rootwrap: Fix KillFilter matching

The match() method in the KillFilter is a bit buggy. Since most/many run through this logic in their way to being matched, it creates subtle issues elsewhere, specifically during linux_net bridge creation. This fixes two issues. 1. userargs gets elements directly popped off of it. If the KillFilter does not match the command its checking, the later filter that does is missing one argument. 2. Type error on pid when checking /proc, this was causing issues on instance tear down / kill -HUP'ing dnsmasq. Fixes bug 921784 Change-Id: I058ff2276e3154e8c1f6cc7077fa485db60e5827
2012-01-25 12:27:05 -08:00
parent a78fad32a3
commit e528aacbbe
1 changed files with 5 additions and 4 deletions
--- a/nova/rootwrap/filters.py
+++ b/nova/rootwrap/filters.py
@@ -100,19 +100,20 @@ class KillFilter(CommandFilter):
    """

    def match(self, userargs):
-        if len(userargs) == 3:
-            signal = userargs.pop(1)
+        args = list(userargs)
+        if len(args) == 3:
+            signal = args.pop(1)
            if signal not in self.args[0]:
                # Requested signal not in accepted list
                return False
        else:
-            if len(userargs) != 2:
+            if len(args) != 2:
                # Incorrect number of arguments
                return False
            if '' not in self.args[0]:
                # No signal, but list doesn't include empty string
                return False
-        pid = userargs[1]
+        pid = int(args[1])
        try:
            command = os.readlink("/proc/%d/exe" % pid)
            if command not in self.args[1]: