From fe9f506a0736181db6c85dca16e5a0e50f494b93 Mon Sep 17 00:00:00 2001 From: ptoohill1 Date: Fri, 17 Jul 2015 13:35:23 -0500 Subject: [PATCH] Updating ssh driver with root user check In some cases a root user cannot run commands with sudo, check for it Change-Id: Idcd18764d287305713f0ba14bb65680480b9bec7 --- .../amphorae/drivers/haproxy/ssh_driver.py | 5 ++++- .../drivers/haproxy/test_ssh_driver.py | 21 ++++++++++++------- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/octavia/amphorae/drivers/haproxy/ssh_driver.py b/octavia/amphorae/drivers/haproxy/ssh_driver.py index 97aa43198e..46f9adb416 100644 --- a/octavia/amphorae/drivers/haproxy/ssh_driver.py +++ b/octavia/amphorae/drivers/haproxy/ssh_driver.py @@ -204,7 +204,7 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver): self.client.close() def _execute_command(self, command, run_as_root=False): - if run_as_root: + if run_as_root and not self._is_root(): command = "sudo {0}".format(command) _, stdout, stderr = self.client.exec_command(command) stdout = stdout.read() @@ -315,3 +315,6 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver): # Close the temp file for temp in temps: temp.close() + + def _is_root(self): + return cfg.CONF.haproxy_amphora.username == 'root' diff --git a/octavia/tests/unit/amphorae/drivers/haproxy/test_ssh_driver.py b/octavia/tests/unit/amphorae/drivers/haproxy/test_ssh_driver.py index a05d9ec315..b1d410d3dd 100644 --- a/octavia/tests/unit/amphorae/drivers/haproxy/test_ssh_driver.py +++ b/octavia/tests/unit/amphorae/drivers/haproxy/test_ssh_driver.py @@ -12,6 +12,7 @@ # License for the specific language governing permissions and limitations # under the License. +from oslo_config import cfg from oslo_log import log from oslo_utils import uuidutils import paramiko @@ -207,6 +208,13 @@ class TestSshDriver(base.TestCase): mock.call(mock.ANY, mock.ANY), ]) + def test_build_pem(self): + expected = 'imainter\nimainter2\nimacert\nimakey' + tls_tupe = sample_configs.sample_tls_container_tuple( + certificate='imacert', private_key='imakey', + intermediates=['imainter', 'imainter2']) + self.assertEqual(expected, cert_parser.build_pem(tls_tupe)) + def test_get_primary_cn(self): cert = mock.MagicMock() @@ -240,13 +248,6 @@ class TestSshDriver(base.TestCase): self.driver._map_cert_tls_container( cert).intermediates) - def test_build_pem(self): - expected = 'imainter\nimainter2\nimacert\nimakey' - tls_tupe = sample_configs.sample_tls_container_tuple( - certificate='imacert', private_key='imakey', - intermediates=['imainter', 'imainter2']) - self.assertEqual(expected, cert_parser.build_pem(tls_tupe)) - @mock.patch.object(ssh_driver.HaproxyManager, '_execute_command') def test_post_vip_plug_no_down_links(self, exec_command): amps = [data_models.Amphora(id=MOCK_AMP_ID, compute_id=MOCK_COMPUTE_ID, @@ -335,3 +336,9 @@ class TestSshDriver(base.TestCase): show_ip_call = mock.call(ssh_driver.CMD_SHOW_IP_ADDR.format(iface)) exec_command.assert_has_calls([grep_call, dhclient_call, show_ip_call]) self.assertEqual(3, exec_command.call_count) + + def test_is_root(self): + cfg.CONF.set_override('username', 'root', group='haproxy_amphora') + self.assertTrue(self.driver._is_root()) + cfg.CONF.set_override('username', 'blah', group='haproxy_amphora') + self.assertFalse(self.driver._is_root())