diff --git a/etc/trove/trove-guestagent.conf.sample b/etc/trove/trove-guestagent.conf.sample index babf7ee551..09f89d2af7 100644 --- a/etc/trove/trove-guestagent.conf.sample +++ b/etc/trove/trove-guestagent.conf.sample @@ -64,12 +64,6 @@ rabbit_password=f7999d1955c5014aa32c # ========== Default Users / DBs Configuration ========== -# Users to ignore for user create/list/delete operations -ignore_users = os_admin - -# Databases to ignore for db create/list/delete operations -ignore_dbs = lost+found, mysql, information_schema - # Permissions to grant "root" user by default root_grant = ALL root_grant_option = True @@ -132,6 +126,12 @@ log_file = logfile.txt # replication_user = slave_user # replication_password = slave_password +# Users to ignore for user create/list/delete operations +# ignore_users = os_admin + +# Databases to ignore for db create/list/delete operations +# ignore_dbs = mysql, information_schema, performance_schema + [vertica] # For vertica, following are the defaults needed: # mount_point = /var/lib/vertica diff --git a/etc/trove/trove.conf.sample b/etc/trove/trove.conf.sample index bb824fc5e7..c4835e4a59 100644 --- a/etc/trove/trove.conf.sample +++ b/etc/trove/trove.conf.sample @@ -142,10 +142,6 @@ taskmanager_queue = taskmanager # Auth admin_roles = admin -# Users to ignore for user create/list/delete operations -ignore_users = os_admin, root -ignore_dbs = lost+found, mysql, information_schema - # Guest related conf agent_heartbeat_time = 10 agent_call_low_timeout = 5 @@ -219,6 +215,11 @@ tcp_ports = 3306 volume_support = True device_path = /dev/vdb +# Users to ignore for user create/list/delete operations +ignore_users = os_admin, root +ignore_dbs = mysql, information_schema, performance_schema + + [redis] tcp_ports = 6379 #redis uses local storage diff --git a/trove/common/cfg.py b/trove/common/cfg.py index 73eba83be7..523749ade6 100644 --- a/trove/common/cfg.py +++ b/trove/common/cfg.py @@ -129,11 +129,6 @@ common_opts = [ help='Page size for listing backups.'), cfg.IntOpt('configurations_page_size', default=20, help='Page size for listing configurations.'), - cfg.ListOpt('ignore_users', default=['os_admin', 'root'], - help='Users to exclude when listing users.'), - cfg.ListOpt('ignore_dbs', - default=['mysql', 'information_schema', 'performance_schema'], - help='Databases to exclude when listing databases.'), cfg.IntOpt('agent_call_low_timeout', default=5, help="Maximum time (in seconds) to wait for Guest Agent 'quick'" "requests (such as retrieving a list of users or " @@ -491,6 +486,15 @@ mysql_opts = [ cfg.StrOpt('root_controller', default='trove.extensions.common.service.DefaultRootController', help='Root controller implementation for mysql.'), + cfg.ListOpt('ignore_users', default=['os_admin', 'root'], + help='Users to exclude when listing users.', + deprecated_name='ignore_users', + deprecated_group='DEFAULT'), + cfg.ListOpt('ignore_dbs', + default=['mysql', 'information_schema', 'performance_schema'], + help='Databases to exclude when listing databases.', + deprecated_name='ignore_dbs', + deprecated_group='DEFAULT'), ] # Percona @@ -555,6 +559,15 @@ percona_opts = [ cfg.StrOpt('root_controller', default='trove.extensions.common.service.DefaultRootController', help='Root controller implementation for percona.'), + cfg.ListOpt('ignore_users', default=['os_admin', 'root'], + help='Users to exclude when listing users.', + deprecated_name='ignore_users', + deprecated_group='DEFAULT'), + cfg.ListOpt('ignore_dbs', + default=['mysql', 'information_schema', 'performance_schema'], + help='Databases to exclude when listing databases.', + deprecated_name='ignore_dbs', + deprecated_group='DEFAULT'), ] # Percona XtraDB