diff --git a/nova/privsep/dac_admin.py b/nova/privsep/path.py similarity index 100% rename from nova/privsep/dac_admin.py rename to nova/privsep/path.py diff --git a/nova/tests/unit/test_utils.py b/nova/tests/unit/test_utils.py index 70759a16d328..a1815ba41b65 100644 --- a/nova/tests/unit/test_utils.py +++ b/nova/tests/unit/test_utils.py @@ -145,7 +145,7 @@ class GenericUtilsTestCase(test.NoDBTestCase): self.assertTrue([c for c in password if c in 'ABCDEFGHIJKLMNOPQRSTUVWXYZ']) - @mock.patch('nova.privsep.dac_admin.chown') + @mock.patch('nova.privsep.path.chown') def test_temporary_chown(self, mock_chown): with tempfile.NamedTemporaryFile() as f: with utils.temporary_chown(f.name, owner_uid=2): diff --git a/nova/tests/unit/virt/disk/vfs/test_localfs.py b/nova/tests/unit/virt/disk/vfs/test_localfs.py index bf00c507c42b..365ce18c41d7 100644 --- a/nova/tests/unit/virt/disk/vfs/test_localfs.py +++ b/nova/tests/unit/virt/disk/vfs/test_localfs.py @@ -37,7 +37,7 @@ class VirtDiskVFSLocalFSTestPaths(test.NoDBTestCase): # NOTE(mikal): mocking a decorator is non-trivial, so this is the # best we can do. - @mock.patch.object(nova.privsep.dac_admin, 'readlink') + @mock.patch.object(nova.privsep.path, 'readlink') def test_check_safe_path(self, read_link): vfs = vfsimpl.VFSLocalFS(self.rawfile) vfs.imgdir = '/foo' @@ -47,7 +47,7 @@ class VirtDiskVFSLocalFSTestPaths(test.NoDBTestCase): ret = vfs._canonical_path('etc/something.conf') self.assertEqual(ret, '/foo/etc/something.conf') - @mock.patch.object(nova.privsep.dac_admin, 'readlink') + @mock.patch.object(nova.privsep.path, 'readlink') def test_check_unsafe_path(self, read_link): vfs = vfsimpl.VFSLocalFS(self.rawfile) vfs.imgdir = '/foo' @@ -68,8 +68,8 @@ class VirtDiskVFSLocalFSTest(test.NoDBTestCase): self.rawfile = imgmodel.LocalFileImage('/dummy.img', imgmodel.FORMAT_RAW) - @mock.patch.object(nova.privsep.dac_admin, 'readlink') - @mock.patch.object(nova.privsep.dac_admin, 'makedirs') + @mock.patch.object(nova.privsep.path, 'readlink') + @mock.patch.object(nova.privsep.path, 'makedirs') def test_makepath(self, mkdir, read_link): vfs = vfsimpl.VFSLocalFS(self.qcowfile) vfs.imgdir = '/scratch/dir' @@ -84,8 +84,8 @@ class VirtDiskVFSLocalFSTest(test.NoDBTestCase): read_link.assert_called() mkdir.assert_called_with(read_link.return_value) - @mock.patch.object(nova.privsep.dac_admin, 'readlink') - @mock.patch.object(nova.privsep.dac_admin, 'writefile') + @mock.patch.object(nova.privsep.path, 'readlink') + @mock.patch.object(nova.privsep.path, 'writefile') def test_append_file(self, write_file, read_link): vfs = vfsimpl.VFSLocalFS(self.qcowfile) vfs.imgdir = '/scratch/dir' @@ -95,8 +95,8 @@ class VirtDiskVFSLocalFSTest(test.NoDBTestCase): read_link.assert_called() write_file.assert_called_with(read_link.return_value, 'a', ' Goodbye') - @mock.patch.object(nova.privsep.dac_admin, 'readlink') - @mock.patch.object(nova.privsep.dac_admin, 'writefile') + @mock.patch.object(nova.privsep.path, 'readlink') + @mock.patch.object(nova.privsep.path, 'writefile') def test_replace_file(self, write_file, read_link): vfs = vfsimpl.VFSLocalFS(self.qcowfile) vfs.imgdir = '/scratch/dir' @@ -106,8 +106,8 @@ class VirtDiskVFSLocalFSTest(test.NoDBTestCase): read_link.assert_called() write_file.assert_called_with(read_link.return_value, 'w', 'Goodbye') - @mock.patch.object(nova.privsep.dac_admin, 'readlink') - @mock.patch.object(nova.privsep.dac_admin, 'readfile') + @mock.patch.object(nova.privsep.path, 'readlink') + @mock.patch.object(nova.privsep.path, 'readfile') def test_read_file(self, read_file, read_link): vfs = vfsimpl.VFSLocalFS(self.qcowfile) vfs.imgdir = '/scratch/dir' @@ -116,15 +116,15 @@ class VirtDiskVFSLocalFSTest(test.NoDBTestCase): read_link.assert_called() read_file.assert_called() - @mock.patch.object(nova.privsep.dac_admin.path, 'exists') + @mock.patch.object(nova.privsep.path.path, 'exists') def test_has_file(self, exists): vfs = vfsimpl.VFSLocalFS(self.qcowfile) vfs.imgdir = '/scratch/dir' has = vfs.has_file('/some/file') self.assertEqual(exists.return_value, has) - @mock.patch.object(nova.privsep.dac_admin, 'readlink') - @mock.patch.object(nova.privsep.dac_admin, 'chmod') + @mock.patch.object(nova.privsep.path, 'readlink') + @mock.patch.object(nova.privsep.path, 'chmod') def test_set_permissions(self, chmod, read_link): vfs = vfsimpl.VFSLocalFS(self.qcowfile) vfs.imgdir = '/scratch/dir' @@ -133,8 +133,8 @@ class VirtDiskVFSLocalFSTest(test.NoDBTestCase): read_link.assert_called() chmod.assert_called_with(read_link.return_value, 0o777) - @mock.patch.object(nova.privsep.dac_admin, 'readlink') - @mock.patch.object(nova.privsep.dac_admin, 'chown') + @mock.patch.object(nova.privsep.path, 'readlink') + @mock.patch.object(nova.privsep.path, 'chown') @mock.patch.object(pwd, 'getpwnam') @mock.patch.object(grp, 'getgrnam') def test_set_ownership(self, getgrnam, getpwnam, chown, read_link): diff --git a/nova/tests/unit/virt/libvirt/test_driver.py b/nova/tests/unit/virt/libvirt/test_driver.py index 537373f1fc07..9a8a157e39fd 100644 --- a/nova/tests/unit/virt/libvirt/test_driver.py +++ b/nova/tests/unit/virt/libvirt/test_driver.py @@ -9690,7 +9690,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, self.context, instance, "/fake/instance/dir", disk_info) - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_create_images_and_backing_images_not_exist_fallback(self, mock_utime): conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), False) @@ -9772,7 +9772,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, '/fake/instance/dir', disk_info) self.assertFalse(mock_fetch_image.called) - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_create_images_and_backing_ephemeral_gets_created(self, mock_utime): drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), False) @@ -11168,7 +11168,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, 'myVol', '/dev/something', run_as_root=True) - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_create_ephemeral_specified_fs_not_valid(self, mock_utime): CONF.set_override('default_ephemeral_format', 'ext4') ephemerals = [{'device_type': 'disk', @@ -11382,7 +11382,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, @mock.patch('os.path.exists', return_value=True) @mock.patch('nova.privsep.libvirt.last_bytes', return_value=(b'67890', 0)) - @mock.patch('nova.privsep.dac_admin.writefile') + @mock.patch('nova.privsep.path.writefile') def test_get_console_output_pty(self, mocked_writefile, mocked_last_bytes, mocked_path_exists): with utils.tempdir() as tmpdir: @@ -15113,7 +15113,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, mock.sentinel.new_connection_info, 'vdb', instance) @mock.patch('nova.virt.libvirt.guest.BlockDevice.is_job_complete') - @mock.patch('nova.privsep.dac_admin.chown') + @mock.patch('nova.privsep.path.chown') def _test_live_snapshot(self, mock_chown, mock_is_job_complete, can_quiesce=False, require_quiesce=False): drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI()) diff --git a/nova/tests/unit/virt/libvirt/test_imagebackend.py b/nova/tests/unit/virt/libvirt/test_imagebackend.py index e48c133dced3..2f0993bf3389 100644 --- a/nova/tests/unit/virt/libvirt/test_imagebackend.py +++ b/nova/tests/unit/virt/libvirt/test_imagebackend.py @@ -341,7 +341,7 @@ class FlatTestCase(_ImageTestCase, test.NoDBTestCase): @mock.patch.object(imagebackend.disk, 'extend') @mock.patch.object(fake_libvirt_utils, 'copy_image') @mock.patch.object(imagebackend.utils, 'synchronized') - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_create_image(self, mock_utime, mock_sync, mock_copy, mock_extend): mock_sync.side_effect = lambda *a, **kw: self._fake_deco fn = mock.MagicMock() @@ -374,7 +374,7 @@ class FlatTestCase(_ImageTestCase, test.NoDBTestCase): @mock.patch.object(imagebackend.utils, 'synchronized') @mock.patch.object(images, 