diff --git a/cinder/privsep/fs.py b/cinder/privsep/fs.py index f880a6d8c0e..e788d4e6c11 100644 --- a/cinder/privsep/fs.py +++ b/cinder/privsep/fs.py @@ -27,8 +27,3 @@ import cinder.privsep @cinder.privsep.sys_admin_pctxt.entrypoint def umount(mountpoint): processutils.execute('umount', mountpoint, attempts=1, delay_on_retry=True) - - -@cinder.privsep.sys_admin_pctxt.entrypoint -def truncate(size, path): - processutils.execute('truncate', '-s', size, path) diff --git a/cinder/tests/unit/volume/drivers/nexenta/test_nexenta5_nfs.py b/cinder/tests/unit/volume/drivers/nexenta/test_nexenta5_nfs.py index 550758aaf80..10d89cf70b3 100644 --- a/cinder/tests/unit/volume/drivers/nexenta/test_nexenta5_nfs.py +++ b/cinder/tests/unit/volume/drivers/nexenta/test_nexenta5_nfs.py @@ -141,22 +141,22 @@ class TestNexentaNfsDriver(test.TestCase): self.nef_mock.get.return_value = {} self.drv.delete_volume(self.TEST_VOLUME) self.nef_mock.delete.assert_called_with( - 'storage/pools/pool/filesystems/share%2Fvolume-' - + fake.VOLUME_ID + '?snapshots=true') + 'storage/pools/pool/filesystems/share%2Fvolume-' + + fake.VOLUME_ID + '?snapshots=true') def test_create_snapshot(self): self._create_volume_db_entry() self.drv.create_snapshot(self.TEST_SNAPSHOT) - url = ('storage/pools/pool/filesystems/share%2Fvolume-' - + fake.VOLUME_ID + '/snapshots') + url = ('storage/pools/pool/filesystems/share%2Fvolume-' + + fake.VOLUME_ID + '/snapshots') data = {'name': self.TEST_SNAPSHOT['name']} self.nef_mock.post.assert_called_with(url, data) def test_delete_snapshot(self): self._create_volume_db_entry() self.drv.delete_snapshot(self.TEST_SNAPSHOT) - url = ('storage/pools/pool/filesystems/share%2Fvolume-' - + fake.VOLUME_ID + '/snapshots/snapshot1') + url = ('storage/pools/pool/filesystems/share%2Fvolume-' + + fake.VOLUME_ID + '/snapshots/snapshot1') self.drv.delete_snapshot(self.TEST_SNAPSHOT) self.nef_mock.delete.assert_called_with(url) @@ -185,15 +185,18 @@ class TestNexentaNfsDriver(test.TestCase): @patch('cinder.volume.drivers.nexenta.ns5.nfs.' 'NexentaNfsDriver.local_path') - @patch('cinder.privsep.fs.truncate') - def test_extend_volume_sparsed(self, mock_truncate, path): + @patch('oslo_concurrency.processutils.execute') + def test_extend_volume_sparsed(self, _execute, path): self._create_volume_db_entry() path.return_value = 'path' self.drv.extend_volume(self.TEST_VOLUME, 2) - mock_truncate.assert_called_once_with( - '2G', 'path') + _execute.assert_called_with( + 'truncate', '-s', '2G', + 'path', + root_helper='sudo cinder-rootwrap /etc/cinder/rootwrap.conf', + run_as_root=True) @patch('cinder.volume.drivers.nexenta.ns5.nfs.' 'NexentaNfsDriver.local_path') diff --git a/cinder/tests/unit/volume/drivers/test_gpfs.py b/cinder/tests/unit/volume/drivers/test_gpfs.py index 1089ae25cae..20a24f99e35 100644 --- a/cinder/tests/unit/volume/drivers/test_gpfs.py +++ b/cinder/tests/unit/volume/drivers/test_gpfs.py @@ -648,8 +648,7 @@ class GPFSDriverTestCase(test.TestCase): fake_fs_release = org_fake_fs_release @mock.patch('cinder.utils.execute') - @mock.patch('cinder.privsep.fs.truncate') - def test_create_sparse_file(self, mock_truncate, mock_exec): + def test_create_sparse_file(self, mock_exec): self.driver._create_sparse_file('', 100) @mock.patch('cinder.utils.execute') diff --git a/cinder/tests/unit/volume/drivers/test_nfs.py b/cinder/tests/unit/volume/drivers/test_nfs.py index f65419c04c8..20ed172b424 100644 --- a/cinder/tests/unit/volume/drivers/test_nfs.py +++ b/cinder/tests/unit/volume/drivers/test_nfs.py @@ -27,7 +27,6 @@ from oslo_utils import units from cinder import context from cinder import exception from cinder.image import image_utils -import cinder.privsep.fs as privsep from cinder import test from cinder.tests.unit import fake_snapshot from cinder.tests.unit import fake_volume @@ -58,10 +57,10 @@ class RemoteFsDriverTestCase(test.TestCase): self._execute = mock_exc.start() self.addCleanup(mock_exc.stop) - @mock.patch('cinder.privsep.fs.truncate') - def