Cluster @@ -608,6 +621,9 @@ pxc_opts = [ 'backup.'), cfg.ListOpt('ignore_users', default=['os_admin', 'root', 'clusterrepuser'], help='Users to exclude when listing users.'), + cfg.ListOpt('ignore_dbs', + default=['mysql', 'information_schema', 'performance_schema'], + help='Databases to exclude when listing databases.'), cfg.BoolOpt('cluster_support', default=True, help='Enable clusters to be created and managed.'), cfg.IntOpt('min_cluster_member_count', default=3, @@ -1132,6 +1148,15 @@ mariadb_opts = [ cfg.StrOpt('root_controller', default='trove.extensions.common.service.DefaultRootController', help='Root controller implementation for mysql.'), + cfg.ListOpt('ignore_users', default=['os_admin', 'root'], + help='Users to exclude when listing users.', + deprecated_name='ignore_users', + deprecated_group='DEFAULT'), + cfg.ListOpt('ignore_dbs', + default=['mysql', 'information_schema', 'performance_schema'], + help='Databases to exclude when listing databases.', + deprecated_name='ignore_dbs', + deprecated_group='DEFAULT'), ] # RPC version groups @@ -1202,3 +1227,31 @@ def parse_args(argv, default_config_files=None): project='trove', version=trove.__version__, default_config_files=default_config_files) + + +def get_ignored_dbs(manager=None): + """ + Get the list of ignored databases taking into account the fact + that the manager may not be specified, and the manager (if + specified) may not list ignore_dbs. + """ + + _manager = manager or CONF.datastore_manager or 'mysql' + + _ignore_dbs = CONF.get(_manager).ignore_dbs or CONF.ignore_dbs or [] + + return _ignore_dbs + + +def get_ignored_users(manager=None): + """ + Get the list of ignored users taking into account the fact + that the manager may not be specified, and the manager (if + specified) may not list ignore_users. + """ + + _manager = manager or CONF.datastore_manager or 'mysql' + + _ignore_users = CONF.get(_manager).ignore_users or CONF.ignore_users or [] + + return _ignore_users diff --git a/trove/extensions/mysql/models.py b/trove/extensions/mysql/models.py index 80ba45b456..e79c70c189 100644 --- a/trove/extensions/mysql/models.py +++ b/trove/extensions/mysql/models.py @@ -189,11 +189,10 @@ class Users(object): marker=marker, include_marker=include_marker) model_users = [] - ignore_users = CONF.ignore_users for user in user_list: mysql_user = guest_models.MySQLUser() mysql_user.deserialize(user) - if mysql_user.name in ignore_users: + if mysql_user.name in cfg.get_ignored_users(): continue # TODO(hub-cap): databases are not being returned in the # reference agent @@ -253,11 +252,10 @@ class Schemas(object): marker=marker, include_marker=include_marker) model_schemas = [] - ignore_dbs = CONF.ignore_dbs for schema in schemas: mysql_schema = guest_models.MySQLDatabase() mysql_schema.deserialize(schema) - if mysql_schema.name in ignore_dbs: + if mysql_schema.name in cfg.get_ignored_dbs(): continue model_schemas.append(Schema(mysql_schema.name, mysql_schema.collate, diff --git a/trove/guestagent/datastore/experimental/db2/service.py b/trove/guestagent/datastore/experimental/db2/service.py index 2e2ba3d064..933f5fa630 100644 --- a/trove/guestagent/datastore/experimental/db2/service.py +++ b/trove/guestagent/datastore/experimental/db2/service.py @@ -27,7 +27,6 @@ from trove.guestagent.db import models CONF = cfg.CONF LOG = logging.getLogger(__name__) -IGNORE_USERS_LIST = CONF.db2.ignore_users class DB2App(object): @@ -340,8 +339,9 @@ class DB2Admin(object): LOG.debug("item = %r" % item) user = item.split() if item != "" else None LOG.debug("user = %r" % (user)) - if user is not None and user[0] not in IGNORE_USERS_LIST \ - and user[1] == 'Y': + if (user is not None + and (user[0] not