openstack/trove
Code Issues Proposed changes

Merge "Fixes insecure update of /etc/fstab file"

Browse Source
This commit is contained in:
Jenkins
2014-03-19 13:53:39 +00:00
committed by Gerrit Code Review
parent 6257c593d3 e966dd4881
commit 364f831135
2 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
trove/guestagent/volume.py
View File

@@ -13,14 +13,16 @@
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
from trove.openstack.common import log as logging
import os import os
import pexpect import pexpect
from tempfile import NamedTemporaryFile
from trove.common import cfg from trove.common import cfg
from trove.common import utils from trove.common import utils
from trove.common.exception import GuestError from trove.common.exception import GuestError
from trove.common.exception import ProcessExecutionError from trove.common.exception import ProcessExecutionError
from trove.openstack.common import log as logging
from trove.openstack.common.gettextutils import _
TMP_MOUNT_POINT = "/mnt/volume" TMP_MOUNT_POINT = "/mnt/volume"
@@ -141,11 +143,11 @@ class VolumeMountPoint(object):
fstab_line = ("%s\t%s\t%s\t%s\t0\t0" % fstab_line = ("%s\t%s\t%s\t%s\t0\t0" %
(self.device_path, self.mount_point, self.volume_fstype, (self.device_path, self.mount_point, self.volume_fstype,
self.mount_options)) self.mount_options))
LOG.debug("Writing new line to fstab:%s" % fstab_line) LOG.debug(_("Writing new line to fstab:%s") % fstab_line)
utils.execute("sudo", "cp", "/etc/fstab", "/etc/fstab.orig") with open('/etc/fstab', "r") as fstab:
utils.execute("sudo", "cp", "/etc/fstab", "/tmp/newfstab") fstab_content = fstab.read()
utils.execute("sudo", "chmod", "666", "/tmp/newfstab") with NamedTemporaryFile(delete=False) as tempfstab:
with open("/tmp/newfstab", 'a') as new_fstab: tempfstab.write(fstab_content + fstab_line)
new_fstab.write("\n" + fstab_line) utils.execute("sudo", "install", "-o", "root", "-g", "root", "-m",
utils.execute("sudo", "chmod", "640", "/tmp/newfstab") "644", tempfstab.name, "/etc/fstab")
utils.execute("sudo", "mv", "/tmp/newfstab", "/etc/fstab") utils.execute("sudo", "rm", tempfstab.name)

2
trove/tests/unittests/guestagent/test_volume.py
View File

@@ -179,5 +179,5 @@ class VolumeMountPointTest(testtools.TestCase):
pass pass
self.volumeMountPoint.write_to_fstab() self.volumeMountPoint.write_to_fstab()
self.assertEqual(5, utils.execute.call_count) self.assertEqual(2, utils.execute.call_count)
utils.execute = origin_execute utils.execute = origin_execute