ia64/xen-unstable

view tools/security/python/xensec_tools/acm_getlabel @ 9835:cf20dbbf5c2b

This patch adds new python access control management scripts, which
integrate into Xen Management and which support the new access control
labels (labels replace the ssidref numbers at the management user
interface).

Signed-off by: Reiner Sailer <sailer@us.ibm.com>
author smh22@firebug.cl.cam.ac.uk
date Mon Apr 24 10:58:25 2006 +0100 (2006-04-24)
parents
children 0e24e9674ded
line source
1 #!/usr/bin/env python
2 # -*- mode: python; -*-
3 import sys
4 import traceback
5 import getopt
7 # add fallback path for non-native python path installs if needed
8 sys.path.insert(-1, '/usr/lib/python')
9 sys.path.insert(-1, '/usr/lib64/python')
11 from xen.util.security import ACMError, err, get_ssid
13 # getopt.gnu_getopt is better, but only exists in Python 2.3+. Use
14 # getopt.getopt if gnu_getopt is not available. This will mean that options
15 # may only be specified before positional arguments.
16 if not hasattr(getopt, 'gnu_getopt'):
17 getopt.gnu_getopt = getopt.getopt
19 def usage():
20 print "Usage: acm_getlabel -i domainid"
21 print " Test program illustrating the retrieval of"
22 print " label information (for domains) from Xen."
23 print " Argument is one paramter describing the domain"
24 print " for which the label is retrieved."
25 print "\t -i domain_id or --domid=domain_id"
26 print " Return value:"
27 print "\t none -- Error (e.g., unknown ssidref, label, or domain id)"
28 print "\t (labelname, policyname, ssidref)"
29 err("Usage")
31 try:
32 domid = None
33 (options, params) = getopt.gnu_getopt(sys.argv[1:], ':i:', ['domid='])
34 for (k, v) in options:
35 if k in ['-i', '--domid']:
36 if not domid:
37 domid = v
38 else:
39 usage()
40 if not domid:
41 usage()
43 print get_ssid(domid)
45 except ACMError:
46 pass
47 except:
48 traceback.print_exc(limit=1)