diff --git a/devstack/components/nova.py b/devstack/components/nova.py index 744da673..1ccd748e 100644 --- a/devstack/components/nova.py +++ b/devstack/components/nova.py @@ -199,9 +199,9 @@ class NovaUninstaller(comp.PythonUninstallComponent): sh.execute(*cmd, run_as_root=True) def _clear_libvirt_domains(self): - inst_prefix = self.cfg.get('nova', 'instance_name_prefix') virt_driver = self.cfg.get('nova', 'virt_driver') if virt_driver == virsh.VIRT_TYPE: + inst_prefix = self.cfg.get('nova', 'instance_name_prefix') libvirt_type = virsh.default(self.cfg.get('nova', 'libvirt_type')) virsh.clear_libvirt_domains(libvirt_type, inst_prefix) diff --git a/devstack/env.py b/devstack/env.py index 05860ba9..6cc3a7e1 100644 --- a/devstack/env.py +++ b/devstack/env.py @@ -18,16 +18,9 @@ import os from devstack import log as logging -TRUE_VALUES = ['yes', 'true', 't', '1', 'on'] LOG = logging.getLogger("devstack.environment") -def _str2bool(value_str): - if value_str.lower().strip() in TRUE_VALUES: - return True - return False - - def get(): return dict(os.environ) @@ -36,6 +29,7 @@ def set(k, v): #this is really screwy, python is really odd in this area #from http://docs.python.org/library/os.html if k is not None: + LOG.debug("Setting environment key [%s] to value [%s]" % (k, v)) os.environ[str(k)] = str(v) @@ -49,9 +43,3 @@ def get_key(key, default_value=None): LOG.debug("Found \"%s\" in environment variable \"%s\"" % (value, key)) return value - -def get_bool(key, default_value=False): - value = get_key(key, None) - if value is None: - return default_value - return _str2bool(value) diff --git a/devstack/libvirt.py b/devstack/libvirt.py index 7a764ed9..88640148 100644 --- a/devstack/libvirt.py +++ b/devstack/libvirt.py @@ -32,21 +32,18 @@ VIRT_TYPE = 'libvirt' VIRT_LIB = VIRT_TYPE DEFAULT_VIRT = 'qemu' -#how libvirt is restarted -LIBVIRT_RESTART_CMD = { - settings.RHEL6: ['service', 'libvirtd', 'restart'], - settings.FEDORA16: ['service', 'libvirtd', 'restart'], - #whyyyy?? - settings.UBUNTU11: ['service', 'libvirt-bin', 'restart'], +#distros name the libvirt service differently :-( +SV_NAME_MAP = { + settings.RHEL6: 'libvirtd', + settings.FEDORA16: 'libvirtd', + settings.UBUNTU11: 'libvirt-bin', } +#how libvirt is restarted +LIBVIRT_RESTART_CMD = ['service', '%SERVICE%', 'restart'] + #how we check its status -LIBVIRT_STATUS_CMD = { - settings.RHEL6: ['service', 'libvirtd', 'status'], - settings.FEDORA16: ['service', 'libvirtd', 'status'], - #whyyyy?? - settings.UBUNTU11: ['service', 'libvirt-bin', 'status'], -} +LIBVIRT_STATUS_CMD = ['service', '%SERVICE%', 'status'] #status is either dead or alive! _DEAD = 'DEAD' @@ -60,8 +57,16 @@ def _get_virt_lib(): def _status(distro): - cmd = LIBVIRT_STATUS_CMD[distro] - (sysout, _) = sh.execute(*cmd, run_as_root=False, check_exit_code=False) + cmds = list() + cmds.append({ + 'cmd': LIBVIRT_STATUS_CMD, + }) + mp = dict() + mp['SERVICE'] = SV_NAME_MAP[distro] + result = utils.execute_template(*cmds, + check_exit_code=False, + params=mp) + sysout = result[0][0] if sysout.find("running") != -1: return _ALIVE else: @@ -83,8 +88,15 @@ def _destroy_domain(conn, dom_name): def restart(distro): if _status(distro) != _ALIVE: - cmd = LIBVIRT_RESTART_CMD[distro] - sh.execute(*cmd, run_as_root=True) + cmds = list() + cmds.append({ + 'cmd': LIBVIRT_RESTART_CMD, + 'run_as_root': True, + }) + mp = dict() + mp['SERVICE'] = SV_NAME_MAP[distro] + utils.execute_template(*cmds, + params=mp) def default(virt_type): @@ -111,10 +123,10 @@ def virt_ok(virt_type, distro): def clear_libvirt_domains(virt_type, inst_prefix): libvirt = _get_virt_lib() - virt_protocol = LIBVIRT_PROTOCOL_MAP.get(virt_type) if not libvirt: - LOG.warn("Could not clear out libvirt domains, libvirt not installed for python.") + LOG.warn("Could not clear out libvirt domains, libvirt not available for python.") return + virt_protocol = LIBVIRT_PROTOCOL_MAP.get(virt_type) if not virt_protocol: LOG.warn("Could not clear out libvirt domains, no valid protocol