direct-io.hg

changeset 11441:956e9aaf88c9

This patch fixes return codes for the acm-related Xen management scripts
(error conditions) and addresses minor issues that 'pycheck' complains
about. It is tested with xm-test and by manually running the xm
commands. It also handles the return case (reported by Masaki Kanno)
that was missed in the originally patch.

Signed-off by: Reiner Sailer <sailer@us.ibm.com>
author Steven Hand <steven@xensource.com>
date Tue Sep 12 11:09:22 2006 +0100 (2006-09-12)
parents bfd00b317815
children 7d4def53936c
files tools/python/xen/xm/addlabel.py tools/python/xen/xm/cfgbootpolicy.py tools/python/xen/xm/create.py tools/python/xen/xm/dry-run.py tools/python/xen/xm/dumppolicy.py tools/python/xen/xm/getlabel.py tools/python/xen/xm/labels.py tools/python/xen/xm/loadpolicy.py tools/python/xen/xm/makepolicy.py tools/python/xen/xm/resources.py tools/python/xen/xm/rmlabel.py
line diff
     1.1 --- a/tools/python/xen/xm/addlabel.py	Mon Sep 11 01:55:03 2006 +0100
     1.2 +++ b/tools/python/xen/xm/addlabel.py	Tue Sep 12 11:09:22 2006 +0100
     1.3 @@ -20,8 +20,6 @@
     1.4  """Labeling a domain configuration file or a resoruce.
     1.5  """
     1.6  import sys, os
     1.7 -import string
     1.8 -import traceback
     1.9  from xen.util import dictio
    1.10  from xen.util import security
    1.11  
    1.12 @@ -33,6 +31,7 @@ def usage():
    1.13      print "  resource. It derives the policy from the running hypervisor"
    1.14      print "  if it is not given (optional parameter). If a label already"
    1.15      print "  exists for the given domain or resource, then addlabel fails.\n"
    1.16 +    security.err("Usage")
    1.17  
    1.18  
    1.19  def validate_config_file(configfile):
    1.20 @@ -134,7 +133,6 @@ def main (argv):
    1.21                  for prefix in [".", "/etc/xen"]:
    1.22                      configfile = prefix + "/" + configfile
    1.23                      if os.path.isfile(configfile):
    1.24 -                        fd = open(configfile, "rb")
    1.25                          break
    1.26              if not validate_config_file(configfile):
    1.27                  usage()
    1.28 @@ -147,7 +145,7 @@ def main (argv):
    1.29              usage()
    1.30  
    1.31      except security.ACMError:
    1.32 -        traceback.print_exc(limit=1)
    1.33 +        sys.exit(-1)
    1.34  
    1.35  
    1.36  if __name__ == '__main__':
     2.1 --- a/tools/python/xen/xm/cfgbootpolicy.py	Mon Sep 11 01:55:03 2006 +0100
     2.2 +++ b/tools/python/xen/xm/cfgbootpolicy.py	Tue Sep 12 11:09:22 2006 +0100
     2.3 @@ -70,7 +70,7 @@ def determine_kernelversion(user_specifi
     2.4                  within_xen_title = 0
     2.5                  within_xen_entry = 0
     2.6      if len(version_list) > 1:
     2.7 -        err("Cannot decide between entries for kernels: " + version_list)
     2.8 +        err("Cannot decide between entries for kernels %s" % version_list)
     2.9      elif len(version_list) == 0:
    2.10          err("Cannot find a boot entry candidate (please create a Xen boot entry first).")
    2.11      else:
    2.12 @@ -87,7 +87,6 @@ def insert_policy(boot_file, kernel_vers
    2.13      within_xen_entry = 0
    2.14      insert_at_end_of_entry = 0
    2.15      path_prefix = ''
    2.16 -    done = False
    2.17      (tmp_fd, tmp_grub) = tempfile.mkstemp()
    2.18      #follow symlink since menue.lst might be linked to grub.conf
    2.19      if stat.S_ISLNK(os.lstat(boot_file)[stat.ST_MODE]):
    2.20 @@ -175,9 +174,10 @@ def main(argv):
    2.21          print "Boot entry created and \'%s\' copied to /boot" % (policy + ".bin")
    2.22  
    2.23      except ACMError:
    2.24 -        pass
    2.25 +        sys.exit(-1)
    2.26      except:
    2.27          traceback.print_exc(limit=1)
    2.28 +        sys.exit(-1)
    2.29  
    2.30  
    2.31  
     3.1 --- a/tools/python/xen/xm/create.py	Mon Sep 11 01:55:03 2006 +0100
     3.2 +++ b/tools/python/xen/xm/create.py	Tue Sep 12 11:09:22 2006 +0100
     3.3 @@ -1155,7 +1155,7 @@ def create_security_check(config):
     3.4          else:
     3.5              print "Checking resources: (skipped)"
     3.6      except security.ACMError:
     3.7 -        traceback.print_exc(limit=1)
     3.8 +        sys.exit(-1)
     3.9  
    3.10      return passed
    3.11  
    3.12 @@ -1176,7 +1176,7 @@ def main(argv):
    3.13          PrettyPrint.prettyprint(config)
    3.14      else:
    3.15          if not create_security_check(config):
    3.16 -            print "Security configuration prevents domain from starting"
    3.17 +            err("Security configuration prevents domain from starting.")
    3.18          else:
    3.19              dom = make_domain(opts, config)
    3.20              if opts.vals.console_autoconnect:
     4.1 --- a/tools/python/xen/xm/dry-run.py	Mon Sep 11 01:55:03 2006 +0100
     4.2 +++ b/tools/python/xen/xm/dry-run.py	Tue Sep 12 11:09:22 2006 +0100
     4.3 @@ -18,6 +18,7 @@
     4.4  
     4.5  """Tests the security settings for a domain and its resources.
     4.6  """
     4.7 +import sys
     4.8  from xen.util import security
     4.9  from xen.xm import create
    4.10  from xen.xend import sxp
    4.11 @@ -28,14 +29,14 @@ def usage():
    4.12      print "to see if the domain created by the configfile can access"
    4.13      print "the resources.  The status of each resource is listed"
    4.14      print "individually along with the final security decision.\n"
    4.15 +    security.err("Usage")
    4.16  
    4.17  
    4.18  def main (argv):
    4.19 -    if len(argv) != 2:
    4.20 -        usage()
    4.21 -        return
    4.22 +    try:
    4.23 +        if len(argv) != 2:
    4.24 +            usage()
    4.25  
    4.26 -    try:
    4.27          passed = 0
    4.28          (opts, config) = create.parseCommandLine(argv)
    4.29          if create.check_domain_label(config, verbose=1):
    4.30 @@ -48,8 +49,10 @@ def main (argv):
    4.31              print "Dry Run: PASSED"
    4.32          else:
    4.33              print "Dry Run: FAILED"
    4.34 +            sys.exit(-1)
    4.35 +
    4.36      except security.ACMError:
    4.37 -        pass
    4.38 +        sys.exit(-1)
    4.39  
    4.40  
    4.41  if __name__ == '__main__':
     5.1 --- a/tools/python/xen/xm/dumppolicy.py	Mon Sep 11 01:55:03 2006 +0100
     5.2 +++ b/tools/python/xen/xm/dumppolicy.py	Tue Sep 12 11:09:22 2006 +0100
     5.3 @@ -18,7 +18,6 @@
     5.4  """Display currently enforced policy (low-level hypervisor representation).
     5.5  """
     5.6  import sys
     5.7 -import traceback
     5.8  from xen.util.security import ACMError, err, dump_policy
     5.9  
    5.10  
    5.11 @@ -31,12 +30,13 @@ def usage():
    5.12  
    5.13  def main(argv):
    5.14      try:
    5.15 +        if len(argv) != 1:
    5.16 +            usage()
    5.17 +
    5.18          dump_policy()
    5.19  
    5.20      except ACMError:
    5.21 -        pass
    5.22 -    except:
    5.23 -        traceback.print_exc(limit=1)
    5.24 +        sys.exit(-1)
    5.25  
    5.26  
    5.27  if __name__ == '__main__':
     6.1 --- a/tools/python/xen/xm/getlabel.py	Mon Sep 11 01:55:03 2006 +0100
     6.2 +++ b/tools/python/xen/xm/getlabel.py	Tue Sep 12 11:09:22 2006 +0100
     6.3 @@ -19,8 +19,6 @@
     6.4  """Show the label for a domain or resoruce.
     6.5  """
     6.6  import sys, os, re
     6.7 -import string
     6.8 -import traceback
     6.9  from xen.util import dictio
    6.10  from xen.util import security
    6.11  
    6.12 @@ -28,6 +26,7 @@ def usage():
    6.13      print "\nUsage: xm getlabel dom <configfile>"
    6.14      print "       xm getlabel res <resource>\n"
    6.15      print "  This program shows the label for a domain or resource.\n"
    6.16 +    security.err("Usage")
    6.17  
    6.18  
    6.19  def get_resource_label(resource):
    6.20 @@ -38,8 +37,7 @@ def get_resource_label(resource):
    6.21      try:
    6.22          access_control = dictio.dict_read("resources", file)
    6.23      except:
    6.24 -        print "Resource label file not found"
    6.25 -        return
    6.26 +        security.err("Resource label file not found")
    6.27  
    6.28      # get the entry and print label
    6.29      if access_control.has_key(resource):
    6.30 @@ -47,7 +45,7 @@ def get_resource_label(resource):
    6.31          label = access_control[resource][1]
    6.32          print "policy="+policy+",label="+label
    6.33      else:
    6.34 -        print "Resource not labeled"
    6.35 +        security.err("Resource not labeled")
    6.36  
    6.37  
    6.38  def get_domain_label(configfile):
    6.39 @@ -63,8 +61,7 @@ def get_domain_label(configfile):
    6.40                  fd = open(file, "rb")
    6.41                  break
    6.42      if not fd:
    6.43 -        print "Configuration file '"+configfile+"' not found."
    6.44 -        return
    6.45 +        security.err("Configuration file '"+configfile+"' not found.")
    6.46  
    6.47      # read in the domain config file, finding the label line
    6.48      ac_entry_re = re.compile("^access_control\s*=.*", re.IGNORECASE)
    6.49 @@ -82,8 +79,7 @@ def get_domain_label(configfile):
    6.50  
    6.51      # send error message if we didn't find anything
    6.52      if acline == "":
    6.53 -        print "Label does not exist in domain configuration file."
    6.54 -        return
    6.55 +        security.err("Domain not labeled")
    6.56  
    6.57      # print out the label
    6.58      (title, data) = acline.split("=", 1)
    6.59 @@ -94,19 +90,21 @@ def get_domain_label(configfile):
    6.60  
    6.61  
    6.62  def main (argv):
    6.63 -    if len(argv) != 3:
    6.64 -        usage()
    6.65 -        return
    6.66 +    try:
    6.67 +        if len(argv) != 3:
    6.68 +            usage()
    6.69  
    6.70 -    if argv[1].lower() == "dom":
    6.71 -        configfile = argv[2]
    6.72 -        get_domain_label(configfile)
    6.73 -    elif argv[1].lower() == "res":
    6.74 -        resource = argv[2]
    6.75 -        get_resource_label(resource)
    6.76 -    else:
    6.77 -        usage()
    6.78 +        if argv[1].lower() == "dom":
    6.79 +            configfile = argv[2]
    6.80 +            get_domain_label(configfile)
    6.81 +        elif argv[1].lower() == "res":
    6.82 +            resource = argv[2]
    6.83 +            get_resource_label(resource)
    6.84 +        else:
    6.85 +            usage()
    6.86  
    6.87 +    except security.ACMError:
    6.88 +        sys.exit(-1)
    6.89  
    6.90  if __name__ == '__main__':
    6.91      main(sys.argv)
     7.1 --- a/tools/python/xen/xm/labels.py	Mon Sep 11 01:55:03 2006 +0100
     7.2 +++ b/tools/python/xen/xm/labels.py	Tue Sep 12 11:09:22 2006 +0100
     7.3 @@ -70,10 +70,12 @@ def main(argv):
     7.4          labels.sort()
     7.5          for label in labels:
     7.6              print label
     7.7 +
     7.8      except ACMError:
     7.9 -        pass
    7.10 +        sys.exit(-1)
    7.11      except:
    7.12          traceback.print_exc(limit=1)
    7.13 +        sys.exit(-1)
    7.14  
    7.15  
    7.16  if __name__ == '__main__':
     8.1 --- a/tools/python/xen/xm/loadpolicy.py	Mon Sep 11 01:55:03 2006 +0100
     8.2 +++ b/tools/python/xen/xm/loadpolicy.py	Tue Sep 12 11:09:22 2006 +0100
     8.3 @@ -34,11 +34,12 @@ def main(argv):
     8.4          if len(argv) != 2:
     8.5              usage()
     8.6          load_policy(argv[1])
     8.7 +
     8.8      except ACMError:
     8.9 -        pass
    8.10 +        sys.exit(-1)
    8.11      except:
    8.12          traceback.print_exc(limit=1)
    8.13 -
    8.14 +        sys.exit(-1)
    8.15  
    8.16  
    8.17  if __name__ == '__main__':
     9.1 --- a/tools/python/xen/xm/makepolicy.py	Mon Sep 11 01:55:03 2006 +0100
     9.2 +++ b/tools/python/xen/xm/makepolicy.py	Tue Sep 12 11:09:22 2006 +0100
     9.3 @@ -37,9 +37,10 @@ def main(argv):
     9.4          make_policy(argv[1])
     9.5  
     9.6      except ACMError:
     9.7 -        pass
     9.8 +        sys.exit(-1)
     9.9      except:
    9.10          traceback.print_exc(limit=1)
    9.11 +        sys.exit(-1)
    9.12  
    9.13  
    9.14  
    10.1 --- a/tools/python/xen/xm/resources.py	Mon Sep 11 01:55:03 2006 +0100
    10.2 +++ b/tools/python/xen/xm/resources.py	Tue Sep 12 11:09:22 2006 +0100
    10.3 @@ -18,8 +18,7 @@
    10.4  
    10.5  """List the resource label information from the global resource label file
    10.6  """
    10.7 -import sys, os
    10.8 -import string
    10.9 +import sys
   10.10  from xen.util import dictio
   10.11  from xen.util import security
   10.12  
   10.13 @@ -27,6 +26,7 @@ def usage():
   10.14      print "\nUsage: xm resource\n"
   10.15      print "  This program lists information for each resource in the"
   10.16      print "  global resource label file\n"
   10.17 +    security.err("Usage")
   10.18  
   10.19  
   10.20  def print_resource_data(access_control):
   10.21 @@ -41,14 +41,19 @@ def print_resource_data(access_control):
   10.22  
   10.23  def main (argv):
   10.24      try:
   10.25 -        file = security.res_label_filename
   10.26 -        access_control = dictio.dict_read("resources", file)
   10.27 -    except:
   10.28 -        print "Resource file not found."
   10.29 -        return
   10.30 +        if len(argv) != 1:
   10.31 +            usage()
   10.32  
   10.33 -    print_resource_data(access_control)
   10.34 +        try:
   10.35 +            file = security.res_label_filename
   10.36 +            access_control = dictio.dict_read("resources", file)
   10.37 +        except:
   10.38 +            security.err("Error reading resource file.")
   10.39  
   10.40 +        print_resource_data(access_control)
   10.41 +
   10.42 +    except security.ACMError:
   10.43 +        sys.exit(-1)
   10.44  
   10.45  if __name__ == '__main__':
   10.46      main(sys.argv)
    11.1 --- a/tools/python/xen/xm/rmlabel.py	Mon Sep 11 01:55:03 2006 +0100
    11.2 +++ b/tools/python/xen/xm/rmlabel.py	Tue Sep 12 11:09:22 2006 +0100
    11.3 @@ -19,8 +19,6 @@
    11.4  """Remove a label from a domain configuration file or a resoruce.
    11.5  """
    11.6  import sys, os, re
    11.7 -import string
    11.8 -import traceback
    11.9  from xen.util import dictio
   11.10  from xen.util import security
   11.11  
   11.12 @@ -31,6 +29,7 @@ def usage():
   11.13      print "  for a domain or from the global resource label file for a"
   11.14      print "  resource. If the label does not exist for the given domain or"
   11.15      print "  resource, then rmlabel fails.\n"
   11.16 +    security.err("Usage")
   11.17  
   11.18  
   11.19  def rm_resource_label(resource):
   11.20 @@ -48,7 +47,7 @@ def rm_resource_label(resource):
   11.21          del access_control[resource]
   11.22          dictio.dict_write(access_control, "resources", file)
   11.23      else:
   11.24 -        security.err("Label does not exist in resource label file.")
   11.25 +        security.err("Resource not labeled.")
   11.26  
   11.27  
   11.28  def rm_domain_label(configfile):
   11.29 @@ -85,7 +84,7 @@ def rm_domain_label(configfile):
   11.30  
   11.31      # send error message if we didn't find anything to remove
   11.32      if not removed:
   11.33 -        security.err("Label does not exist in domain configuration file.")
   11.34 +        security.err("Domain not labeled.")
   11.35  
   11.36      # write the data back out to the file
   11.37      fd = open(file, "wb")
   11.38 @@ -97,7 +96,6 @@ def main (argv):
   11.39      try:
   11.40          if len(argv) != 3:
   11.41              usage()
   11.42 -            return
   11.43  
   11.44          if argv[1].lower() == "dom":
   11.45              configfile = argv[2]
   11.46 @@ -109,7 +107,7 @@ def main (argv):
   11.47              usage()
   11.48  
   11.49      except security.ACMError:
   11.50 -        traceback.print_exc(limit=1)
   11.51 +        sys.exit(-1)
   11.52  
   11.53  
   11.54  if __name__ == '__main__':