WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] [RESEND][BUGFIX][ACM] fix return code in acm-related xm scri

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] [RESEND][BUGFIX][ACM] fix return code in acm-related xm scripts
From: Reiner Sailer <sailer@xxxxxxxxxx>
Date: Mon, 11 Sep 2006 16:01:30 -0400
Cc: kanno.masaki@xxxxxxxxxxxxxx, sailer@xxxxxxxxxx
Delivery-date: Mon, 11 Sep 2006 13:02:32 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)
This patch fixes return codes for the acm-related Xen management scripts (error conditions) and addresses minor issues that 'pycheck' complains about. It is tested with xm-test and by manually running the xm commands. It also handles the return case (reported by Masaki Kanno) that was missed in the originally patch.

Signed-off by: Reiner Sailer <sailer@xxxxxxxxxx>

---
 tools/python/xen/xm/addlabel.py      |    6 +----
 tools/python/xen/xm/cfgbootpolicy.py |    6 ++---
 tools/python/xen/xm/create.py        |    4 +--
 tools/python/xen/xm/dry-run.py       |   13 +++++++----
 tools/python/xen/xm/dumppolicy.py    |    8 +++----
 tools/python/xen/xm/getlabel.py      |   40 ++++++++++++++++-------------------
 tools/python/xen/xm/labels.py        |    4 ++-
 tools/python/xen/xm/loadpolicy.py    |    5 ++--
 tools/python/xen/xm/makepolicy.py    |    3 +-
 tools/python/xen/xm/resources.py     |   21 +++++++++++-------
 tools/python/xen/xm/rmlabel.py       |   10 +++-----
 11 files changed, 63 insertions(+), 57 deletions(-)

Index: xen-unstable.hg-shype/tools/python/xen/xm/addlabel.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/addlabel.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/addlabel.py
@@ -20,8 +20,6 @@
 """Labeling a domain configuration file or a resoruce.
 """
 import sys, os
-import string
-import traceback
 from xen.util import dictio
 from xen.util import security
 
@@ -33,6 +31,7 @@ def usage():
     print "  resource. It derives the policy from the running hypervisor"
     print "  if it is not given (optional parameter). If a label already"
     print "  exists for the given domain or resource, then addlabel fails.\n"
+    security.err("Usage")
 
 
 def validate_config_file(configfile):
@@ -134,7 +133,6 @@ def main (argv):
                 for prefix in [".", "/etc/xen"]:
                     configfile = prefix + "/" + configfile
                     if os.path.isfile(configfile):
-                        fd = open(configfile, "rb")
                         break
             if not validate_config_file(configfile):
                 usage()
@@ -147,7 +145,7 @@ def main (argv):
             usage()
 
     except security.ACMError:
-        traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/cfgbootpolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/cfgbootpolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/cfgbootpolicy.py
@@ -70,7 +70,7 @@ def determine_kernelversion(user_specifi
                 within_xen_title = 0
                 within_xen_entry = 0
     if len(version_list) > 1:
-        err("Cannot decide between entries for kernels: " + version_list)
+        err("Cannot decide between entries for kernels %s" % version_list)
     elif len(version_list) == 0:
         err("Cannot find a boot entry candidate (please create a Xen boot 
entry first).")
     else:
@@ -87,7 +87,6 @@ def insert_policy(boot_file, kernel_vers
     within_xen_entry = 0
     insert_at_end_of_entry = 0
     path_prefix = ''
-    done = False
     (tmp_fd, tmp_grub) = tempfile.mkstemp()
     #follow symlink since menue.lst might be linked to grub.conf
     if stat.S_ISLNK(os.lstat(boot_file)[stat.ST_MODE]):
@@ -175,9 +174,10 @@ def main(argv):
         print "Boot entry created and \'%s\' copied to /boot" % (policy + 
".bin")
 
     except ACMError:
-        pass
+        sys.exit(-1)
     except:
         traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 
Index: xen-unstable.hg-shype/tools/python/xen/xm/create.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/create.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/create.py
@@ -1155,7 +1155,7 @@ def create_security_check(config):
         else:
             print "Checking resources: (skipped)"
     except security.ACMError:
-        traceback.print_exc(limit=1)
+        sys.exit(-1)
 
     return passed
 
@@ -1176,7 +1176,7 @@ def main(argv):
         PrettyPrint.prettyprint(config)
     else:
         if not create_security_check(config):
-            print "Security configuration prevents domain from starting"
+            err("Security configuration prevents domain from starting.")
         else:
             dom = make_domain(opts, config)
             if opts.vals.console_autoconnect:
Index: xen-unstable.hg-shype/tools/python/xen/xm/dry-run.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/dry-run.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/dry-run.py
@@ -18,6 +18,7 @@
 
