Merge pull request #149 from harlowja/master

Super awesome.
This commit is contained in:
Gunther Hagleitner 2012-03-29 17:16:24 -07:00
commit f3bd4963f2
2 changed files with 24 additions and 75 deletions

View File

@ -19,85 +19,24 @@
""" """
from devstack import log as logging from devstack import log as logging
from devstack import shell as sh
from devstack import utils
from devstack.components import db from devstack.distros import rhel6
from devstack.components import horizon
from devstack.components import nova
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
SOCKET_CONF = "/etc/httpd/conf.d/wsgi-socket-prefix.conf"
HTTPD_CONF = '/etc/httpd/conf/httpd.conf'
# See: http://wiki.libvirt.org/page/SSHPolicyKitSetup # See: http://wiki.libvirt.org/page/SSHPolicyKitSetup
# FIXME: take from distro config?? # FIXME: take from distro config??
# TODO(mikeyp) check correct path for fedora # TODO(mikeyp) check correct path for fedora
LIBVIRT_POLICY_FN = "/etc/polkit-1/localauthority/50-local.d/50-libvirt-access.pkla" LIBVIRT_POLICY_FN = "/etc/polkit-1/localauthority/50-local.d/50-libvirt-access.pkla"
LIBVIRT_POLICY_CONTENTS = """
[libvirt Management Access]
Identity={idents}
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes
"""
DEF_IDENT = 'unix-group:libvirtd'
class DBInstaller(db.DBInstaller): class DBInstaller(rhel6.DBInstaller):
pass
def _configure_db_confs(self):
LOG.info("Fixing up %s mysql configs.", self.distro.name)
fc = sh.load_file('/etc/my.cnf')
lines = fc.splitlines()
new_lines = list()
for line in lines:
if line.startswith('skip-grant-tables'):
line = '#' + line
new_lines.append(line)
fc = utils.joinlinesep(*new_lines)
with sh.Rooted(True):
sh.write_file('/etc/my.cnf', fc)
class HorizonInstaller(horizon.HorizonInstaller): class HorizonInstaller(rhel6.HorizonInstaller):
pass
def _config_fixups(self):
(user, group) = self._get_apache_user_group()
# This is recorded so it gets cleaned up during uninstall
self.tracewriter.file_touched(SOCKET_CONF)
LOG.info("Fixing up %s and %s files" % (SOCKET_CONF, HTTPD_CONF))
with sh.Rooted(True):
# Fix the socket prefix to someplace we can use
fc = "WSGISocketPrefix %s" % (sh.joinpths(self.log_dir, "wsgi-socket"))
sh.write_file(SOCKET_CONF, fc)
# Now adjust the run user and group (of httpd.conf)
new_lines = list()
for line in sh.load_file(HTTPD_CONF).splitlines():
if line.startswith("User "):
line = "User %s" % (user)
if line.startswith("Group "):
line = "Group %s" % (group)
new_lines.append(line)
sh.write_file(HTTPD_CONF, utils.joinlinesep(*new_lines))
class NovaInstaller(nova.NovaInstaller): class NovaInstaller(rhel6.NovaInstaller):
pass
def configure(self):
configs_made = nova.NovaInstaller.configure(self)
driver_canon = nova.canon_virt_driver(self.cfg.get('nova', 'virt_driver'))
if driver_canon == 'libvirt':
ident_users = set()
ident_users.add(DEF_IDENT)
ident_users.add('unix-user:%s' % (sh.getuser()))
fc_contents = LIBVIRT_POLICY_CONTENTS.format(idents=(";".join(ident_users)))
with sh.Rooted(True):
dirs_made = sh.mkdirslist(sh.dirname(LIBVIRT_POLICY_FN))
sh.write_file(LIBVIRT_POLICY_FN, fc_contents)
self.tracewriter.cfg_file_written(LIBVIRT_POLICY_FN)
self.tracewriter.dirs_made(*dirs_made)
configs_made += 1
return configs_made

View File

@ -87,18 +87,28 @@ class HorizonInstaller(horizon.HorizonInstaller):
class NovaInstaller(nova.NovaInstaller): class NovaInstaller(nova.NovaInstaller):
def _get_policy(self, ident_users):
fn = LIBVIRT_POLICY_FN
contents = LIBVIRT_POLICY_CONTENTS.format(idents=(";".join(ident_users)))
return (fn, contents)
def _get_policy_users(self):
ident_users = set()
ident_users.add(DEF_IDENT)
ident_users.add('unix-user:%s' % (sh.getuser()))
return ident_users
def configure(self): def configure(self):
configs_made = nova.NovaInstaller.configure(self) configs_made = nova.NovaInstaller.configure(self)
driver_canon = nova.canon_virt_driver(self.cfg.get('nova', 'virt_driver')) driver_canon = nova.canon_virt_driver(self.cfg.get('nova', 'virt_driver'))
if driver_canon == 'libvirt': if driver_canon == 'libvirt':
ident_users = set() (fn, contents) = self._get_policy(self._get_policy_users())
ident_users.add(DEF_IDENT) dirs_made = list()
ident_users.add('unix-user:%s' % (sh.getuser()))
fc_contents = LIBVIRT_POLICY_CONTENTS.format(idents=(";".join(ident_users)))
with sh.Rooted(True): with sh.Rooted(True):
dirs_made = sh.mkdirslist(sh.dirname(LIBVIRT_POLICY_FN)) # TODO check if this dir is restricted before assuming it isn't?
sh.write_file(LIBVIRT_POLICY_FN, fc_contents) dirs_made.extend(sh.mkdirslist(sh.dirname(fn)))
self.tracewriter.cfg_file_written(LIBVIRT_POLICY_FN) sh.write_file(fn, contents)
self.tracewriter.cfg_file_written(fn)
self.tracewriter.dirs_made(*dirs_made) self.tracewriter.dirs_made(*dirs_made)
configs_made += 1 configs_made += 1
return configs_made return configs_made