From 95b62b9491c7825d2ce51f8844470a7e521630d4 Mon Sep 17 00:00:00 2001 From: Miguel Angel Ajo Date: Mon, 18 Aug 2014 12:50:58 +0200 Subject: [PATCH] Fix IpNetnsCommand to execute without root_wrapper when no netns IpNetnsCommand accept execution with a network namespace, and that requires root privileges and a root_wrapper. IpNetnsCommand does accept no namespace too, in that case, the root_wrapper doesn't have to be present necessarily, unless the command we're executing requires root privileges itself. This patch fixes the check condition on IpNetnsCommand execute method. Change-Id: I5ab2f3f1daf4a5a080611dbcd3dbd43292f6766a Closes-Bug: #1358196 --- neutron/agent/linux/ip_lib.py | 4 ++-- neutron/tests/unit/test_linux_ip_lib.py | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/neutron/agent/linux/ip_lib.py b/neutron/agent/linux/ip_lib.py index afc27f788e..c7808871ab 100644 --- a/neutron/agent/linux/ip_lib.py +++ b/neutron/agent/linux/ip_lib.py @@ -524,10 +524,10 @@ class IpNetnsCommand(IpCommandBase): self._as_root('delete', name, use_root_namespace=True) def execute(self, cmds, addl_env={}, check_exit_code=True): - if not self._parent.root_helper: - raise exceptions.SudoRequired() ns_params = [] if self._parent.namespace: + if not self._parent.root_helper: + raise exceptions.SudoRequired() ns_params = ['ip', 'netns', 'exec', self._parent.namespace] env_params = [] diff --git a/neutron/tests/unit/test_linux_ip_lib.py b/neutron/tests/unit/test_linux_ip_lib.py index 08dc98fb63..874dfbaeec 100644 --- a/neutron/tests/unit/test_linux_ip_lib.py +++ b/neutron/tests/unit/test_linux_ip_lib.py @@ -826,6 +826,15 @@ class TestIpNetnsCommand(TestIPCmdBase): 'ip', 'link', 'list'], root_helper='sudo', check_exit_code=True) + def test_execute_nosudo_with_no_namespace(self): + with mock.patch('neutron.agent.linux.utils.execute') as execute: + self.parent.namespace = None + self.parent.root_helper = None + self.netns_cmd.execute(['test']) + execute.assert_called_once_with(['test'], + root_helper=None, + check_exit_code=True) + class TestDeviceExists(base.BaseTestCase): def test_device_exists(self):