'qemu_img_info', return_value=imageutils.QemuImgInfo()) - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_create_image_extend(self, mock_utime, mock_qemu, mock_sync, mock_copy, mock_extend): mock_sync.side_effect = lambda *a, **kw: self._fake_deco @@ -502,7 +502,7 @@ class Qcow2TestCase(_ImageTestCase, test.NoDBTestCase): @mock.patch.object(imagebackend.utils, 'synchronized') @mock.patch.object(fake_libvirt_utils, 'create_cow_image') @mock.patch.object(imagebackend.disk, 'extend') - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_create_image(self, mock_utime, mock_extend, mock_create, mock_sync): mock_sync.side_effect = lambda *a, **kw: self._fake_deco @@ -522,7 +522,7 @@ class Qcow2TestCase(_ImageTestCase, test.NoDBTestCase): @mock.patch.object(imagebackend.disk, 'extend') @mock.patch.object(os.path, 'exists', side_effect=[]) @mock.patch.object(imagebackend.Image, 'verify_base_size') - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_create_image_with_size(self, mock_utime, mock_verify, mock_exist, mock_extend, mock_create, mock_sync): mock_sync.side_effect = lambda *a, **kw: self._fake_deco @@ -552,7 +552,7 @@ class Qcow2TestCase(_ImageTestCase, test.NoDBTestCase): @mock.patch.object(imagebackend.disk, 'extend') @mock.patch.object(os.path, 'exists', side_effect=[]) @mock.patch.object(imagebackend.Qcow2, 'get_disk_size') - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_create_image_too_small(self, mock_utime, mock_get, mock_exist, mock_extend, mock_create, mock_sync): mock_sync.side_effect = lambda *a, **kw: self._fake_deco @@ -579,7 +579,7 @@ class Qcow2TestCase(_ImageTestCase, test.NoDBTestCase): @mock.patch.object(os.path, 'exists', side_effect=[]) @mock.patch.object(imagebackend.Image, 'verify_base_size') @mock.patch.object(fake_libvirt_utils, 'copy_image') - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_generate_resized_backing_files(self, mock_utime, mock_copy, mock_verify, mock_exist, mock_extend, mock_get, @@ -617,7 +617,7 @@ class Qcow2TestCase(_ImageTestCase, test.NoDBTestCase): @mock.patch.object(imagebackend.disk, 'extend') @mock.patch.object(os.path, 'exists', side_effect=[]) @mock.patch.object(imagebackend.Image, 'verify_base_size') - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_qcow2_exists_and_has_no_backing_file(self, mock_utime, mock_verify, mock_exist, mock_extend, mock_get, diff --git a/nova/tests/unit/virt/libvirt/test_imagecache.py b/nova/tests/unit/virt/libvirt/test_imagecache.py index 0c7a86d347a7..22d28e9c3341 100644 --- a/nova/tests/unit/virt/libvirt/test_imagecache.py +++ b/nova/tests/unit/virt/libvirt/test_imagecache.py @@ -429,7 +429,7 @@ class ImageCacheManagerTestCase(test.NoDBTestCase): self.assertNotEqual(stream.getvalue().find('Failed to remove'), -1) - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_mark_in_use(self, mock_utime): img = '123' @@ -443,7 +443,7 @@ class ImageCacheManagerTestCase(test.NoDBTestCase): self.assertEqual(image_cache_manager.unexplained_images, []) self.assertEqual(image_cache_manager.removable_base_files, []) - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') @mock.patch.object(lockutils, 'external_lock') def test_verify_base_images(self, mock_lock, mock_utime): hashed_1 = '356a192b7913b04c54574d18c28d46e6395428ab' @@ -681,7 +681,7 @@ class ImageCacheManagerTestCase(test.NoDBTestCase): @mock.patch('os.path.exists') @mock.patch('os.path.getmtime') @mock.patch('os.remove') - @mock.patch('nova.privsep.dac_admin.utime') + @mock.patch('nova.privsep.path.utime') def test_age_and_verify_swap_images(self, mock_utime, mock_remove, mock_getmtime, mock_exist, mock_lock): base_dir = '/tmp_age_test' diff --git a/nova/tests/unit/virt/xenapi/test_xenapi.py b/nova/tests/unit/virt/xenapi/test_xenapi.py index 51cd21dd7a88..8fa2c9bc3e67 100644 --- a/nova/tests/unit/virt/xenapi/test_xenapi.py +++ b/nova/tests/unit/virt/xenapi/test_xenapi.py @@ -948,11 +948,11 @@ class XenAPIVMTestCase(stubs.XenAPITestBase, @testtools.skipIf(test_utils.is_osx(), 