On Tue, Apr 02, 2013 at 06:11:28PM -0400, Dan Walsh wrote:
> This way we can share common methods between the ServiceContainer and the
> InteractiveContainer
> ---
> bin/virt-sandbox-service | 823 ++++++++++++++++++++++++++---------------------
> 1 file changed, 450 insertions(+), 373 deletions(-)
>
> diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service
> index 9f4941b..f4d0eff 100755
> --- a/bin/virt-sandbox-service
> +++ b/bin/virt-sandbox-service
> @@ -58,56 +58,387 @@ def read_config(name):
> return LibvirtSandbox.Config.load_from_path(get_config_path(name))
>
> class Container:
> + DEFAULT_PATH = "/var/lib/libvirt/filesystems"
> + DEFAULT_IMAGE = "/var/lib/libvirt/images/%s.raw"
> + SELINUX_FILE_TYPE = "svirt_lxc_file_t"
> +
> + def __init__(self, name=None, uri = "lxc:///", path = DEFAULT_PATH, config=None, create=False):
> + self.uri = uri
> + self.use_image = False
> + self.size = 10 * MB
> + self.path = path
> + self.config = None
> + if self.config:
> + self.name = self.config.get_name()
> + else:
> + self.name = name
> + self.dest = "%s/%s" % (self.path, self.name)
> + self.file_type = self.SELINUX_FILE_TYPE
> + self.conn = None
> + self.image = None
> + self.uid = 0
> +
> + def get_file_type(self):
> + return self.file_type
> +
> + def set_file_type(self, file_type):
> + self.file_type = file_type
> +
> + def set_uid(self, uid):
> + self.uid = uid
> +
> + def get_uid(self):
> + return self.uid
> +
> + def get_config_path(self, name = None):
> + if not name:
> + name = self.name
> + return get_config_path(name)
> +
> + def get_filesystem_path(self, name = None):
> + if not name:
> + name = self.get_name()
> + return self.DEFAULT_PATH + "/" + name
> +
> + def get_image_path(self, name = None):
> + if not name:
> + name = self.get_name()
> + return self.DEFAULT_IMAGE % name
> +
> + def set_image(self, size):
> + self.use_image = True
> + self.size = size * MB
> +
> + def set_path(self, path):
> + self.path = path
> + self.dest = "%s/%s" % (self.path, self.name)
> +
> + def get_name(self):
> + return self.name
> +
> + def set_name(self, name):
> + if self.config:
> + raise ValueError([_("Cannot modify Name")])
> + self.name = name
> + self.dest = "%s/%s" % (self.path, self.name)
> +
> + def set_security(self, val):
> + return self.config.set_security_opts(val)
> +
> + def add_network(self, val):
> + return self.config.add_network_opts(val)
> +
> + def get_security_dynamic(self):
> + return self.config.get_security_dynamic()
> +
> + def get_security_type(self):
> + try:
> + if self.config:
> + con = self.config.get_security_label().split(':')
> + return con[2]
> + except:
> + pass
> + return "svirt_lxc_net_t"
> +
> + def get_security_level(self):
> + try:
> + if self.config:
> + con = self.config.get_security_label().split(':')
> + return ":".join(con[3:])
> + except:
> + pass
> + return "s0"
> +
> + def get_security_label(self):
> + return self.config.get_security_label()
> +
> + def set_security_label(self):
> + if selinux is None:
> + return
> +
> + if self.image or self.get_security_dynamic():
> + return
> +
> + selabel = self.get_security_label()
> + if selabel is None:
> + raise ValueError([_("Missing security label configuration")])
> + parts = selabel.split(":")
> + selinux.chcon(self.dest, "system_u:object_r:%s:%s" % (
> + self.get_file_type(), ":".join(parts[3:])), True)
> +
> + def set_security_type(self, security_type):
> + label = "system_u:system_r:%s:%s" % (security_type, self.get_security_level())
> + try:
> + selinux.security_check_context(label)
> + self.config.set_security_label(label)
> + except OSError, e:
> + raise OSError(_("Invalid Security Type %s: %s ") % (security_type, e))
> +
> + def set_security_level(self, security_level):
> + label = "system_u:system_r:%s:%s" % (self.get_security_type(), security_level)
> + try:
> + selinux.security_check_context(label)
> + self.config.set_security_label(label)
> + except OSError, e:
> + raise OSError(_("Invalid Security Level %s: %s ") % (security_level, e))
This patch seems to have had a bad merge. You're adding in new methods
here, which don't exist in the code being removed later. These methods
were things I deleted when removing SELinux-isms from this code.
> @@ -491,10 +701,13 @@ PrivateNetwork=false
> for f in self.BIND_SYSTEM_FILES:
> self._makefile(f)
>
> - shutil.copy(self.FUNCTIONS, "%s%s" % (self.dest, self.FUNCTIONS))
> + destpath = self.dest + self.SYSVINIT_PATH
> + for i in range(7):
> + os.mkdir(destpath+("/rc%s.d" % i))
> + os.mkdir(destpath+"/init.d")
This seems to be adding new functionality, not related to plain refactoring
> + shutil.copy(self.SYSVINIT_PATH + "/init.d/functions" , destpath + "/init.d")
>
> self.gen_machine_id()
> -
> self.gen_hostname()
>
> for k in self.LOCAL_LINK_FILES:
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list