[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [BUGFIX][ACM] fix return code in acm-related xm scripts



This patch fixes return codes for the acm-related Xen management scripts (error conditions) and addresses minor issues that 'pycheck' complains about. It is tested with xm-test and by manually running the xm commands.

Signed-off by: Reiner Sailer <sailer@xxxxxxxxxx>

---
 tools/python/xen/xm/addlabel.py      |    6 +----
 tools/python/xen/xm/cfgbootpolicy.py |    4 +--
 tools/python/xen/xm/create.py        |    2 -
 tools/python/xen/xm/dry-run.py       |   13 +++++++----
 tools/python/xen/xm/dumppolicy.py    |    8 +++----
 tools/python/xen/xm/getlabel.py      |   38 ++++++++++++++++-------------------
 tools/python/xen/xm/labels.py        |    4 ++-
 tools/python/xen/xm/loadpolicy.py    |    5 ++--
 tools/python/xen/xm/makepolicy.py    |    3 +-
 tools/python/xen/xm/resources.py     |   21 +++++++++++--------
 tools/python/xen/xm/rmlabel.py       |    6 +----
 11 files changed, 58 insertions(+), 52 deletions(-)

Index: xen-unstable.hg-shype/tools/python/xen/xm/addlabel.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/addlabel.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/addlabel.py
@@ -20,8 +20,6 @@
 """Labeling a domain configuration file or a resoruce.
 """
 import sys, os
-import string
-import traceback
 from xen.util import dictio
 from xen.util import security
 
@@ -33,6 +31,7 @@ def usage():
     print "  resource. It derives the policy from the running hypervisor"
     print "  if it is not given (optional parameter). If a label already"
     print "  exists for the given domain or resource, then addlabel fails.\n"
+    security.err("Usage")
 
 
 def validate_config_file(configfile):
@@ -134,7 +133,6 @@ def main (argv):
                 for prefix in [".", "/etc/xen"]:
                     configfile = prefix + "/" + configfile
                     if os.path.isfile(configfile):
-                        fd = open(configfile, "rb")
                         break
             if not validate_config_file(configfile):
                 usage()
@@ -147,7 +145,7 @@ def main (argv):
             usage()
 
     except security.ACMError:
-        traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/cfgbootpolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/cfgbootpolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/cfgbootpolicy.py
@@ -87,7 +87,6 @@ def insert_policy(boot_file, kernel_vers
     within_xen_entry = 0
     insert_at_end_of_entry = 0
     path_prefix = ''
-    done = False
     (tmp_fd, tmp_grub) = tempfile.mkstemp()
     #follow symlink since menue.lst might be linked to grub.conf
     if stat.S_ISLNK(os.lstat(boot_file)[stat.ST_MODE]):
@@ -175,9 +174,10 @@ def main(argv):
         print "Boot entry created and \'%s\' copied to /boot" % (policy + 
".bin")
 
     except ACMError:
-        pass
+        sys.exit(-1)
     except:
         traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 
Index: xen-unstable.hg-shype/tools/python/xen/xm/create.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/create.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/create.py
@@ -1155,7 +1155,7 @@ def create_security_check(config):
         else:
             print "Checking resources: (skipped)"
     except security.ACMError:
-        traceback.print_exc(limit=1)
+        sys.exit(-1)
 
     return passed
 
Index: xen-unstable.hg-shype/tools/python/xen/xm/dry-run.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/dry-run.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/dry-run.py
@@ -18,6 +18,7 @@
 
 """Tests the security settings for a domain and its resources.
 """
+import sys
 from xen.util import security
 from xen.xm import create
 from xen.xend import sxp
@@ -28,14 +29,14 @@ def usage():
     print "to see if the domain created by the configfile can access"
     print "the resources.  The status of each resource is listed"
     print "individually along with the final security decision.\n"
+    security.err("Usage")
 
 
 def main (argv):
-    if len(argv) != 2:
-        usage()
-        return
-
     try:
+        if len(argv) != 2:
+            usage()
+
         passed = 0
         (opts, config) = create.parseCommandLine(argv)
         if create.check_domain_label(config, verbose=1):
@@ -48,8 +49,10 @@ def main (argv):
             print "Dry Run: PASSED"
         else:
             print "Dry Run: FAILED"
+            sys.exit(-1)
+
     except security.ACMError:
-        pass
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/dumppolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/dumppolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/dumppolicy.py
@@ -18,7 +18,6 @@
 """Display currently enforced policy (low-level hypervisor representation).
 """
 import sys
-import traceback
 from xen.util.security import ACMError, err, dump_policy
 
 
@@ -31,12 +30,13 @@ def usage():
 
 def main(argv):
     try:
+        if len(argv) != 1:
+            usage()
+
         dump_policy()
 
     except ACMError:
-        pass
-    except:
-        traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/getlabel.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/getlabel.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/getlabel.py
@@ -19,8 +19,6 @@
 """Show the label for a domain or resoruce.
 """
 import sys, os, re
-import string
-import traceback
 from xen.util import dictio
 from xen.util import security
 
@@ -28,6 +26,7 @@ def usage():
     print "\nUsage: xm getlabel dom <configfile>"
     print "       xm getlabel res <resource>\n"
     print "  This program shows the label for a domain or resource.\n"
+    security.err("Usage")
 
 
 def get_resource_label(resource):
@@ -38,8 +37,7 @@ def get_resource_label(resource):
     try:
         access_control = dictio.dict_read("resources", file)
     except:
-        print "Resource label file not found"
-        return
+        security.err("Resource label file not found")
 
     # get the entry and print label
     if access_control.has_key(resource):
@@ -63,8 +61,7 @@ def get_domain_label(configfile):
                 fd = open(file, "rb")
                 break
     if not fd:
-        print "Configuration file '"+configfile+"' not found."
-        return
+        security.err("Configuration file '"+configfile+"' not found.")
 
