From: Reiner Sailer <sailer@us.ibm.com>
To: xen-devel@lists.xensource.com
Cc: kanno.masaki@jp.fujitsu.com, sailer@us.ibm.com
Subject: [RESEND][BUGFIX][ACM] fix return code in acm-related xm scripts
Date: Mon, 11 Sep 2006 16:01:30 -0400 [thread overview]
Message-ID: <4505C09A.3050807@us.ibm.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 373 bytes --]
This patch fixes return codes for the acm-related Xen management scripts
(error conditions) and addresses minor issues that 'pycheck' complains
about. It is tested with xm-test and by manually running the xm
commands. It also handles the return case (reported by Masaki Kanno)
that was missed in the originally patch.
Signed-off by: Reiner Sailer <sailer@us.ibm.com>
[-- Attachment #2: xm_retcode_complete.diff --]
[-- Type: text/plain, Size: 13679 bytes --]
---
tools/python/xen/xm/addlabel.py | 6 +----
tools/python/xen/xm/cfgbootpolicy.py | 6 ++---
tools/python/xen/xm/create.py | 4 +--
tools/python/xen/xm/dry-run.py | 13 +++++++----
tools/python/xen/xm/dumppolicy.py | 8 +++----
tools/python/xen/xm/getlabel.py | 40 ++++++++++++++++-------------------
tools/python/xen/xm/labels.py | 4 ++-
tools/python/xen/xm/loadpolicy.py | 5 ++--
tools/python/xen/xm/makepolicy.py | 3 +-
tools/python/xen/xm/resources.py | 21 +++++++++++-------
tools/python/xen/xm/rmlabel.py | 10 +++-----
11 files changed, 63 insertions(+), 57 deletions(-)
Index: xen-unstable.hg-shype/tools/python/xen/xm/addlabel.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/addlabel.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/addlabel.py
@@ -20,8 +20,6 @@
"""Labeling a domain configuration file or a resoruce.
"""
import sys, os
-import string
-import traceback
from xen.util import dictio
from xen.util import security
@@ -33,6 +31,7 @@ def usage():
print " resource. It derives the policy from the running hypervisor"
print " if it is not given (optional parameter). If a label already"
print " exists for the given domain or resource, then addlabel fails.\n"
+ security.err("Usage")
def validate_config_file(configfile):
@@ -134,7 +133,6 @@ def main (argv):
for prefix in [".", "/etc/xen"]:
configfile = prefix + "/" + configfile
if os.path.isfile(configfile):
- fd = open(configfile, "rb")
break
if not validate_config_file(configfile):
usage()
@@ -147,7 +145,7 @@ def main (argv):
usage()
except security.ACMError:
- traceback.print_exc(limit=1)
+ sys.exit(-1)
if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/cfgbootpolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/cfgbootpolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/cfgbootpolicy.py
@@ -70,7 +70,7 @@ def determine_kernelversion(user_specifi
within_xen_title = 0
within_xen_entry = 0
if len(version_list) > 1:
- err("Cannot decide between entries for kernels: " + version_list)
+ err("Cannot decide between entries for kernels %s" % version_list)
elif len(version_list) == 0:
err("Cannot find a boot entry candidate (please create a Xen boot entry first).")
else:
@@ -87,7 +87,6 @@ def insert_policy(boot_file, kernel_vers
within_xen_entry = 0
insert_at_end_of_entry = 0
path_prefix = ''
- done = False
(tmp_fd, tmp_grub) = tempfile.mkstemp()
#follow symlink since menue.lst might be linked to grub.conf
if stat.S_ISLNK(os.lstat(boot_file)[stat.ST_MODE]):
@@ -175,9 +174,10 @@ def main(argv):
print "Boot entry created and \'%s\' copied to /boot" % (policy + ".bin")
except ACMError:
- pass
+ sys.exit(-1)
except:
traceback.print_exc(limit=1)
+ sys.exit(-1)
Index: xen-unstable.hg-shype/tools/python/xen/xm/create.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/create.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/create.py
@@ -1155,7 +1155,7 @@ def create_security_check(config):
else:
print "Checking resources: (skipped)"
except security.ACMError:
- traceback.print_exc(limit=1)
+ sys.exit(-1)
return passed
@@ -1176,7 +1176,7 @@ def main(argv):
PrettyPrint.prettyprint(config)
else:
if not create_security_check(config):
- print "Security configuration prevents domain from starting"
+ err("Security configuration prevents domain from starting.")
