Move blkid calls to privsep.
The same pattern as before. Change-Id: If9aaca8dd9c9a82378807bbc5d2c157e719dab4d blueprint: hurrah-for-privsep
This commit is contained in:
Michael Still
parent
bbb1a72257
commit
3c7a72c213
|
|
@ -6,9 +6,6 @@
|
|||
# nova/virt/xenapi/vm_utils.py: tune2fs, -j, partition_path
|
||||
tune2fs: CommandFilter, tune2fs, root
|
||||
|
||||
# nova/virt/disk/vfs/localfs.py: 'blkid', '-o', 'value', '-s', 'TYPE', device
|
||||
blkid: CommandFilter, blkid, root
|
||||
|
||||
# nova/virt/libvirt/utils.py: 'blockdev', '--getsize64', path
|
||||
# nova/virt/disk/mount/nbd.py: 'blockdev', '--flushbufs', device
|
||||
blockdev: RegExpFilter, blockdev, root, blockdev, (--getsize64|--flushbufs), /dev/.*
|
||||
|
|
|
|||
|
|
@ -117,3 +117,9 @@ def create_device_maps(device):
|
|||
@nova.privsep.sys_admin_pctxt.entrypoint
|
||||
def remove_device_maps(device):
|
||||
return processutils.execute('kpartx', '-d', device)
|
||||
|
||||
|
||||
@nova.privsep.sys_admin_pctxt.entrypoint
|
||||
def get_filesystem_type(device):
|
||||
return processutils.execute('blkid', '-o', 'value', '-s', 'TYPE', device,
|
||||
check_exit_code=[0, 2])
|
||||
|
|
|
|||
|
|
@ -167,8 +167,9 @@ class VirtDiskVFSLocalFSTest(test.NoDBTestCase):
|
|||
uid=getpwnam.return_value.pw_uid,
|
||||
gid=getgrnam.return_value.gr_gid)
|
||||
|
||||
@mock.patch.object(nova.utils, 'execute')
|
||||
def test_get_format_fs(self, execute):
|
||||
@mock.patch('nova.privsep.fs.get_filesystem_type',
|
||||
return_value=('ext3\n', ''))
|
||||
def test_get_format_fs(self, mock_type):
|
||||
vfs = vfsimpl.VFSLocalFS(self.rawfile)
|
||||
vfs.setup = mock.MagicMock()
|
||||
vfs.teardown = mock.MagicMock()
|
||||
|
|
@ -187,17 +188,12 @@ class VirtDiskVFSLocalFSTest(test.NoDBTestCase):
|
|||
|
||||
vfs.setup.side_effect = fake_setup
|
||||
vfs.teardown.side_effect = fake_teardown
|
||||
execute.return_value = ('ext3\n', '')
|
||||
|
||||
vfs.setup()
|
||||
self.assertEqual('ext3', vfs.get_image_fs())
|
||||
vfs.teardown()
|
||||
vfs.mount.get_dev.assert_called_once_with()
|
||||
execute.assert_called_once_with('blkid', '-o',
|
||||
'value', '-s',
|
||||
'TYPE', '/dev/xyz',
|
||||
run_as_root=True,
|
||||
check_exit_code=[0, 2])
|
||||
mock_type.assert_called_once_with('/dev/xyz')
|
||||
|
||||
@mock.patch.object(tempfile, 'mkdtemp')
|
||||
@mock.patch.object(nbd, 'NbdMount')
|
||||
|
|
|
|||
|
|
@ -23,8 +23,8 @@ from oslo_utils import excutils
|
|||
|
||||
from nova import exception
|
||||
from nova.i18n import _
|
||||
import nova.privsep.fs
|
||||
import nova.privsep.path
|
||||
from nova import utils
|
||||
from nova.virt.disk.mount import api as mount_api
|
||||
from nova.virt.disk.vfs import api as vfs
|
||||
|
||||
|
|
@ -142,10 +142,6 @@ class VFSLocalFS(vfs.VFS):
|
|||
|
||||
def get_image_fs(self):
|
||||
if self.mount.device or self.mount.get_dev():
|
||||
out, err = utils.execute('blkid', '-o',
|
||||
'value', '-s',
|
||||
'TYPE', self.mount.device,
|
||||
run_as_root=True,
|
||||
check_exit_code=[0, 2])
|
||||
out, err = nova.privsep.fs.get_filesystem_type(self.mount.device)
|
||||
return out.strip()
|
||||
return ""
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ upgrade:
|
|||
internal functionality using privsep.
|
||||
- |
|
||||
The following commands are no longer required to be listed in your rootwrap
|
||||
configuration: cat; chown; cryptsetup; dd; kpartx; losetup; lvcreate;
|
||||
lvremove; lvs; mkdir; mount; nova-idmapshift; ploop; prl_disk_tool;
|
||||
qemu-nbd; readlink; shred; tee; touch; umount; vgs; and xend.
|
||||
configuration: blkid; cat; chown; cryptsetup; dd; kpartx; losetup;
|
||||
lvcreate; lvremove; lvs; mkdir; mount; nova-idmapshift; ploop;
|
||||
prl_disk_tool; qemu-nbd; readlink; shred; tee; touch; umount; vgs;
|
||||
and xend.
|
||||
|
|
|
|||
Loading…
Reference in New Issue