3d6d849faa
As a part of the community goal [1], we should replace rootwrap in favor of privsep. Although the latest codes don't have a dependency on rootwrap for now, but it might be happened to introduce a task with root privilege after. In addition, there are some complex mechanism embeded in Tacker such as in setuptools or configs under `etc/`. It's hard to drop and restore them again. So, keep the mechanism active. In this update, two methods used for tests are implemented in `tacker/privileged/linux_cmd.py`, but can be used for general purpose. For the test, it's also including rootwrap for backward compatibility which will be removed in a future update. It also updates required libs as bellow for oslo.privsep 2.4.0. - eventlet>=0.30.1 - msgpack>=0.6.0 - oslo.service>=2.5.0 [1] https://governance.openstack.org/tc/goals/selected/migrate-to-privsep.html Partially-Implements: bp privsep-migration Signed-off-by: Yasufumi Ogawa <yasufum.o@gmail.com> Change-Id: Id8de4c2bae91718d6ba45ed523edc103f0b21718
34 lines
996 B
Python
34 lines
996 B
Python
# Copyright (C) 2022 Nippon Telegraph and Telephone Corporation
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
"""Basic Linux commands intented to be used in unittests"""
|
|
|
|
from oslo_concurrency import processutils
|
|
|
|
import tacker.privileged
|
|
|
|
|
|
@tacker.privileged.default.entrypoint
|
|
def pwd():
|
|
pwd = processutils.execute('pwd')
|
|
return pwd
|
|
|
|
|
|
@tacker.privileged.default.entrypoint
|
|
def ls():
|
|
ls = processutils.execute('ls')
|
|
return ls
|