test_create_sparsed_file(self, mock_truncate): + def test_create_sparsed_file(self): self._driver._create_sparsed_file('/path', 1) - mock_truncate.assert_called_with('1G', '/path') + self._execute.assert_called_once_with('truncate', '-s', '1G', + '/path', run_as_root=True) def test_create_regular_file(self): self._driver._create_regular_file('/path', 1) @@ -1276,7 +1275,6 @@ class NfsDriverTestCase(test.TestCase): self.mock_object(drv, '_create_regular_file') self.mock_object(drv, '_set_rw_permissions') self.mock_object(drv, '_read_file') - self.mock_object(privsep, 'truncate') ret = drv.create_volume_from_snapshot(new_volume, fake_snap) diff --git a/cinder/tests/unit/volume/drivers/test_remotefs.py b/cinder/tests/unit/volume/drivers/test_remotefs.py index 1516e2b6d47..290e64949f3 100644 --- a/cinder/tests/unit/volume/drivers/test_remotefs.py +++ b/cinder/tests/unit/volume/drivers/test_remotefs.py @@ -50,8 +50,8 @@ class RemoteFsSnapDriverTestCase(test.TestCase): self._fake_volume_path = os.path.join(self._FAKE_MNT_POINT, self._fake_volume.name) self._fake_snapshot = fake_snapshot.fake_snapshot_obj(self.context) - self._fake_snapshot_path = (self._fake_volume_path + '.' - + self._fake_snapshot.id) + self._fake_snapshot_path = (self._fake_volume_path + '.' + + self._fake_snapshot.id) self._fake_snapshot.volume = self._fake_volume @ddt.data({'current_state': 'in-use', @@ -718,9 +718,7 @@ class RemoteFsSnapDriverTestCase(test.TestCase): @mock.patch('json.dump') @mock.patch('cinder.volume.drivers.remotefs.open') @mock.patch('os.path.exists') - @mock.patch('cinder.privsep.fs.truncate') def test_write_info_file(self, - mock_truncate, mock_os_path_exists, mock_open, mock_json_dump, @@ -743,8 +741,9 @@ class RemoteFsSnapDriverTestCase(test.TestCase): self._driver._execute.assert_not_called() self._driver._set_rw_permissions.assert_not_called() else: - mock_truncate.assert_called_once_with( - 0, fake_info_path) + self._driver._execute.assert_called_once_with( + 'truncate', "-s0", fake_info_path, + run_as_root=self._driver._execute_as_root) self._driver._set_rw_permissions.assert_called_once_with( fake_info_path) @@ -869,8 +868,8 @@ class RevertToSnapshotMixinTestCase(test.TestCase): self._fake_volume_path = os.path.join(self._FAKE_MNT_POINT, self._fake_volume.name) self._fake_snapshot = fake_snapshot.fake_snapshot_obj(self.context) - self._fake_snapshot_path = (self._fake_volume_path + '.' - + self._fake_snapshot.id) + self._fake_snapshot_path = (self._fake_volume_path + '.' + + self._fake_snapshot.id) self._fake_snapshot_name = os.path.basename( self._fake_snapshot_path) self._fake_snapshot.volume = self._fake_volume diff --git a/cinder/tests/unit/volume/drivers/test_veritas_cnfs.py b/cinder/tests/unit/volume/drivers/test_veritas_cnfs.py index 21eea606963..cefd7e15262 100644 --- a/cinder/tests/unit/volume/drivers/test_veritas_cnfs.py +++ b/cinder/tests/unit/volume/drivers/test_veritas_cnfs.py @@ -162,9 +162,8 @@ class VeritasCNFSDriverTestCase(test.TestCase): @mock.patch.object(cnfs.VeritasCNFSDriver, '_do_clone_volume') @mock.patch.object(cnfs.VeritasCNFSDriver, 'local_path') - @mock.patch('cinder.privsep.fs.truncate') - def test_create_volume_from_snapshot_greater_size( - self, mock_truncate, m_local_path, m_do_clone_volume): + def test_create_volume_from_snapshot_greater_size(self, m_local_path, + m_do_clone_volume): """test create volume from snapshot with greater volume size""" drv = self.driver volume = fake_volume.fake_volume_obj(self.context) diff --git a/cinder/volume/drivers/ibm/gpfs.py b/cinder/volume/drivers/ibm/gpfs.py index 57c0ea7b544..e363b27fa32 100644 --- a/cinder/volume/drivers/ibm/gpfs.py +++ b/cinder/volume/drivers/ibm/gpfs.py @@ -34,7 +34,6 @@ from cinder.i18n import _ from cinder.image import image_utils from cinder import interface from cinder.objects import fields -import cinder.privsep.fs from cinder import utils from cinder.volume import configuration from cinder.volume import driver @@ -489,7 +488,7 @@ class GPFSDriver(driver.CloneableImageVD, """Creates