 """Tests the security settings for a domain and its resources.
 """
+import sys
 from xen.util import security
 from xen.xm import create
 from xen.xend import sxp
@@ -28,14 +29,14 @@ def usage():
     print "to see if the domain created by the configfile can access"
     print "the resources.  The status of each resource is listed"
     print "individually along with the final security decision.\n"
+    security.err("Usage")
 
 
 def main (argv):
-    if len(argv) != 2:
-        usage()
-        return
-
     try:
+        if len(argv) != 2:
+            usage()
+
         passed = 0
         (opts, config) = create.parseCommandLine(argv)
         if create.check_domain_label(config, verbose=1):
@@ -48,8 +49,10 @@ def main (argv):
             print "Dry Run: PASSED"
         else:
             print "Dry Run: FAILED"
+            sys.exit(-1)
+
     except security.ACMError:
-        pass
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/dumppolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/dumppolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/dumppolicy.py
@@ -18,7 +18,6 @@
 """Display currently enforced policy (low-level hypervisor representation).
 """
 import sys
-import traceback
 from xen.util.security import ACMError, err, dump_policy
 
 
@@ -31,12 +30,13 @@ def usage():
 
 def main(argv):
     try:
+        if len(argv) != 1:
+            usage()
+
         dump_policy()
 
     except ACMError:
-        pass
-    except:
-        traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/getlabel.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/getlabel.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/getlabel.py
@@ -19,8 +19,6 @@
 """Show the label for a domain or resoruce.
 """
 import sys, os, re
-import string
-import traceback
 from xen.util import dictio
 from xen.util import security
 
@@ -28,6 +26,7 @@ def usage():
     print "\nUsage: xm getlabel dom <configfile>"
     print "       xm getlabel res <resource>\n"
     print "  This program shows the label for a domain or resource.\n"
+    security.err("Usage")
 
 
 def get_resource_label(resource):
@@ -38,8 +37,7 @@ def get_resource_label(resource):
     try:
         access_control = dictio.dict_read("resources", file)
     except:
-        print "Resource label file not found"
-        return
+        security.err("Resource label file not found")
 
     # get the entry and print label
     if access_control.has_key(resource):
@@ -47,7 +45,7 @@ def get_resource_label(resource):
         label = access_control[resource][1]
         print "policy="+policy+",label="+label
     else:
-        print "Resource not labeled"
+        security.err("Resource not labeled")
 
 
 def get_domain_label(configfile):
@@ -63,8 +61,7 @@ def get_domain_label(configfile):
                 fd = open(file, "rb")
                 break
     if not fd:
-        print "Configuration file '"+configfile+"' not found."
-        return
+        security.err("Configuration file '"+configfile+"' not found.")
 
     # read in the domain config file, finding the label line
     ac_entry_re = re.compile("^access_control\s*=.*", re.IGNORECASE)
@@ -82,8 +79,7 @@ def get_domain_label(configfile):
 
     # send error message if we didn't find anything
     if acline == "":
-        print "Label does not exist in domain configuration file."
-        return
+        security.err("Domain not labeled")
 
     # print out the label
     (title, data) = acline.split("=", 1)
@@ -94,19 +90,21 @@ def get_domain_label(configfile):
 
 
 def main (argv):
-    if len(argv) != 3:
-        usage()
-        return
-
-    if argv[1].lower() == "dom":
-        configfile = argv[2]
-        get_domain_label(configfile)
-    elif argv[1].lower() == "res":
-        resource = argv[2]
-        get_resource_label(resource)
-    else:
-        usage()
+    try:
+        if len(argv) != 3:
+            usage()
+
+        if argv[1].lower() == "dom":
+            configfile = argv[2]
+            get_domain_label(configfile)
+        elif argv[1].lower() == "res":
+            resource = argv[2]
+            get_resource_label(resource)
+        else:
+            usage()
 