else:
dom = make_domain(opts, config)
if opts.vals.console_autoconnect:
Index: xen-unstable.hg-shype/tools/python/xen/xm/dry-run.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/dry-run.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/dry-run.py
@@ -18,6 +18,7 @@
"""Tests the security settings for a domain and its resources.
"""
+import sys
from xen.util import security
from xen.xm import create
from xen.xend import sxp
@@ -28,14 +29,14 @@ def usage():
print "to see if the domain created by the configfile can access"
print "the resources. The status of each resource is listed"
print "individually along with the final security decision.\n"
+ security.err("Usage")
def main (argv):
- if len(argv) != 2:
- usage()
- return
-
try:
+ if len(argv) != 2:
+ usage()
+
passed = 0
(opts, config) = create.parseCommandLine(argv)
if create.check_domain_label(config, verbose=1):
@@ -48,8 +49,10 @@ def main (argv):
print "Dry Run: PASSED"
else:
print "Dry Run: FAILED"
+ sys.exit(-1)
+
except security.ACMError:
- pass
+ sys.exit(-1)
if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/dumppolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/dumppolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/dumppolicy.py
@@ -18,7 +18,6 @@
"""Display currently enforced policy (low-level hypervisor representation).
"""
import sys
-import traceback
from xen.util.security import ACMError, err, dump_policy
@@ -31,12 +30,13 @@ def usage():
def main(argv):
try:
+ if len(argv) != 1:
+ usage()
+
dump_policy()
except ACMError:
- pass
- except:
- traceback.print_exc(limit=1)
+ sys.exit(-1)
if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/getlabel.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/getlabel.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/getlabel.py
@@ -19,8 +19,6 @@
"""Show the label for a domain or resoruce.
"""
import sys, os, re
-import string
-import traceback
from xen.util import dictio
from xen.util import security
@@ -28,6 +26,7 @@ def usage():
print "\nUsage: xm getlabel dom <configfile>"
print " xm getlabel res <resource>\n"
print " This program shows the label for a domain or resource.\n"
+ security.err("Usage")
def get_resource_label(resource):
@@ -38,8 +37,7 @@ def get_resource_label(resource):
try:
access_control = dictio.dict_read("resources", file)
except:
- print "Resource label file not found"
- return
+ security.err("Resource label file not found")
# get the entry and print label
if access_control.has_key(resource):
@@ -47,7 +45,7 @@ def get_resource_label(resource):
label = access_control[resource][1]
print "policy="+policy+",label="+label
else:
- print "Resource not labeled"
+ security.err("Resource not labeled")
def get_domain_label(configfile):
@@ -63,8 +61,7 @@ def get_domain_label(configfile):
fd = open(file, "rb")
break
if not fd:
- print "Configuration file '"+configfile+"' not found."
- return
+ security.err("Configuration file '"+configfile+"' not found.")
# read in the domain config file, finding the label line
ac_entry_re = re.compile("^access_control\s*=.*", re.IGNORECASE)
@@ -82,8 +79,7 @@ def get_domain_label(configfile):
# send error message if we didn't find anything
if acline == "":
- print "Label does not exist in domain configuration file."