for virt type %s." % (virt_type)) return diff --git a/devstack/progs/actions.py b/devstack/progs/actions.py index 12149627..201af16f 100644 --- a/devstack/progs/actions.py +++ b/devstack/progs/actions.py @@ -27,8 +27,6 @@ from devstack import utils from devstack.packaging import apt from devstack.packaging import yum -from devstack.components import keystone - from devstack.progs import common LOG = logging.getLogger("devstack.progs.actions") diff --git a/devstack/shell.py b/devstack/shell.py index 8d317887..499b953c 100644 --- a/devstack/shell.py +++ b/devstack/shell.py @@ -30,6 +30,9 @@ MKPW_CMD = ["openssl", 'rand', '-hex'] PASS_ASK_ENV = 'PASS_ASK' LOG = logging.getLogger("devstack.shell") ROOT_USER = "root" +ROOT_USER_UID = 0 +SUDO_UID = 'SUDO_UID' +SUDO_GID = 'SUDO_GID' #root context guard @@ -174,10 +177,10 @@ def joinpths(*paths): def _get_suids(): - uid = os.environ.get('SUDO_UID') + uid = env.get_key(SUDO_UID) if uid is not None: uid = int(uid) - gid = os.environ.get('SUDO_GID') + gid = env.get_key(SUDO_GID) if gid is not None: gid = int(gid) return (uid, gid) @@ -216,15 +219,17 @@ def chown_r(path, uid, gid, run_as_root=True): LOG.debug("Changing ownership of %s to %s:%s" % (joinpths(root, f), uid, gid)) -def password(prompt_=None, pw_len=8): - rd = "" - ask_for_pw = env.get_bool(PASS_ASK_ENV, True) - if ask_for_pw: - rd = prompt_password(prompt_) - if not rd: +def password(pw_prompt=None, pw_len=8): + pw = "" + ask_for_pw = env.get_key(PASS_ASK_ENV) + if ask_for_pw is not None: + ask_for_pw = ask_for_pw.lower().strip() + if ask_for_pw not in ['f', 'false', '0', 'off']: + pw = prompt_password(pw_prompt) + if not pw: return _gen_password(pw_len) else: - return rd + return pw def mkdirslist(path): @@ -474,24 +479,31 @@ def copy_replace_file(fsrc, fdst, map_): def got_root(): - return os.geteuid() == 0 + return os.geteuid() == ROOT_USER_UID -def root_mode(): +def root_mode(quiet=True): root_uid = getuid(ROOT_USER) root_gid = getgid(ROOT_USER) if root_uid is None or root_gid is None: - LOG.warn("Cannot escalate permissions to (user=%s) - does that user exist??" % (ROOT_USER)) + msg = "Cannot escalate permissions to (user=%s) - does that user exist??" % (ROOT_USER) + if quiet: + LOG.warn(msg) + else: + raise excp.StackException(msg) else: try: LOG.debug("Escalating permissions to (user=%s, group=%s)" % (root_uid, root_gid)) os.setreuid(0, root_uid) os.setregid(0, root_gid) except OSError: - LOG.warn("Cannot escalate permissions to (user=%s, group=%s)" % (root_uid, root_gid)) + if quiet: + LOG.warn("Cannot escalate permissions to (user=%s, group=%s)" % (root_uid, root_gid)) + else: + raise -def user_mode(): +def user_mode(quiet=True): (sudo_uid, sudo_gid) = _get_suids() if sudo_uid is not None and sudo_gid is not None: try: @@ -499,9 +511,16 @@ def user_mode(): os.setregid(0, sudo_gid) os.setreuid(0, sudo_uid) except OSError: - LOG.warn("Cannot drop permissions to (user=%s, group=%s)" % (sudo_uid, sudo_gid)) + if quiet: + LOG.warn("Cannot drop permissions to (user=%s, group=%s)" % (sudo_uid, sudo_gid)) + else: + raise else: - LOG.warn("Can not switch to user mode, no suid user id or group id") + msg = "Can not switch to user mode, no suid user id or group id" + if quiet: + LOG.warn(msg) + else: + raise excp.StackException(msg) def geteuid(): diff --git a/stack b/stack index 6b6f9f1e..46facc4b 100755 --- a/stack +++ b/stack @@ -53,7 +53,7 @@ def main(): return 1 #drop to usermode - sh.user_mode() + sh.user_mode(False) try: # now let's go started_ok = actions.run(args) diff --git a/utils/list-pkgs.py b/utils/list-pkgs.py index 750f0eda..c6a8bc66 100644 --- a/utils/list-pkgs.py +++ b/utils/list-pkgs.py @@ -5,6 +5,7 @@ import sys #useful for running like the following #find conf/ | grep ".json\$" | xargs python utils/list-pkgs.py "rhel-6" + def clean_file(name): with open(name, "r") as f: contents = f.read() @@ -101,4 +102,3 @@ if __name__ == "__main__": else: version = str(version) print("[%s] with version [%s]" % (name, version)) -