+    except security.ACMError:
+        sys.exit(-1)
 
 if __name__ == '__main__':
     main(sys.argv)
Index: xen-unstable.hg-shype/tools/python/xen/xm/labels.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/labels.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/labels.py
@@ -70,10 +70,12 @@ def main(argv):
         labels.sort()
         for label in labels:
             print label
+
     except ACMError:
-        pass
+        sys.exit(-1)
     except:
         traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/loadpolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/loadpolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/loadpolicy.py
@@ -34,11 +34,12 @@ def main(argv):
         if len(argv) != 2:
             usage()
         load_policy(argv[1])
+
     except ACMError:
-        pass
+        sys.exit(-1)
     except:
         traceback.print_exc(limit=1)
-
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/makepolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/makepolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/makepolicy.py
@@ -37,9 +37,10 @@ def main(argv):
         make_policy(argv[1])
 
     except ACMError:
-        pass
+        sys.exit(-1)
     except:
         traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 
Index: xen-unstable.hg-shype/tools/python/xen/xm/resources.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/resources.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/resources.py
@@ -18,8 +18,7 @@
 
 """List the resource label information from the global resource label file
 """
-import sys, os
-import string
+import sys
 from xen.util import dictio
 from xen.util import security
 
@@ -27,6 +26,7 @@ def usage():
     print "\nUsage: xm resource\n"
     print "  This program lists information for each resource in the"
     print "  global resource label file\n"
+    security.err("Usage")
 
 
 def print_resource_data(access_control):
@@ -41,14 +41,19 @@ def print_resource_data(access_control):
 
 def main (argv):
     try:
-        file = security.res_label_filename
-        access_control = dictio.dict_read("resources", file)
-    except:
-        print "Resource file not found."
-        return
+        if len(argv) != 1:
+            usage()
 
-    print_resource_data(access_control)
+        try:
+            file = security.res_label_filename
+            access_control = dictio.dict_read("resources", file)
+        except:
+            security.err("Error reading resource file.")
 
+        print_resource_data(access_control)
+
+    except security.ACMError:
+        sys.exit(-1)
 
 if __name__ == '__main__':
     main(sys.argv)
Index: xen-unstable.hg-shype/tools/python/xen/xm/rmlabel.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/rmlabel.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/rmlabel.py
@@ -19,8 +19,6 @@
 """Remove a label from a domain configuration file or a resoruce.
 """
 import sys, os, re
-import string
-import traceback
 from xen.util import dictio
 from xen.util import security
 
@@ -31,6 +29,7 @@ def usage():
     print "  for a domain or from the global resource label file for a"
     print "  resource. If the label does not exist for the given domain or"
     print "  resource, then rmlabel fails.\n"
+    security.err("Usage")
 
 
 def rm_resource_label(resource):
@@ -48,7 +47,7 @@ def rm_resource_label(resource):
         del access_control[resource]
         dictio.dict_write(access_control, "resources", file)
     else:
-        security.err("Label does not exist in resource label file.")
+        security.err("Resource not labeled.")
 
 
 def rm_domain_label(configfile):
@@ -85,7 +84,7 @@ def rm_domain_label(configfile):
 
     # send error message if we didn't find anything to remove
     if not removed:
-        security.err("Label does not exist in domain configuration file.")
+        security.err("Domain not labeled.")
 
     # write the data back out to the file
     fd = open(file, "wb")
@@ -97,7 +96,6 @@ def main (argv):
     try:
         if len(argv) != 3:
             usage()
-            return
 
         if argv[1].lower() == "dom":
             configfile = argv[2]
@@ -109,7 +107,7 @@ def main (argv):
             usage()
 
     except security.ACMError:
-        traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [RESEND][BUGFIX][ACM] fix return code in acm-related xm scripts, Reiner Sailer <=