- return
+ security.err("Domain not labeled")
# print out the label
(title, data) = acline.split("=", 1)
@@ -94,19 +90,21 @@ def get_domain_label(configfile):
def main (argv):
- if len(argv) != 3:
- usage()
- return
-
- if argv[1].lower() == "dom":
- configfile = argv[2]
- get_domain_label(configfile)
- elif argv[1].lower() == "res":
- resource = argv[2]
- get_resource_label(resource)
- else:
- usage()
+ try:
+ if len(argv) != 3:
+ usage()
+
+ if argv[1].lower() == "dom":
+ configfile = argv[2]
+ get_domain_label(configfile)
+ elif argv[1].lower() == "res":
+ resource = argv[2]
+ get_resource_label(resource)
+ else:
+ usage()
+ except security.ACMError:
+ sys.exit(-1)
if __name__ == '__main__':
main(sys.argv)
Index: xen-unstable.hg-shype/tools/python/xen/xm/labels.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/labels.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/labels.py
@@ -70,10 +70,12 @@ def main(argv):
labels.sort()
for label in labels:
print label
+
except ACMError:
- pass
+ sys.exit(-1)
except:
traceback.print_exc(limit=1)
+ sys.exit(-1)
if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/loadpolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/loadpolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/loadpolicy.py
@@ -34,11 +34,12 @@ def main(argv):
if len(argv) != 2:
usage()
load_policy(argv[1])
+
except ACMError:
- pass
+ sys.exit(-1)
except:
traceback.print_exc(limit=1)
-
+ sys.exit(-1)
if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/makepolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/makepolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/makepolicy.py
@@ -37,9 +37,10 @@ def main(argv):
make_policy(argv[1])
except ACMError:
- pass
+ sys.exit(-1)
except:
traceback.print_exc(limit=1)
+ sys.exit(-1)
Index: xen-unstable.hg-shype/tools/python/xen/xm/resources.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/resources.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/resources.py
@@ -18,8 +18,7 @@
"""List the resource label information from the global resource label file
"""
-import sys, os
-import string
+import sys
from xen.util import dictio
from xen.util import security
@@ -27,6 +26,7 @@ def usage():
print "\nUsage: xm resource\n"
print " This program lists information for each resource in the"
print " global resource label file\n"
+ security.err("Usage")
def print_resource_data(access_control):
@@ -41,14 +41,19 @@ def print_resource_data(access_control):
def main (argv):
try:
- file = security.res_label_filename
- access_control = dictio.dict_read("resources", file)
- except:
- print "Resource file not found."
- return
+ if len(argv) != 1:
+ usage()
- print_resource_data(access_control)
+ try:
+ file = security.res_label_filename
+ access_control = dictio.dict_read("resources", file)
+ except:
+ security.err("Error reading resource file.")
+ print_resource_data(access_control)
+
+ except security.ACMError:
+ sys.exit(-1)
if __name__ == '__main__':
main(sys.argv)
Index: xen-unstable.hg-shype/tools/python/xen/xm/rmlabel.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/rmlabel.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/rmlabel.py
@@ -19,8 +19,6 @@
"""Remove a label from a domain configuration file or a resoruce.
"""
import sys, os, re
-import string
-import traceback
from xen.util import dictio
from xen.util import security
@@ -31,6 +29,7 @@ def usage():
print " for a domain or from the global resource label file for a"
print " resource. If the label does not exist for the given domain or"
print " resource, then rmlabel fails.\n"
+ security.err("Usage")
def rm_resource_label(resource):
@@ -48,7 +47,7 @@ def rm_resource_label(resource):
del access_control[resource]
dictio.dict_write(access_control, "resources", file)
else:
- security.err("Label does not exist in resource label file.")
+ security.err("Resource not labeled.")
def rm_domain_label(configfile):
@@ -85,7 +84,7 @@ def rm_domain_label(configfile):
# send error message if we didn't find anything to remove
if not removed:
- security.err("Label does not exist in domain configuration file.")
+ security.err("Domain not labeled.")
# write the data back out to the file
fd = open(file, "wb")
@@ -97,7 +96,6 @@ def main (argv):
try:
if len(argv) != 3:
usage()
- return
if argv[1].lower() == "dom":
configfile = argv[2]
@@ -109,7 +107,7 @@ def main (argv):
usage()
except security.ACMError:
- traceback.print_exc(limit=1)
+ sys.exit(-1)
if __name__ == '__main__':
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
reply other threads:[~2006-09-11 20:01 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4505C09A.3050807@us.ibm.com \
--to=sailer@us.ibm.com \
--cc=kanno.masaki@jp.fujitsu.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.