in cfg.get_ignored_users(manager='db2') + and user[1] == 'Y')): userlist.append(user[0]) result = iter(userlist) diff --git a/trove/guestagent/datastore/experimental/mongodb/service.py b/trove/guestagent/datastore/experimental/mongodb/service.py index 94c7edfe1f..e9ed52369d 100644 --- a/trove/guestagent/datastore/experimental/mongodb/service.py +++ b/trove/guestagent/datastore/experimental/mongodb/service.py @@ -45,8 +45,6 @@ CNF_CLUSTER = 'clustering' MONGODB_PORT = CONF.mongodb.mongodb_port CONFIGSVR_PORT = CONF.mongodb.configsvr_port -IGNORED_DBS = CONF.mongodb.ignore_dbs -IGNORED_USERS = CONF.mongodb.ignore_users class MongoDBApp(object): @@ -645,7 +643,7 @@ class MongoDBAdmin(object): for user_info in admin_client.admin.system.users.find(): user = models.MongoDBUser(name=user_info['_id']) user.roles = user_info['roles'] - if user.name not in IGNORED_USERS: + if user.name not in cfg.get_ignored_users(manager='mongodb'): users.append(user.serialize()) LOG.debug('users = ' + str(users)) return pagination.paginate_list(users, limit, marker, @@ -737,7 +735,7 @@ class MongoDBAdmin(object): def list_databases(self, limit=None, marker=None, include_marker=False): """Lists the databases.""" db_names = self.list_database_names() - for hidden in IGNORED_DBS: + for hidden in cfg.get_ignored_dbs(manager='mongodb'): if hidden in db_names: db_names.remove(hidden) databases = [models.MongoDBSchema(db_name).serialize() diff --git a/trove/guestagent/datastore/experimental/postgresql/service/database.py b/trove/guestagent/datastore/experimental/postgresql/service/database.py index f7d625125e..775034b417 100644 --- a/trove/guestagent/datastore/experimental/postgresql/service/database.py +++ b/trove/guestagent/datastore/experimental/postgresql/service/database.py @@ -23,7 +23,6 @@ from trove.guestagent.datastore.experimental.postgresql import pgutil LOG = logging.getLogger(__name__) CONF = cfg.CONF -IGNORE_DBS_LIST = CONF.get(CONF.datastore_manager).ignore_dbs class PgSqlDatabase(object): @@ -89,7 +88,7 @@ class PgSqlDatabase(object): [{"_name": "", "_character_set": "", "_collate": ""}, ...] """ results = pgutil.query( - pgutil.DatabaseQuery.list(ignore=IGNORE_DBS_LIST), + pgutil.DatabaseQuery.list(ignore=cfg.get_ignored_dbs()), timeout=30, ) # Convert results to dictionaries. diff --git a/trove/guestagent/datastore/experimental/postgresql/service/root.py b/trove/guestagent/datastore/experimental/postgresql/service/root.py index 01039e16c6..c7d19db95e 100644 --- a/trove/guestagent/datastore/experimental/postgresql/service/root.py +++ b/trove/guestagent/datastore/experimental/postgresql/service/root.py @@ -22,7 +22,6 @@ from trove.guestagent.datastore.experimental.postgresql import pgutil LOG = logging.getLogger(__name__) CONF = cfg.CONF -IGNORE_USERS_LIST = CONF.get(CONF.datastore_manager).ignore_users class PgSqlRoot(object): @@ -35,7 +34,7 @@ class PgSqlRoot(object): system administration superuser of os_admin. """ results = pgutil.query( - pgutil.UserQuery.list_root(ignore=IGNORE_USERS_LIST), + pgutil.UserQuery.list_root(ignore=cfg.get_ignored_users()), timeout=30, ) # Reduce iter of iters to iter of single values. diff --git a/trove/guestagent/datastore/experimental/postgresql/service/users.py b/trove/guestagent/datastore/experimental/postgresql/service/users.py index eaa8575613..83fe37039c 100644 --- a/trove/guestagent/datastore/experimental/postgresql/service/users.py +++ b/trove/guestagent/datastore/experimental/postgresql/service/users.py @@ -25,7 +25,6 @@ from trove.guestagent.datastore.experimental.postgresql.service.access import ( LOG = logging.getLogger(__name__) CONF = cfg.CONF -IGNORE_USERS_LIST = CONF.get(CONF.datastore_manager).ignore_users class PgSqlUsers(PgSqlAccess): @@ -87,7 +86,7 @@ class PgSqlUsers(PgSqlAccess): "_databases": [{"_name": ""}, ...]