Remove root_helper arg from IpsetManager

Change-Id: I174f109b5d60ec6d5514ffbcdbc097271ea41758
Partially-Implements: blueprint rootwrap-daemon-mode
This commit is contained in:
Terry Wilson 2015-02-09 21:59:45 -06:00 committed by Henry Gessau
parent 6095556f96
commit bcbaaf462f
4 changed files with 11 additions and 18 deletions

View File

@ -26,9 +26,8 @@ class IpsetManager(object):
or single ip add/remove for smaller changes.
"""
def __init__(self, execute=None, root_helper=None, namespace=None):
def __init__(self, execute=None, namespace=None):
self.execute = execute or linux_utils.execute
self.root_helper = root_helper
self.namespace = namespace
self.ipset_sets = {}
@ -113,9 +112,7 @@ class IpsetManager(object):
if self.namespace:
cmd_ns.extend(['ip', 'netns', 'exec', self.namespace])
cmd_ns.extend(cmd)
self.execute(cmd_ns,
root_helper=self.root_helper,
process_input=input)
self.execute(cmd_ns, run_as_root=True, process_input=input)
def _get_new_set_ips(self, set_name, expected_ips):
new_member_ips = (set(expected_ips) -

View File

@ -48,12 +48,11 @@ class IptablesFirewallDriver(firewall.FirewallDriver):
EGRESS_DIRECTION: 'physdev-in'}
def __init__(self):
self.root_helper = cfg.CONF.AGENT.root_helper
self.iptables = iptables_manager.IptablesManager(
use_ipv6=ipv6_utils.is_enabled())
# TODO(majopela, shihanzhang): refactor out ipset to a separate
# driver composed over this one
self.ipset = ipset_manager.IpsetManager(root_helper=self.root_helper)
self.ipset = ipset_manager.IpsetManager()
# list of port which has security group
self.filtered_ports = {}
self._add_fallback_chain_v4v6()

View File

@ -39,7 +39,6 @@ class IpsetBase(base.BaseIPVethTestCase):
def _create_ipset_manager_and_set(self, dst_ns, set_name):
ipset = ipset_manager.IpsetManager(
root_helper=self.root_helper,
namespace=dst_ns.namespace)
ipset._create_set(set_name, IPSET_ETHERTYPE)

View File

@ -27,9 +27,7 @@ FAKE_IPS = ['10.0.0.1', '10.0.0.2', '10.0.0.3', '10.0.0.4',
class BaseIpsetManagerTest(base.BaseTestCase):
def setUp(self):
super(BaseIpsetManagerTest, self).setUp()
self.root_helper = 'sudo'
self.ipset = ipset_manager.IpsetManager(
root_helper=self.root_helper)
self.ipset = ipset_manager.IpsetManager()
self.execute = mock.patch.object(self.ipset, "execute").start()
self.expected_calls = []
self.expect_create()
@ -44,38 +42,38 @@ class BaseIpsetManagerTest(base.BaseTestCase):
self.expected_calls.extend([
mock.call(['ipset', 'restore', '-exist'],
process_input=input,
root_helper=self.root_helper),
run_as_root=True),
mock.call(['ipset', 'swap', TEST_SET_NAME_NEW, TEST_SET_NAME],
process_input=None,
root_helper=self.root_helper),
run_as_root=True),
mock.call(['ipset', 'destroy', TEST_SET_NAME_NEW],
process_input=None,
root_helper=self.root_helper)])
run_as_root=True)])
def expect_add(self, addresses):
self.expected_calls.extend(
mock.call(['ipset', 'add', '-exist', TEST_SET_NAME, ip],
process_input=None,
root_helper=self.root_helper) for ip in addresses)
run_as_root=True) for ip in addresses)
def expect_del(self, addresses):
self.expected_calls.extend(
mock.call(['ipset', 'del', TEST_SET_NAME, ip],
process_input=None,
root_helper=self.root_helper) for ip in addresses)
run_as_root=True) for ip in addresses)
def expect_create(self):
self.expected_calls.append(
mock.call(['ipset', 'create', '-exist', TEST_SET_NAME,
'hash:ip', 'family', 'inet'],
process_input=None,
root_helper=self.root_helper))
run_as_root=True))
def expect_destroy(self):
self.expected_calls.append(
mock.call(['ipset', 'destroy', TEST_SET_NAME],
process_input=None,
root_helper=self.root_helper))
run_as_root=True))
def add_first_ip(self):
self.expect_set([FAKE_IPS[0]])