Fix a few things that were either missed in the execvp conversion or stuff that was merged after it, but wasn't updated accordingly.
This commit is contained in:
Soren Hansen
Tarmac
commit
910b741533
|
|
@ -236,25 +236,32 @@ class S3ImageService(service.BaseImageService):
|
|||
@staticmethod
|
||||
def _decrypt_image(encrypted_filename, encrypted_key, encrypted_iv,
|
||||
cloud_private_key, decrypted_filename):
|
||||
key, err = utils.execute(
|
||||
'openssl rsautl -decrypt -inkey %s' % cloud_private_key,
|
||||
process_input=encrypted_key,
|
||||
check_exit_code=False)
|
||||
key, err = utils.execute('openssl',
|
||||
'rsautl',
|
||||
'-decrypt',
|
||||
'-inkey', '%s' % cloud_private_key,
|
||||
process_input=encrypted_key,
|
||||
check_exit_code=False)
|
||||
if err:
|
||||
raise exception.Error(_("Failed to decrypt private key: %s")
|
||||
% err)
|
||||
iv, err = utils.execute(
|
||||
'openssl rsautl -decrypt -inkey %s' % cloud_private_key,
|
||||
process_input=encrypted_iv,
|
||||
check_exit_code=False)
|
||||
iv, err = utils.execute('openssl',
|
||||
'rsautl',
|
||||
'-decrypt',
|
||||
'-inkey', '%s' % cloud_private_key,
|
||||
process_input=encrypted_iv,
|
||||
check_exit_code=False)
|
||||
if err:
|
||||
raise exception.Error(_("Failed to decrypt initialization "
|
||||
"vector: %s") % err)
|
||||
|
||||
_out, err = utils.execute(
|
||||
'openssl enc -d -aes-128-cbc -in %s -K %s -iv %s -out %s'
|
||||
% (encrypted_filename, key, iv, decrypted_filename),
|
||||
check_exit_code=False)
|
||||
_out, err = utils.execute('openssl', 'enc',
|
||||
'-d', '-aes-128-cbc',
|
||||
'-in', '%s' % (encrypted_filename,),
|
||||
'-K', '%s' % (key,),
|
||||
'-iv', '%s' % (iv,),
|
||||
'-out', '%s' % (decrypted_filename,),
|
||||
check_exit_code=False)
|
||||
if err:
|
||||
raise exception.Error(_("Failed to decrypt image file "
|
||||
"%(image_file)s: %(err)s") %
|
||||
|
|
|
|||
|
|
@ -216,7 +216,7 @@ def ensure_bridge(bridge, interface, net_attrs=None):
|
|||
_execute('sudo', 'brctl', 'setfd', bridge, 0)
|
||||
# _execute("sudo brctl setageing %s 10" % bridge)
|
||||
_execute('sudo', 'brctl', 'stp', bridge, 'off')
|
||||
_execute('sudo', 'ip', 'link', 'set', bridge, up)
|
||||
_execute('sudo', 'ip', 'link', 'set', bridge, 'up')
|
||||
if net_attrs:
|
||||
# NOTE(vish): The ip for dnsmasq has to be the first address on the
|
||||
# bridge for it to respond to reqests properly
|
||||
|
|
@ -330,7 +330,7 @@ def update_dhcp(context, network_id):
|
|||
env = {'FLAGFILE': FLAGS.dhcpbridge_flagfile,
|
||||
'DNSMASQ_INTERFACE': network_ref['bridge']}
|
||||
command = _dnsmasq_cmd(network_ref)
|
||||
_execute(command, addl_env=env)
|
||||
_execute(*command, addl_env=env)
|
||||
|
||||
|
||||
def update_ra(context, network_id):
|
||||
|
|
@ -370,7 +370,7 @@ interface %s
|
|||
else:
|
||||
LOG.debug(_("Pid %d is stale, relaunching radvd"), pid)
|
||||
command = _ra_cmd(network_ref)
|
||||
_execute(command)
|
||||
_execute(*command)
|
||||
db.network_update(context, network_id,
|
||||
{"ra_server":
|
||||
utils.get_my_linklocal(network_ref['bridge'])})
|
||||
|
|
@ -424,30 +424,30 @@ def _remove_rule(chain, *cmd):
|
|||
|
||||
def _dnsmasq_cmd(net):
|
||||
"""Builds dnsmasq command"""
|
||||
cmd = ['sudo -E dnsmasq',
|
||||
' --strict-order',
|
||||
' --bind-interfaces',
|
||||
' --conf-file=',
|
||||
' --domain=%s' % FLAGS.dhcp_domain,
|
||||
' --pid-file=%s' % _dhcp_file(net['bridge'], 'pid'),
|
||||
' --listen-address=%s' % net['gateway'],
|
||||