'IPv6 pretty-printing broken on OSX, see bug 1409135') - @mock.patch.object(nova.privsep.dac_admin, 'readlink') - @mock.patch.object(nova.privsep.dac_admin, 'writefile') - @mock.patch.object(nova.privsep.dac_admin, 'makedirs') - @mock.patch.object(nova.privsep.dac_admin, 'chown') - @mock.patch.object(nova.privsep.dac_admin, 'chmod') + @mock.patch.object(nova.privsep.path, 'readlink') + @mock.patch.object(nova.privsep.path, 'writefile') + @mock.patch.object(nova.privsep.path, 'makedirs') + @mock.patch.object(nova.privsep.path, 'chown') + @mock.patch.object(nova.privsep.path, 'chmod') def test_spawn_netinject_file(self, chmod, chown, mkdir, write_file, read_link): self.flags(flat_injected=True) diff --git a/nova/utils.py b/nova/utils.py index d1b442c5c1c5..7a3209b19355 100644 --- a/nova/utils.py +++ b/nova/utils.py @@ -653,12 +653,12 @@ def temporary_chown(path, owner_uid=None): orig_uid = os.stat(path).st_uid if orig_uid != owner_uid: - nova.privsep.dac_admin.chown(path, uid=owner_uid) + nova.privsep.path.chown(path, uid=owner_uid) try: yield finally: if orig_uid != owner_uid: - nova.privsep.dac_admin.chown(path, uid=orig_uid) + nova.privsep.path.chown(path, uid=orig_uid) @contextlib.contextmanager diff --git a/nova/virt/disk/vfs/localfs.py b/nova/virt/disk/vfs/localfs.py index 933cbbe080fa..d1125a1e5bff 100644 --- a/nova/virt/disk/vfs/localfs.py +++ b/nova/virt/disk/vfs/localfs.py @@ -23,7 +23,7 @@ from oslo_utils import excutils from nova import exception from nova.i18n import _ -import nova.privsep.dac_admin +import nova.privsep.path from nova import utils from nova.virt.disk.mount import api as mount_api from nova.virt.disk.vfs import api as vfs @@ -41,7 +41,7 @@ class VFSLocalFS(vfs.VFS): path with '..' in it will hit this safeguard. """ def _canonical_path(self, path): - canonpath = nova.privsep.dac_admin.readlink(path) + canonpath = nova.privsep.path.readlink(path) if not canonpath.startswith(os.path.realpath(self.imgdir) + '/'): raise exception.Invalid(_('File path %s not valid') % path) return canonpath @@ -100,32 +100,32 @@ class VFSLocalFS(vfs.VFS): def make_path(self, path): LOG.debug("Make directory path=%s", path) - nova.privsep.dac_admin.makedirs(self._canonical_path(path)) + nova.privsep.path.makedirs(self._canonical_path(path)) def append_file(self, path, content): LOG.debug("Append file path=%s", path) - return nova.privsep.dac_admin.writefile( + return nova.privsep.path.writefile( self._canonical_path(path), 'a', content) def replace_file(self, path, content): LOG.debug("Replace file path=%s", path) - return nova.privsep.dac_admin.writefile( + return nova.privsep.path.writefile( self._canonical_path(path), 'w', content) def read_file(self, path): LOG.debug("Read file path=%s", path) - return nova.privsep.dac_admin.readfile(self._canonical_path(path)) + return nova.privsep.path.readfile(self._canonical_path(path)) def has_file(self, path): # NOTE(mikal): it is deliberate that we don't generate a canonical # path here, as that tests for existance and would raise an exception. LOG.debug("Has file path=%s", path) - return nova.privsep.dac_admin.path.exists(path) + return nova.privsep.path.path.exists(path) def set_permissions(self, path, mode): LOG.debug("Set permissions path=%(path)s mode=%(mode)o", {'path': path, 'mode': mode}) - nova.privsep.dac_admin.chmod(self._canonical_path(path), mode) + nova.privsep.path.chmod(self._canonical_path(path), mode) def set_ownership(self, path, user, group): LOG.debug("Set permissions path=%(path)s " @@ -138,7 +138,7 @@ class VFSLocalFS(vfs.VFS): chown_kwargs['uid'] = pwd.getpwnam(user).pw_uid if group: chown_kwargs['gid'] = grp.getgrnam(group).gr_gid - nova.privsep.dac_admin.chown(canonpath, **chown_kwargs) + nova.privsep.path.chown(canonpath, **chown_kwargs) def get_image_fs(self): if self.mount.device or self.mount.get_dev(): diff --git a/nova/virt/libvirt/driver.py b/nova/virt/libvirt/driver.py index 8c235840abb4..a3498b4def0c 