summaryrefslogtreecommitdiff
path: root/bin/check-prerelease
blob: 1e5ce0212a48741f8275f2c2d774969e1f6d5f0d (plain) 
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 
#!/usr/bin/env python3 """ Script to test that the system is NOT running prerelease software Copyright (c) 2018 Canonical Ltd. Authors Rod Smith <rod.smith@canonical.com> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License version 3, as published by the Free Software Foundation. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. The purpose of this script is to identify whether an EFI-based system booted from the network (test passes) or from a local disk (test fails). Usage: check-prerelease """ import platform import shlex import sys from subprocess import CalledProcessError, check_output def check_kernel_status(): """Check kernel to see if it's supported for certification :returns: True if OK, False if not """ kernel_release = platform.release() retval = True command = "apt-cache showpkg linux-image-{}".format(kernel_release) aptinfo = [] aptinfo_bytes = check_output(shlex.split(command)) aptinfo = (aptinfo_bytes.decode(encoding="utf-8", errors="ignore") .splitlines()) # Exclude kernels that come from obvious PPAs.... if any("ppa.launchpad.net" in s for s in aptinfo): print("* Kernel appears to have come from a PPA!") retval = False # Exclude kernels that don't come from the main repo if not any("main_binary" in s for s in aptinfo): print("* Kernel does not come from the main Ubuntu repository!") retval = False try: command = "apt-cache show linux-image-{}".format(kernel_release) aptinfo = [] aptinfo_bytes = check_output(shlex.split(command)) aptinfo = (aptinfo_bytes.decode(encoding="utf-8", errors="ignore") .splitlines()) except CalledProcessError: # "apt-cache show" returns an error status if called on a # non-existent package. print("* Kernel does not match any installed package!") aptinfo = "" retval = False # Exclude 'edge' kernels, which are identified via the 'Source:' line # in the apt-cache show output.... if any("Source: linux-signed-hwe-edge" in s for s in aptinfo): print("* Kernel is an 'edge' kernel!") retval = False if any("Source: linux-hwe-edge" in s for s in aptinfo): print("* Kernel is an 'edge' kernel!") retval = False # Exclude kernels that aren't from the "linux" (or variant, like # "linux-hwe" or "linux-signed") source.... if not any("Source: linux" in s for s in aptinfo): print("* Kernel is not a Canonical kernel!") retval = False # Exclude low-latency kernels, which are identified via the kernel name # string itself.... if "lowlatency" in kernel_release: print("* Kernel is a low-latency kernel!") retval = False if (not retval): print("* Kernel release is {}".format(kernel_release)) print("* Kernel is ineligible for certification!") return retval def check_os_status(): """Check OS to see if it's supported for certification. The OS must be BOTH an LTS version and a non-development branch to pass this test. :returns: True if OK, False if not """ retval = True command = "lsb_release -s -d" lsbinfo = [] lsbinfo_bytes = check_output(shlex.split(command)) lsbinfo = lsbinfo_bytes.decode(encoding="utf-8", errors="ignore") # OS information include '(development branch)' on pre-release # installations. Such installations should fail this test. if "(development branch)" in lsbinfo: print("* OS is reported as a development branch:") print("* {}".format(lsbinfo)) retval = False print("") if "LTS" not in lsbinfo: print("* OS is a non-LTS version:") print("* {}".format(lsbinfo)) retval = False return retval def main(): """Check to see if the machine is running pre-release kernel or OS.""" retval = 0 if (not check_kernel_status()): retval = 1 if (not check_os_status()): retval += 2 if (retval == 0): print("** All OK; production kernel and OS.") elif (retval == 1): print("** Test FAILS; running ineligible kernel!") elif (retval == 2): print("** Test FAILS; running pre-release or non-LTS OS!") else: print("** Test FAILS; running pre-release OS with ineligible kernel!") return(retval) if __name__ == '__main__': sys.exit(main())
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-21 17:50:16 +0000