file with 0 disk usage.""" sizestr = _sizestr(size) - cinder.privsep.fs.truncate(sizestr, path) + self.gpfs_execute('truncate', '-s', sizestr, path) def _allocate_file_blocks(self, path, size): """Preallocate file blocks by writing zeros.""" diff --git a/cinder/volume/drivers/nexenta/ns5/nfs.py b/cinder/volume/drivers/nexenta/ns5/nfs.py index 143ab8ea111..bf225f02a28 100644 --- a/cinder/volume/drivers/nexenta/ns5/nfs.py +++ b/cinder/volume/drivers/nexenta/ns5/nfs.py @@ -24,7 +24,6 @@ from cinder import db from cinder import exception from cinder.i18n import _ from cinder import interface -import cinder.privsep.fs from cinder.volume.drivers.nexenta.ns5 import jsonrpc from cinder.volume.drivers.nexenta import options from cinder.volume.drivers.nexenta import utils @@ -242,12 +241,13 @@ class NexentaNfsDriver(nfs.NfsDriver): LOG.info('Extending volume: %(id)s New size: %(size)s GB', {'id': volume['id'], 'size': new_size}) if self.sparsed_volumes: - cinder.privsep.fs.truncate('%sG' % new_size, - self.local_path(volume)) + self._execute('truncate', '-s', '%sG' % new_size, + self.local_path(volume), + run_as_root=self._execute_as_root) else: block_size_mb = 1 - block_count = ((new_size - volume['size']) * units.Gi - // (block_size_mb * units.Mi)) + block_count = ((new_size - volume['size']) * units.Gi // + (block_size_mb * units.Mi)) self._execute( 'dd', 'if=/dev/zero', 'seek=%d' % (volume['size'] * units.Gi / block_size_mb), diff --git a/cinder/volume/drivers/remotefs.py b/cinder/volume/drivers/remotefs.py index b0767172da1..b6128b71587 100644 --- a/cinder/volume/drivers/remotefs.py +++ b/cinder/volume/drivers/remotefs.py @@ -38,7 +38,6 @@ from cinder import exception from cinder.i18n import _ from cinder.image import image_utils from cinder.objects import fields -import cinder.privsep.fs from cinder import utils from cinder.volume import configuration from cinder.volume import driver @@ -380,7 +379,8 @@ class RemoteFSDriver(driver.BaseVD): def _create_sparsed_file(self, path, size): """Creates a sparse file of a given size in GiB.""" - cinder.privsep.fs.truncate('%sG' % size, path) + self._execute('truncate', '-s', '%sG' % size, + path, run_as_root=self._execute_as_root) def _create_regular_file(self, path, size): """Creates a regular file of given size in GiB.""" @@ -753,7 +753,8 @@ class RemoteFSSnapDriverBase(RemoteFSDriver): if not (os.path.exists(info_path) or os.name == 'nt'): # We're not managing file permissions on Windows. # Plus, 'truncate' is not available. - cinder.privsep.fs.truncate(0, info_path) + self._execute('truncate', "-s0", info_path, + run_as_root=self._execute_as_root) self._set_rw_permissions(info_path) with open(info_path, 'w') as f: diff --git a/cinder/volume/drivers/veritas_cnfs.py b/cinder/volume/drivers/veritas_cnfs.py index 223d2b40653..72697bb2c28 100644 --- a/cinder/volume/drivers/veritas_cnfs.py +++ b/cinder/volume/drivers/veritas_cnfs.py @@ -21,7 +21,6 @@ from oslo_utils import excutils from cinder import exception from cinder.i18n import _ from cinder import interface -import cinder.privsep.fs import cinder.privsep.path from cinder.volume.drivers import nfs @@ -173,7 +172,7 @@ class VeritasCNFSDriver(nfs.NfsDriver): def extend_volume(self, volume, size): """Extend the volume to new size""" path = self.local_path(volume) - cinder.privsep.fs.truncate('%sG' % size, path) + self._execute('truncate', '-s', '%sG' % size, path, run_as_root=True) LOG.debug("VeritasNFSDriver: extend_volume volume_id = %s", volume.id) def _update_volume_stats(self): diff --git a/etc/cinder/rootwrap.d/volume.filters b/etc/cinder/rootwrap.d/volume.filters index 319e223d90b..713807f48cc 100644 --- a/etc/cinder/rootwrap.d/volume.filters +++ b/etc/cinder/rootwrap.d/volume.filters @@ -86,6 +86,7 @@ stat: CommandFilter, stat, root mount: CommandFilter, mount, root df: CommandFilter, df, root du: CommandFilter, du, root +truncate: CommandFilter, truncate, root chmod: CommandFilter, chmod, root rm: CommandFilter, rm, root