   MulanPubL-2.0-or-later
+ import os
+ import json
++import paramiko
+ from func import share
+ from urls import server_mods
+ from flask import Flask, render_template, request, Response
+@@ -202,29 +203,42 @@ def export_migration_reports():
+     :return:
+     """
+     mod = check_methods()
+-    f = open("/usr/lib/migration-tools-server/.passwd.txt", "r")
+-    password = f.read()
+-    f.close()
+     if mod:
+         data = request.get_data()
+         json_data = json.loads(data)
+-        mkdir_log_pwd = "/var/uos-migration/"
+-        isExists=os.path.exists(mkdir_log_pwd)
+-        if not isExists:
+-            try:
+-                os.makedirs(mkdir_log_pwd)
+-                print(mkdir_log_pwd)
+-            except:
+-                print("export report mkdir error:%s" % mkdir_log_pwd)
+-
++        user = json_data.get('info').split("|")[0]
+         info = mod.split(',')
+-        scp_log = "sshpass -p '%s'" % password + " scp -r %s" % json_data.get('info').split("|")[0] + "@%s" % info[1] \
+-                  + ":/var/tmp/uos-migration/UOS*.tar.gz /var/uos-migration/"
++        ip = info[1].strip('"')
++        port = 22
++
++        with open("/usr/lib/migration-tools-server/.passwd.txt", "r") as f:
++            password = f.read()
++
++        remote_dir = local_dir = "/var/tmp/uos-migration"
++        if not os.path.exists(local_dir):
++            os.makedirs(local_dir)
++
++        client = paramiko.SSHClient()
++        client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+         try:
+-            os.system(scp_log)
+-            print(scp_log)
+-        except:
+-            print('export report scp error:%s' % scp_log)
++            client.connect(ip, port, user, password)
++            sftp = client.open_sftp()
++
++            remote_files = sftp.listdir(remote_dir)
++            # 遍历远程文件列表
++            for filename in remote_files:
++                if filename.endswith('.tar.gz'):
++                    remote_file_path = os.path.join(remote_dir, filename)
++                    local_file_path = os.path.join(local_dir, filename)
++                    sftp.get(remote_file_path, local_file_path)
++
++        except Exception as e:
++            print(f"Error: {e}")
++
++        finally:
++            # 关闭连接
++            if client:
++                client.close()
+         return Response(mod, content_type='application/json')
+ 
+ 
+-- 
+2.41.0
+

migration-tools.spec

@@ -1,22 +1,46 @@
-Name: 		migration-tools
-Version:	1.0.0
-Release:	4
-Summary:	A tool to help users migrate the Centos system to the UOS system and openEuler system
-License:	MulanPSL-2.0
-Source0:	ut-Migration-tools.tar.gz
-Patch0:		0001-fix-export-error-and-no-migration-details-issue.patch
-Patch1:		0002-fix-uefi-boot-failed.patch
-Patch2:		0003-modify-grub-rules-to-match-NIC-name.patch
-BuildArch: 	noarch
+Name:       migration-tools
+Version:    1.0.1
+Release:    3
+License:    MulanPSL-2.0
+Summary:    A tool to help users migrate the Centos system to the UOS system and openEuler system
+Source0:    migration-tools.tar.gz
+Source1:    requires.tar.gz
+Source2:    xlwt-1.3.0-py2.py3-none-any.whl
+# patches
+Patch0:     0001-use-kill-not-kill-INT-when-stop-service.patch
+
+# CVE patches: >= 100
+Patch100:   100-CVE-2024-24892.patch
+
+BuildArch:  noarch
 %description
 UOS Migration Software
 
+%if 0%{?rhel} >= 7
+%package -n migration-tools-agent
+Summary:        migration-tools-agent
+License:        MulanPSL-2.0
+Requires:       dnf
+Requires:       libabigail
+Requires:       python3
+Requires:       python3-flask
+Requires:       python3-paramiko
+Requires:       python3-requests
+Requires:       python3-xlrd
+Requires:       python3-xlwt
+Requires:       openssl
+Requires:       rsync
+Requires:       yum-utils
+
+%description -n migration-tools-agent
+Migration software agent side
+%endif
+
 %package -n migration-tools-server
 Summary: 	migration-tools-server
-License: 	MulanPSL-2.0
+License:	MulanPSL-2.0
 Requires:	python3
 Requires:	python3-pip
-Requires:	sshpass
 Requires:	python3-paramiko
 Requires:	python3-flask
 Requires:	python3-requests
@@ -27,44 +51,75 @@ Migration software server side
 
