openstack
/
neutron
Code Issues Proposed changes

xenapi: fix rootwrap 

The xenapi root wrapper did not parse the "exec_dirs" parameter, so it
failed to execute the commands. This patch works around this problem by
parsing the "exec_dirs".

Fixes bug 1185872

Change-Id: I10175c7df5d34e47eb6044711ffbe4fe4cee3ce2
This commit is contained in:
Mate Lakat 2013-06-03 10:39:13 +01:00
parent ef95f7ffba
commit 648d3b76be
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
bin/quantum-rootwrap-xen-dom0
View File

@ -55,6 +55,7 @@ def load_configuration(exec_name, config_file):
config = ConfigParser.RawConfigParser()
config.read(config_file)
try:
exec_dirs = config.get("DEFAULT", "exec_dirs").split(",")
filters_path = config.get("DEFAULT", "filters_path").split(",")
section = 'XENAPI'
url = config.get(section, "xenapi_connection_url")
@ -74,10 +75,11 @@ def load_configuration(exec_name, config_file):
url=url,
username=username,
password=password,
exec_dirs=exec_dirs,
)
def filter_command(exec_name, filters_path, user_args):
def filter_command(exec_name, filters_path, user_args, exec_dirs):
# Add ../ to sys.path to allow running from branch
possible_topdir = os.path.normpath(os.path.join(os.path.abspath(exec_name),
os.pardir, os.pardir))
@ -88,7 +90,8 @@ def filter_command(exec_name, filters_path, user_args):
# Execute command if it matches any of the loaded filters
filters = wrapper.load_filters(filters_path)
filter_match = wrapper.match_filter(filters, user_args)
filter_match = wrapper.match_filter(
filters, user_args, exec_dirs=exec_dirs)
if not filter_match:
print "Unauthorized command: %s" % ' '.join(user_args)
sys.exit(RC_UNAUTHORIZED)
@ -110,7 +113,7 @@ def run_command(url, username, password, user_args):
def main():
exec_name, config_file, user_args = parse_args()
config = load_configuration(exec_name, config_file)
filter_command(exec_name, config['filters_path'], user_args)
filter_command(exec_name, config['filters_path'], user_args, config['exec_dirs'])
return run_command(config['url'], config['username'], config['password'],
user_args)