100644 --- a/nova/virt/libvirt/driver.py +++ b/nova/virt/libvirt/driver.py @@ -82,8 +82,8 @@ from nova.objects import fields from nova.objects import migrate_data as migrate_data_obj from nova.pci import manager as pci_manager from nova.pci import utils as pci_utils -from nova.privsep import dac_admin import nova.privsep.libvirt +import nova.privsep.path from nova import utils from nova import version from nova.virt import block_device as driver_block_device @@ -1908,7 +1908,7 @@ class LibvirtDriver(driver.ComputeDriver): time.sleep(0.5) dev.abort_job() - dac_admin.chown(disk_delta, uid=os.getuid()) + nova.privsep.path.chown(disk_delta, uid=os.getuid()) finally: self._host.write_instance_config(xml) if quiesced: @@ -2899,7 +2899,7 @@ class LibvirtDriver(driver.ComputeDriver): # flush of that pty device into the "console.log" file to ensure # that a series of "get_console_output" calls return the complete # content even after rebooting a guest. - dac_admin.writefile(console_log, 'a+', data) + nova.privsep.path.writefile(console_log, 'a+', data) return self._get_console_output_file(instance, console_log) def get_host_ip_addr(self): @@ -3216,7 +3216,7 @@ class LibvirtDriver(driver.ComputeDriver): # PONDERING(mikal): can I assume that root is UID zero in every # OS? Probably not. uid = pwd.getpwnam('root').pw_uid - dac_admin.chown(image('disk').path, uid=uid) + nova.privsep.path.chown(image('disk').path, uid=uid) self._create_and_inject_local_root(context, instance, booted_from_volume, suffix, diff --git a/nova/virt/libvirt/imagebackend.py b/nova/virt/libvirt/imagebackend.py index cb6e122db62d..06f129eee3d7 100644 --- a/nova/virt/libvirt/imagebackend.py +++ b/nova/virt/libvirt/imagebackend.py @@ -33,7 +33,7 @@ import nova.conf from nova import exception from nova.i18n import _ from nova import image -from nova.privsep import dac_admin +import nova.privsep.path from nova import utils from nova.virt.disk import api as disk from nova.virt.image import model as imgmodel @@ -541,7 +541,7 @@ class Flat(Image): # NOTE(mikal): Update the mtime of the base file so the image # cache manager knows it is in use. - dac_admin.utime(base) + nova.privsep.path.utime(base) self.verify_base_size(base, size) if not os.path.exists(self.path): with fileutils.remove_path_on_error(self.path): @@ -597,7 +597,7 @@ class Qcow2(Image): # NOTE(ankit): Update the mtime of the base file so the image # cache manager knows it is in use. - dac_admin.utime(base) + nova.privsep.path.utime(base) self.verify_base_size(base, size) legacy_backing_size = None @@ -1091,7 +1091,7 @@ class Ploop(Image): prepare_template(target=base, *args, **kwargs) else: # Disk already exists in cache, just update time - dac_admin.utime(base) + nova.privsep.path.utime(base) self.verify_base_size(base, size) if os.path.exists(self.path): diff --git a/nova/virt/libvirt/imagecache.py b/nova/virt/libvirt/imagecache.py index dcb0cb66e8af..dfcc3f68fc29 100644 --- a/nova/virt/libvirt/imagecache.py +++ b/nova/virt/libvirt/imagecache.py @@ -32,7 +32,7 @@ from oslo_utils import encodeutils import six import nova.conf -from nova.privsep import dac_admin +import nova.privsep.path from nova import utils from nova.virt import imagecache from nova.virt.libvirt import utils as libvirt_utils @@ -327,7 +327,7 @@ class ImageCacheManager(imagecache.ImageCacheManager): LOG.debug('image %(id)s at (%(base_file)s): image is in use', {'id': img_id, 'base_file': base_file}) - dac_admin.utime(base_file) + nova.privsep.path.utime(base_file) def _age_and_verify_swap_images(self, context, base_dir): LOG.debug('Verify swap images') @@ -335,7 +335,7 @@ class ImageCacheManager(imagecache.ImageCacheManager): for ent in self.back_swap_images: base_file = os.path.join(base_dir, ent) if ent in self.used_swap_images and os.path.exists(base_file): - dac_admin.utime(base_file) + nova.privsep.path.utime(base_file) elif self.remove_unused_base_images: self._remove_swap_file(base_file)