ia64/xen-unstable

changeset 16260:752d6e94a4c0

xend, acm: Trigger a script when a resource's label changes

This patch triggers a script when a resource's label changes. The xend
config file should provide a variable 'resource-label-change-script'
that can then be launched.

Signed-off-by; Stefan Berger <stefanb@us.ibm.com>
author Keir Fraser <keir@xensource.com>
date Mon Oct 29 08:46:34 2007 +0000 (2007-10-29)
parents 0fa1643c48ff
children 03b006b02995
files tools/examples/xend-config.sxp tools/python/xen/util/xsm/acm/acm.py tools/python/xen/xend/XendOptions.py
line diff
     1.1 --- a/tools/examples/xend-config.sxp	Mon Oct 29 08:45:58 2007 +0000
     1.2 +++ b/tools/examples/xend-config.sxp	Mon Oct 29 08:46:34 2007 +0000
     1.3 @@ -196,4 +196,5 @@
     1.4  # when not specififed in VM's configuration
     1.5  #(keymap 'en-us')
     1.6  
     1.7 -
     1.8 +# Script to run when the label of a resource has changed.
     1.9 +#(resource-label-change-script '')
     2.1 --- a/tools/python/xen/util/xsm/acm/acm.py	Mon Oct 29 08:45:58 2007 +0000
     2.2 +++ b/tools/python/xen/util/xsm/acm/acm.py	Mon Oct 29 08:46:34 2007 +0000
     2.3 @@ -27,6 +27,7 @@ import stat
     2.4  from xen.lowlevel import acm
     2.5  from xen.xend import sxp
     2.6  from xen.xend import XendConstants
     2.7 +from xen.xend import XendOptions
     2.8  from xen.xend.XendLogging import log
     2.9  from xen.xend.XendError import VmError
    2.10  from xen.util import dictio, xsconstants
    2.11 @@ -1081,9 +1082,14 @@ def set_resource_label(resource, policyt
    2.12          if reslabel != "":
    2.13              new_entry = { resource : tuple([policytype, policyref, reslabel])}
    2.14              access_control.update(new_entry)
    2.15 +            command = "add"
    2.16 +            reslbl = ":".join([policytype, policyref, reslabel])
    2.17          else:
    2.18              if access_control.has_key(resource):
    2.19                  del access_control[resource]
    2.20 +            command = "remove"
    2.21 +            reslbl = ""
    2.22 +        run_resource_label_change_script(resource, reslbl, command)
    2.23          dictio.dict_write(access_control, "resources", res_label_filename)
    2.24      finally:
    2.25          resfile_unlock()
    2.26 @@ -1273,6 +1279,7 @@ def change_acm_policy(bin_pol, del_array
    2.27                  label = reslabel_map[label]
    2.28              elif label not in polnew_reslabels:
    2.29                  policytype = xsconstants.INVALID_POLICY_PREFIX + policytype
    2.30 +                run_resource_label_change_script(key, "", "remove")
    2.31              # Update entry
    2.32              access_control[key] = \
    2.33                     tuple([ policytype, new_policyname, label ])
    2.34 @@ -1383,3 +1390,18 @@ def get_security_label(self, xspol=None)
    2.35      if domid != 0:
    2.36          label = self.info.get('security_label', label)
    2.37      return label
    2.38 +
    2.39 +def run_resource_label_change_script(resource, label, command):
    2.40 +    script = XendOptions.instance().get_resource_label_change_script()
    2.41 +    if script:
    2.42 +        parms = {
    2.43 +            'resource' : resource,
    2.44 +            'label'    : label,
    2.45 +            'command'  : command,
    2.46 +        }
    2.47 +        log.info("Running resource label change script %s: %s" %
    2.48 +                 (script, parms))
    2.49 +        parms.update(os.environ)
    2.50 +        os.spawnve(os.P_NOWAIT, script[0], script, parms)
    2.51 +    else:
    2.52 +        log.info("No script given for relabeling of resources.")
     3.1 --- a/tools/python/xen/xend/XendOptions.py	Mon Oct 29 08:45:58 2007 +0000
     3.2 +++ b/tools/python/xen/xend/XendOptions.py	Mon Oct 29 08:46:34 2007 +0000
     3.3 @@ -278,6 +278,16 @@ class XendOptions:
     3.4      def get_keymap(self):
     3.5          return self.get_config_value('keymap', None)
     3.6  
     3.7 +    def get_resource_label_change_script(self):
     3.8 +        s = self.get_config_value('resource-label-change-script')
     3.9 +        if s:
    3.10 +            result = s.split(" ")
    3.11 +            result[0] = os.path.join(osdep.scripts_dir, result[0])
    3.12 +            return result
    3.13 +        else:
    3.14 +            return None
    3.15 +
    3.16 +
    3.17  class XendOptionsFile(XendOptions):
    3.18  
    3.19      """Default path to the config file."""