' --except-interface=lo',
|
||||
' --dhcp-range=%s,static,120s' % net['dhcp_start'],
|
||||
' --dhcp-hostsfile=%s' % _dhcp_file(net['bridge'], 'conf'),
|
||||
' --dhcp-script=%s' % FLAGS.dhcpbridge,
|
||||
' --leasefile-ro']
|
||||
cmd = ['sudo', '-E', 'dnsmasq',
|
||||
'--strict-order',
|
||||
'--bind-interfaces',
|
||||
'--conf-file=',
|
||||
'--domain=%s' % FLAGS.dhcp_domain,
|
||||
'--pid-file=%s' % _dhcp_file(net['bridge'], 'pid'),
|
||||
'--listen-address=%s' % net['gateway'],
|
||||
'--except-interface=lo',
|
||||
'--dhcp-range=%s,static,120s' % net['dhcp_start'],
|
||||
'--dhcp-hostsfile=%s' % _dhcp_file(net['bridge'], 'conf'),
|
||||
'--dhcp-script=%s' % FLAGS.dhcpbridge,
|
||||
'--leasefile-ro']
|
||||
if FLAGS.dns_server:
|
||||
cmd.append(' -h -R --server=%s' % FLAGS.dns_server)
|
||||
return ''.join(cmd)
|
||||
cmd += ['-h', '-R', '--server=%s' % FLAGS.dns_server]
|
||||
return cmd
|
||||
|
||||
|
||||
def _ra_cmd(net):
|
||||
"""Builds radvd command"""
|
||||
cmd = ['sudo -E radvd',
|
||||
# ' -u nobody',
|
||||
' -C %s' % _ra_file(net['bridge'], 'conf'),
|
||||
' -p %s' % _ra_file(net['bridge'], 'pid')]
|
||||
return ''.join(cmd)
|
||||
cmd = ['sudo', '-E', 'radvd',
|
||||
# '-u', 'nobody',
|
||||
'-C', '%s' % _ra_file(net['bridge'], 'conf'),
|
||||
'-p', '%s' % _ra_file(net['bridge'], 'pid')]
|
||||
return cmd
|
||||
|
||||
|
||||
def _stop_dnsmasq(network):
|
||||
|
|
|
|||
|
|
@ -253,25 +253,34 @@ class Image(object):
|
|||
@staticmethod
|
||||
def decrypt_image(encrypted_filename, encrypted_key, encrypted_iv,
|
||||
cloud_private_key, decrypted_filename):
|
||||
key, err = utils.execute(
|
||||
'openssl rsautl -decrypt -inkey %s' % cloud_private_key,
|
||||
process_input=encrypted_key,
|
||||
check_exit_code=False)
|
||||
key, err = utils.execute('openssl',
|
||||
'rsautl',
|
||||
'-decrypt',
|
||||
'-inkey', '%s' % cloud_private_key,
|
||||
process_input=encrypted_key,
|
||||
check_exit_code=False)
|
||||
if err:
|
||||
raise exception.Error(_("Failed to decrypt private key: %s")
|
||||
% err)
|
||||
iv, err = utils.execute(
|
||||
'openssl rsautl -decrypt -inkey %s' % cloud_private_key,
|
||||
process_input=encrypted_iv,
|
||||
check_exit_code=False)
|
||||
iv, err = utils.execute('openssl',
|
||||
'rsautl',
|
||||
'-decrypt',
|
||||
'-inkey', '%s' % cloud_private_key,
|
||||
process_input=encrypted_iv,
|
||||
check_exit_code=False)
|
||||
if err:
|
||||
raise exception.Error(_("Failed to decrypt initialization "
|
||||
"vector: %s") % err)
|
||||
|
||||
_out, err = utils.execute(
|
||||
'openssl enc -d -aes-128-cbc -in %s -K %s -iv %s -out %s'
|
||||
% (encrypted_filename, key, iv, decrypted_filename),
|
||||
check_exit_code=False)
|
||||
_out, err = utils.execute('openssl',
|
||||
'enc',
|
||||
'-d',
|
||||
'-aes-128-cbc',
|
||||
'-in', '%s' % (encrypted_filename,),
|
||||
'-K', '%s' % (key,),
|
||||
'-iv', '%s' % (iv,),
|
||||
'-out', '%s' % (decrypted_filename,),
|
||||
check_exit_code=False)
|
||||
if err:
|
||||
raise exception.Error(_("Failed to decrypt image file "
|
||||
"%(image_file)s: %(err)s") %
|
||||
|
|
|
|||
|
|
@ -463,7 +463,7 @@ class LibvirtConnection(object):
|
|||
console_log = os.path.join(FLAGS.instances_path, instance['name'],
|
||||
'console.log')
|
||||
|
||||
utils.execute('sudo', 'chown', s.getuid(), console_log)
|
||||
utils.execute('sudo', 'chown', os.getuid(), console_log)
|
||||
|
||||
if FLAGS.libvirt_type == 'xen':
|
||||
# Xen is special
|
||||
|
|
|
|||
Loading…
Reference in New Issue