}, ...] """ results = pgutil.query( - pgutil.UserQuery.list(ignore=IGNORE_USERS_LIST), + pgutil.UserQuery.list(ignore=cfg.get_ignored_users()), timeout=30, ) # Convert results into dictionaries. diff --git a/trove/guestagent/datastore/mysql_common/service.py b/trove/guestagent/datastore/mysql_common/service.py index 5e24dfc102..985b76ba4a 100644 --- a/trove/guestagent/datastore/mysql_common/service.py +++ b/trove/guestagent/datastore/mysql_common/service.py @@ -58,7 +58,6 @@ TMP_MYCNF = "/tmp/my.cnf.tmp" MYSQL_BASE_DIR = "/var/lib/mysql" CONF = cfg.CONF -MANAGER = CONF.datastore_manager if CONF.datastore_manager else 'mysql' INCLUDE_MARKER_OPERATORS = { True: ">=", @@ -420,7 +419,7 @@ class BaseMySqlAdmin(object): def list_databases(self, limit=None, marker=None, include_marker=False): """List databases the user created on this mysql instance.""" LOG.debug("---Listing Databases---") - ignored_database_names = "'%s'" % "', '".join(CONF.ignore_dbs) + ignored_database_names = "'%s'" % "', '".join(cfg.get_ignored_dbs()) LOG.debug("The following database names are on ignore list and will " "be omitted from the listing: %s" % ignored_database_names) databases = [] diff --git a/trove/guestagent/db/models.py b/trove/guestagent/db/models.py index 1d02c63c98..840411ec5b 100644 --- a/trove/guestagent/db/models.py +++ b/trove/guestagent/db/models.py @@ -159,7 +159,7 @@ class MongoDBSchema(DatastoreSchema): class MySQLDatabase(Base): """Represents a Database and its properties.""" - _ignore_dbs = CONF.ignore_dbs + _ignore_dbs = cfg.get_ignored_dbs() # Defaults __charset__ = "utf8" @@ -748,7 +748,7 @@ class MySQLUser(Base): """Represents a MySQL User and its associated properties.""" not_supported_chars = re.compile("^\s|\s$|'|\"|;|`|,|/|\\\\") - _ignore_users = CONF.ignore_users + _ignore_users = cfg.get_ignored_users() def __init__(self): self._name = None diff --git a/trove/tests/unittests/guestagent/test_dbaas.py b/trove/tests/unittests/guestagent/test_dbaas.py index 0426e244d3..bc7dcf4a8f 100644 --- a/trove/tests/unittests/guestagent/test_dbaas.py +++ b/trove/tests/unittests/guestagent/test_dbaas.py @@ -534,7 +534,8 @@ class MySqlAdminTest(testtools.TestCase): "default_character_set_name as charset,", "default_collation_name as collation", "FROM information_schema.schemata", - ("schema_name NOT IN ('" + "', '".join(CONF.ignore_dbs) + + ("schema_name NOT IN ('" + + "', '".join(cfg.get_ignored_dbs()) + "')"), "ORDER BY schema_name ASC", ] @@ -550,8 +551,8 @@ class MySqlAdminTest(testtools.TestCase): "default_character_set_name as charset,", "default_collation_name as collation", "FROM information_schema.schemata", - ("schema_name NOT IN ('" + "', '".join(CONF.ignore_dbs) + - "')"), + ("schema_name NOT IN ('" + + "', '".join(cfg.get_ignored_dbs()) + "')"), "ORDER BY schema_name ASC", ] for text in expected: @@ -567,8 +568,8 @@ class MySqlAdminTest(testtools.TestCase): "default_character_set_name as charset,", "default_collation_name as collation", "FROM information_schema.schemata", - ("schema_name NOT IN ('" + "', '".join(CONF.ignore_dbs) + - "')"), + ("schema_name NOT IN ('" + + "', '".join(cfg.get_ignored_dbs()) + "')"), "ORDER BY schema_name ASC", ] @@ -587,8 +588,8 @@ class MySqlAdminTest(testtools.TestCase): "default_character_set_name as charset,", "default_collation_name as collation", "FROM information_schema.schemata", - ("schema_name NOT IN ('" + "', '".join(CONF.ignore_dbs) + - "')"), + ("schema_name NOT IN ('" + + "', '".join(cfg.get_ignored_dbs()) + "')"), "ORDER BY schema_name ASC", ] for text in expected: