ia64/xen-unstable

view tools/python/xen/util/diagnose.py @ 10720:8922c1fbe684

[XM][ACM] Add xm subcommands to work with security resource labels.

This patch adds new xm subcommands to support working with resource
labels. The new subcommands are 'xm resources', 'xm rmlabel', 'xm
getlabel' and 'xm dry-run'. In addition, the 'xm addlabel' subcommand
now uses an updated syntax to support labeling both domains and
resources. See the xm man page for details on each subcommand.

Beyond the new subcommands, this patch allows users to immediately see
when security checks will fail by pushing some basic security checking
into the beginning of 'xm create' and 'xm block-attach'. ACM security
attributes for block devices are added to XenStore in order to support
the final security enforcement, which will be performed in the kernel
and included in a separate patch.

Signed-off-by: Bryan D. Payne <bdpayne@us.ibm.com>
Signed-off-by: Reiner Sailer <sailer@us.ibm.com>
author kfraser@localhost.localdomain
date Mon Jul 10 17:18:07 2006 +0100 (2006-07-10)
parents dbf7032f1fc6
children 5c48ab6b1977
line source
1 # This library is free software; you can redistribute it and/or
2 # modify it under the terms of version 2.1 of the GNU Lesser General Public
3 # License as published by the Free Software Foundation.
4 #
5 # This library is distributed in the hope that it will be useful,
6 # but WITHOUT ANY WARRANTY; without even the implied warranty of
7 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
8 # Lesser General Public License for more details.
9 #
10 # You should have received a copy of the GNU Lesser General Public
11 # License along with this library; if not, write to the Free Software
12 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
13 #
14 # Copyright (c) 2005-2006 XenSource Inc
17 import re
18 import socket
19 import sys
21 from xen.xend import sxp
23 from xen.xend.XendClient import server
24 from xen.xend.XendError import XendError
25 from xen.xend.xenstore.xstransact import xstransact
26 from xen.xend.server import DevController
28 import xen.xend.XendProtocol
31 domain = None
32 domid = None
33 deviceClass = None
34 device = None
35 frontendPath = None
36 backendPath = None
39 def diagnose(dom):
40 global domain
41 global domid
42 global dompath
44 try:
45 domain = server.xend.domain(dom)
46 state = sxp.child_value(domain, 'state')
47 domid = int(sxp.child_value(domain, 'domid'))
48 name = sxp.child_value(domain, 'name')
50 print "Domain ID is %d." % domid
51 print "Domain name is %s." % name
53 if not state:
54 raise XendError("Cannot find state")
56 if state.find('c') != -1:
57 print "Domain has crashed."
58 except socket.error, exn:
59 print "Cannot contact Xend."
61 try:
62 domid = int(dom)
63 name = dom
64 except ValueError:
65 print \
66 "Without Xend, you will have to specify the domain ID, not the domain name."
67 sys.exit(1)
68 except xen.xend.XendProtocol.XendError, exn:
69 print exn
70 sys.exit(1)
72 dompath = '/local/domain/%d' % domid
73 diagnose_console()
74 diagnose_devices()
77 def diagnose_console():
78 port = xstransact.Read(dompath + '/console/port')
79 ringref = xstransact.Read(dompath + '/console/ring-ref')
80 tty = xstransact.Read(dompath + '/console/tty')
82 if not port:
83 print "Console port is missing; Xend has failed."
84 if not ringref:
85 print "Console ring-ref is missing; Xend has failed."
86 if not tty:
87 print "Console tty is missing; Xenconsoled has failed."
90 def diagnose_devices():
91 global deviceClass
92 global device
93 global frontendPath
94 global backendPath
96 device_path = dompath + '/device'
98 device_classes = xstransact.List(device_path)
100 print "Found %d device classes in use." % len(device_classes)
102 for dc in device_classes:
103 deviceClass = dc
104 device_class_path = device_path + '/' + deviceClass
106 devices = xstransact.List(device_class_path)
108 print "Found %d %s devices." % (len(devices), deviceClass)
110 for d in devices:
111 device = d
113 print "Found device %s, %s." % (deviceClass, device)
115 frontendPath = device_class_path + '/' + device
116 backendPath = xstransact.Read(frontendPath, 'backend')
118 if not backendPath:
119 print ("Cannot find backend path for device %s, %s." %
120 (deviceClass, device))
121 else:
122 frontend_state = xstransact.Read(frontendPath, 'state')
123 backend_state = xstransact.Read(backendPath, 'state')
125 print "Backend is in state %s." % stateString(backend_state)
126 print "Frontend is in state %s." % stateString(frontend_state)
128 check_for_error(True)
129 check_for_error(False)
131 diagnose_hotplugging()
134 def check_for_error(backend):
135 if backend:
136 path = backendPath.replace('backend/', 'error/backend/')
137 else:
138 path = frontendPath.replace('device/', 'error/device/')
140 err = xstransact.Read(path, 'error')
142 if err:
143 print ("%s for device %s, %s shows error %s." %
144 (backend and 'Backend' or 'Frontend', deviceClass, device,
145 err))
148 def diagnose_hotplugging():
149 if deviceClass == 'vbd':
150 phy = xstransact.Read(backendPath, 'physical-device')
152 if phy:
153 print ('Device %s, %s hotplugging has completed successfully, '
154 'and is connected to physical device %s.' %
155 (deviceClass, device, phy))
156 else:
157 print ('Device %s, %s hotplugging failed.' %
158 (deviceClass, device))
159 elif deviceClass == 'vif':
160 handle = xstransact.Read(backendPath, 'handle')
162 if handle:
163 print ('Device %s, %s hotplugging has completed successfully, '
164 'and is using handle %s.' %
165 (deviceClass, device, handle))
166 else:
167 print ('Device %s, %s hotplugging failed.' %
168 (deviceClass, device))
171 def stateString(state):
172 return state and DevController.xenbusState[int(state)] or '<None>'
175 def main(argv = None):
176 if argv is None:
177 argv = sys.argv
179 diagnose(argv[1])
181 return 0
184 if __name__ == "__main__":
185 sys.exit(main())