 %prep
 %setup -c
+
 %patch 0 -p1
-%patch 1 -p1
-%patch 2 -p1
+%patch 100 -p1
+
+%if 0%{?openEuler}
+cp -f %SOURCE1 agent-requires/
+cp -f %SOURCE2 agent-requires/
+%endif
 
 %install
 rm -rf %{buildroot}
 mkdir -p $RPM_BUILD_ROOT/usr/lib/migration-tools-server
 mkdir -p $RPM_BUILD_ROOT/var/tmp/uos-migration
-%{__mkdir_p}  $RPM_BUILD_ROOT/etc/migration-tools
+mkdir -p $RPM_BUILD_ROOT/etc/migration-tools
+mkdir -p $RPM_BUILD_ROOT%{_unitdir}
 
-cp -r ut-Migration-tools/* $RPM_BUILD_ROOT/usr/lib/migration-tools-server/
+cp -r * $RPM_BUILD_ROOT/usr/lib/migration-tools-server/
+
+%if 0%{?rhel} >= 7
+mkdir -p $RPM_BUILD_ROOT/usr/lib/migration-tools-agent
+cp -r * $RPM_BUILD_ROOT/usr/lib/migration-tools-agent/
+%{__cp} -r $RPM_BUILD_ROOT/usr/lib/migration-tools-server/server/migration-tools-agent.service $RPM_BUILD_ROOT%{_unitdir}
+%endif
 
 # Install server config
 %{__cp} -r $RPM_BUILD_ROOT/usr/lib/migration-tools-server/server/migration-tools.conf $RPM_BUILD_ROOT/etc/migration-tools
+%{__cp} -r $RPM_BUILD_ROOT/usr/lib/migration-tools-server/server/migration-tools-server.service $RPM_BUILD_ROOT%{_unitdir}
 
+%posttrans
+%{_bindir}/systemctl daemon-reload
 
 %post -n migration-tools-server
-mkdir -p /etc/migration-tools
-mkdir -p /var/tmp/uos-migration
-cp -r /usr/lib/migration-tools-server/server/migration-tools-server.service /usr/lib/systemd/system/
+pip3 install /usr/lib/migration-tools-server/agent-requires/xlwt-1.3.0-py2.py3-none-any.whl --no-cache-dir
 chmod +x /usr/lib/migration-tools-server/server/start_webview.sh
-ln -s /usr/lib/migration-tools-server/server/start_webview.sh /usr/bin/migration-tools
-systemctl daemon-reload
-systemctl restart migration-tools-server.service
-systemctl enable migration-tools-server.service
+ln -sf /usr/lib/migration-tools-server/server/start_webview.sh /usr/bin/migration-tools
+
+%preun -n migration-tools-server
+if [ $1 = 0 ];then
+    systemctl stop migration-tools-server.service
+fi
 
 %postun -n migration-tools-server
-systemctl disable migration-tools-server.service
-rm -rf /usr/lib/migration-tools-server/
-rm -rf /usr/lib/migration-tools
 rm -rf /usr/bin/migration-tools
-rm -rf /usr/lib/systemd/system/migration-tools-server.service
 
 %files -n migration-tools-server
 /etc/migration-tools
 /usr/lib/migration-tools-server
+%{_unitdir}/migration-tools-server.service
+
+%if 0%{?rhel} >= 7
+%files -n migration-tools-agent
+/etc/migration-tools
+/usr/lib/migration-tools-agent
+%{_unitdir}/migration-tools-agent.service
+%endif
 
 %changelog
+* Mon Mar 18 2024 lixin <lixinb@uniontech.com> - 1.0.1-3
+- fix stop service display failed
+- update spec
+
+* Mon Mar 11 2024 lixin <lixinb@uniontech.com> - 1.0.1-2
+- fix : CVE-2024-24892
+- use paramiko instead of sshpass to export migration log
+- and data
+
+* Tue Mar 05 2024 lixin <lixinb@uniontech.com> - 1.0.1-1
+- Supports migrations to OpenEuler system using the web-based interface.
+
 * Wed Sep 06 2023 lixin <lixinb@uniontech.com> - 1.0.0-4
 - fix: fix uefi boot failed
 - fix: modify grub rules to match NIC name after migration