     # read in the domain config file, finding the label line
     ac_entry_re = re.compile("^access_control\s*=.*", re.IGNORECASE)
@@ -82,8 +79,7 @@ def get_domain_label(configfile):
 
     # send error message if we didn't find anything
     if acline == "":
-        print "Label does not exist in domain configuration file."
-        return
+        security.err("Label does not exist in domain configuration file.")
 
     # print out the label
     (title, data) = acline.split("=", 1)
@@ -94,19 +90,21 @@ def get_domain_label(configfile):
 
 
 def main (argv):
-    if len(argv) != 3:
-        usage()
-        return
-
-    if argv[1].lower() == "dom":
-        configfile = argv[2]
-        get_domain_label(configfile)
-    elif argv[1].lower() == "res":
-        resource = argv[2]
-        get_resource_label(resource)
-    else:
-        usage()
+    try:
+        if len(argv) != 3:
+            usage()
+
+        if argv[1].lower() == "dom":
+            configfile = argv[2]
+            get_domain_label(configfile)
+        elif argv[1].lower() == "res":
+            resource = argv[2]
+            get_resource_label(resource)
+        else:
+            usage()
 
+    except security.ACMError:
+        sys.exit(-1)
 
 if __name__ == '__main__':
     main(sys.argv)
Index: xen-unstable.hg-shype/tools/python/xen/xm/labels.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/labels.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/labels.py
@@ -70,10 +70,12 @@ def main(argv):
         labels.sort()
         for label in labels:
             print label
+
     except ACMError:
-        pass
+        sys.exit(-1)
     except:
         traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/loadpolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/loadpolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/loadpolicy.py
@@ -34,11 +34,12 @@ def main(argv):
         if len(argv) != 2:
             usage()
         load_policy(argv[1])
+
     except ACMError:
-        pass
+        sys.exit(-1)
     except:
         traceback.print_exc(limit=1)
-
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
Index: xen-unstable.hg-shype/tools/python/xen/xm/makepolicy.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/makepolicy.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/makepolicy.py
@@ -37,9 +37,10 @@ def main(argv):
         make_policy(argv[1])
 
     except ACMError:
-        pass
+        sys.exit(-1)
     except:
         traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 
Index: xen-unstable.hg-shype/tools/python/xen/xm/resources.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/resources.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/resources.py
@@ -18,8 +18,7 @@
 
 """List the resource label information from the global resource label file
 """
-import sys, os
-import string
+import sys
 from xen.util import dictio
 from xen.util import security
 
@@ -27,6 +26,7 @@ def usage():
     print "\nUsage: xm resource\n"
     print "  This program lists information for each resource in the"
     print "  global resource label file\n"
+    security.err("Usage")
 
 
 def print_resource_data(access_control):
@@ -41,14 +41,19 @@ def print_resource_data(access_control):
 
 def main (argv):
     try:
-        file = security.res_label_filename
-        access_control = dictio.dict_read("resources", file)
-    except:
-        print "Resource file not found."
-        return
+        if len(argv) != 1:
+            usage()
 
-    print_resource_data(access_control)
+        try:
+            file = security.res_label_filename
+            access_control = dictio.dict_read("resources", file)
+        except:
+            security.err("Error reading resource file.")
 
+        print_resource_data(access_control)
+
+    except security.ACMError:
+        sys.exit(-1)
 
 if __name__ == '__main__':
     main(sys.argv)
Index: xen-unstable.hg-shype/tools/python/xen/xm/rmlabel.py
===================================================================
--- xen-unstable.hg-shype.orig/tools/python/xen/xm/rmlabel.py
+++ xen-unstable.hg-shype/tools/python/xen/xm/rmlabel.py
@@ -19,8 +19,6 @@
 """Remove a label from a domain configuration file or a resoruce.
 """
 import sys, os, re
-import string
-import traceback
 from xen.util import dictio
 from xen.util import security
 
@@ -31,6 +29,7 @@ def usage():
     print "  for a domain or from the global resource label file for a"
     print "  resource. If the label does not exist for the given domain or"
     print "  resource, then rmlabel fails.\n"
+    security.err("Usage")
 
 
 def rm_resource_label(resource):
@@ -97,7 +96,6 @@ def main (argv):
     try:
         if len(argv) != 3:
             usage()
-            return
 
         if argv[1].lower() == "dom":
             configfile = argv[2]
@@ -109,7 +107,7 @@ def main (argv):
             usage()
 
     except security.ACMError:
-        traceback.print_exc(limit=1)
+        sys.exit(-1)
 
 
 if __name__ == '__main__':
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.