WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-unstable] XSM:FLASK support for domain management u

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] XSM:FLASK support for domain management under Xen-API
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 26 Sep 2007 03:41:13 -0700
Delivery-date: Wed, 26 Sep 2007 04:29:25 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir@xxxxxxxxxxxxx>
# Date 1190547907 -3600
# Node ID 40d88481cd3f4abc01053508b9c9290e5aa9662e
# Parent  5957d62f72901859327506629a8c7a78e7417c4f
XSM:FLASK support for domain management under Xen-API
Signed-off-by: George Coker <gscoker@xxxxxxxxxxxxxx>
---
 tools/python/xen/util/xsm/acm/acm.py     |   25 +++++++++++++++++++++++--
 tools/python/xen/util/xsm/dummy/dummy.py |    3 +++
 tools/python/xen/util/xsm/flask/flask.py |    4 ++++
 tools/python/xen/xend/XendDomainInfo.py  |   21 ++-------------------
 tools/python/xen/xm/xenapi_create.py     |    9 +++------
 5 files changed, 35 insertions(+), 27 deletions(-)

diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/util/xsm/acm/acm.py
--- a/tools/python/xen/util/xsm/acm/acm.py      Sun Sep 23 12:18:36 2007 +0100
+++ b/tools/python/xen/util/xsm/acm/acm.py      Sun Sep 23 12:45:07 2007 +0100
@@ -1308,12 +1308,33 @@ def parse_security_label(security_label)
         return security_label
 
 def set_security_label(policy, label):
-    policytype = xsconstants.ACM_POLICY_ID
     if label != "" and policy != "":
-        return "%s:%s:%s" % (policytype, policy, label)
+        return "%s:%s:%s" % (xsconstants.ACM_POLICY_ID, policy, label)
     else:
         return ""
 
 def ssidref2security_label(ssidref):
     from xen.xend.XendXSPolicyAdmin import XSPolicyAdminInstance
     return XSPolicyAdminInstance().ssidref_to_vmlabel(ssidref)
+
+def get_security_label(self, xspol=None):
+    """
+       Get the security label of a domain
+       @param xspol   The policy to use when converting the ssid into
+                      a label; only to be passed during the updating
+                      of the policy
+    """
+    domid = self.getDomid()
+
+    if not xspol:
+        from xen.xend.XendXSPolicyAdmin import XSPolicyAdminInstance
+        xspol = XSPolicyAdminInstance().get_loaded_policy()
+
+    if domid == 0:
+        if xspol:
+            label = xspol.policy_get_domain_label_formatted(domid)
+        else:
+            label = ""
+    else:
+        label = self.info.get('security_label', '')
+    return label
diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/util/xsm/dummy/dummy.py
--- a/tools/python/xen/util/xsm/dummy/dummy.py  Sun Sep 23 12:18:36 2007 +0100
+++ b/tools/python/xen/util/xsm/dummy/dummy.py  Sun Sep 23 12:45:07 2007 +0100
@@ -51,3 +51,6 @@ def ssidref2security_label(ssidref):
 
 def has_authorization(ssidref):
     return True
+
+def get_security_label(self, xspol=None):
+    return ""
diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/util/xsm/flask/flask.py
--- a/tools/python/xen/util/xsm/flask/flask.py  Sun Sep 23 12:18:36 2007 +0100
+++ b/tools/python/xen/util/xsm/flask/flask.py  Sun Sep 23 12:45:07 2007 +0100
@@ -35,3 +35,7 @@ def set_security_label(policy, label):
 
 def ssidref2security_label(ssidref):
     return ssidref2label(ssidref)
+
+def get_security_label(self, xspol=None):
+    label = self.info.get('security_label', '')
+    return label
diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/xend/XendDomainInfo.py
--- a/tools/python/xen/xend/XendDomainInfo.py   Sun Sep 23 12:18:36 2007 +0100
+++ b/tools/python/xen/xend/XendDomainInfo.py   Sun Sep 23 12:45:07 2007 +0100
@@ -2275,25 +2275,8 @@ class XendDomainInfo:
 
 
     def get_security_label(self, xspol=None):
-        """
-           Get the security label of a domain
-           @param xspol   The policy to use when converting the ssid into
-                          a label; only to be passed during the updating
-                          of the policy
-        """
-        domid = self.getDomid()
-
-        if not xspol:
-            from xen.xend.XendXSPolicyAdmin import XSPolicyAdminInstance
-            xspol = XSPolicyAdminInstance().get_loaded_policy()
-
-        if domid == 0:
-            if xspol:
-                label = xspol.policy_get_domain_label_formatted(domid)
-            else:
-                label = ""
-        else:
-            label = self.info.get('security_label', '')
+        import xen.util.xsm.xsm as security
+        label = security.get_security_label(self, xspol)
         return label
 
     def set_security_label(self, seclab, old_seclab, xspol=None,
diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/xm/xenapi_create.py
--- a/tools/python/xen/xm/xenapi_create.py      Sun Sep 23 12:18:36 2007 +0100
+++ b/tools/python/xen/xm/xenapi_create.py      Sun Sep 23 12:45:07 2007 +0100
@@ -26,6 +26,7 @@ from xen.xend.XendAPIConstants import XE
      XEN_API_ON_CRASH_BEHAVIOUR
 from xen.xm.opts import OptionError
 from xen.util import xsconstants
+import xen.util.xsm.xsm as security
 
 import sys
 import os
@@ -569,7 +570,7 @@ class sxp2xml:
         if sec_data:
             try :
                 vm.attributes['security_label'] = \
-                      "%s:%s:%s" % (xsconstants.ACM_POLICY_ID, 
sec_data[0][1][1],sec_data[0][2][1])
+                                    
security.set_security_label(sec_data[0][1][1],sec_data[0][2][1])
             except Exception, e:
                 raise "Invalid security data format: %s" % str(sec_data)
 
@@ -753,11 +754,7 @@ class sxp2xml:
         policy = get_child_by_name(vif_sxp, "policy")
         label = get_child_by_name(vif_sxp, "label")
 
-        if label and policy:
-            vif.attributes["security_label"] \
-                 = "%s:%s:%s" % (xsconstants.ACM_POLICY_ID, policy, label)
-        else:
-            vif.attributes["security_label"] = ""
+        vif.attributes["security_label"] = security.set_security_label(policy, 
label)
 
         if get_child_by_name(vif_sxp, "bridge") is not None:
             vif.attributes["network"] \

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] XSM:FLASK support for domain management under Xen-API, Xen patchbot-unstable <=