From Dan Kenigsberg <[email protected]>: Dan Kenigsberg has uploaded a new change for review.
Change subject: storage: validateDirAccess: move to fileUtils ...................................................................... storage: validateDirAccess: move to fileUtils validateDirAccess is the only thing keeping storageServer out of lib/vdsm. fileUtils is not a perfect location for it, but I did not find a better place. Change-Id: I21ead1cb635f8224cb09f7319ffcb55eebe2a9e3 Signed-off-by: Dan Kenigsberg <[email protected]> --- M lib/vdsm/storage/fileUtils.py M vdsm/storage/fileSD.py M vdsm/storage/localFsSD.py M vdsm/storage/nfsSD.py M vdsm/storage/storageServer.py 5 files changed, 27 insertions(+), 28 deletions(-) git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/15/73115/1 diff --git a/lib/vdsm/storage/fileUtils.py b/lib/vdsm/storage/fileUtils.py index 2e84d5f..71c7bef 100644 --- a/lib/vdsm/storage/fileUtils.py +++ b/lib/vdsm/storage/fileUtils.py @@ -37,7 +37,11 @@ import six from vdsm import constants +from vdsm import supervdsm from vdsm.common.network import address + +from . import exception as se +from . import outOfProcess log = logging.getLogger('storage.fileUtils') @@ -139,6 +143,25 @@ raise OSError(errno.EACCES, os.strerror(errno.EACCES)) +def validateDirAccess(dirPath): + try: + outOfProcess.getGlobalProcPool().fileUtils.validateAccess(dirPath) + supervdsm.getProxy().validateAccess( + constants.VDSM_USER, + (constants.VDSM_GROUP,), dirPath, + (os.R_OK | os.W_OK | os.X_OK)) + supervdsm.getProxy().validateAccess( + constants.QEMU_PROCESS_USER, + (constants.DISKIMAGE_GROUP, constants.METADATA_GROUP), dirPath, + (os.R_OK | os.X_OK)) + except OSError as e: + if e.errno == errno.EACCES: + raise se.StorageServerAccessPermissionError(dirPath) + raise + + return True + + def validateQemuReadable(targetPath): """ Validate that qemu process can read file diff --git a/vdsm/storage/fileSD.py b/vdsm/storage/fileSD.py index ab9ae21..9d76c3c 100644 --- a/vdsm/storage/fileSD.py +++ b/vdsm/storage/fileSD.py @@ -41,7 +41,6 @@ from vdsm import constants from vdsm.utils import stripNewLines from vdsm.storage.constants import LEASE_FILEEXT -from vdsm import supervdsm REMOTE_PATH = "REMOTE_PATH" @@ -64,27 +63,6 @@ ST_BYTES_PER_BLOCK = 512 _MOUNTLIST_IGNORE = ('/' + sd.BLOCKSD_DIR, '/' + sd.GLUSTERSD_DIR) - -getProcPool = oop.getGlobalProcPool - - -def validateDirAccess(dirPath): - try: - getProcPool().fileUtils.validateAccess(dirPath) - supervdsm.getProxy().validateAccess( - constants.VDSM_USER, - (constants.VDSM_GROUP,), dirPath, - (os.R_OK | os.W_OK | os.X_OK)) - supervdsm.getProxy().validateAccess( - constants.QEMU_PROCESS_USER, - (constants.DISKIMAGE_GROUP, constants.METADATA_GROUP), dirPath, - (os.R_OK | os.X_OK)) - except OSError as e: - if e.errno == errno.EACCES: - raise se.StorageServerAccessPermissionError(dirPath) - raise - - return True def validateFileSystemFeatures(sdUUID, mountDir): diff --git a/vdsm/storage/localFsSD.py b/vdsm/storage/localFsSD.py index 94db70d..a724a3d 100644 --- a/vdsm/storage/localFsSD.py +++ b/vdsm/storage/localFsSD.py @@ -59,7 +59,7 @@ if os.path.abspath(typeSpecificArg) != typeSpecificArg: raise se.StorageDomainIllegalRemotePath(typeSpecificArg) - fileSD.validateDirAccess(domPath) + fileUtils.validateDirAccess(domPath) fileSD.validateFileSystemFeatures(sdUUID, domPath) sd.validateDomainVersion(version) diff --git a/vdsm/storage/nfsSD.py b/vdsm/storage/nfsSD.py index 8c41952..fc020de 100644 --- a/vdsm/storage/nfsSD.py +++ b/vdsm/storage/nfsSD.py @@ -46,7 +46,7 @@ if not mount.isMounted(domPath): raise se.StorageDomainFSNotMounted(domPath) - fileSD.validateDirAccess(domPath) + fileUtils.validateDirAccess(domPath) fileSD.validateFileSystemFeatures(sdUUID, domPath) # Make sure there are no remnants of other domain diff --git a/vdsm/storage/storageServer.py b/vdsm/storage/storageServer.py index dc3fd80..28c93d1 100644 --- a/vdsm/storage/storageServer.py +++ b/vdsm/storage/storageServer.py @@ -40,8 +40,6 @@ from vdsm.storage import mount from vdsm.storage.mount import MountError -import fileSD - IscsiConnectionParameters = namedtuple("IscsiConnectionParameters", "target, iface, credentials") @@ -163,7 +161,7 @@ six.reraise(t, v, tb) else: try: - fileSD.validateDirAccess( + fileUtils.validateDirAccess( self.getMountObj().getRecord().fs_file) except se.StorageServerAccessPermissionError: t, v, tb = sys.exc_info() @@ -566,7 +564,7 @@ def checkTarget(self): if not os.path.isdir(self._path): raise se.StorageServerLocalNotDirError(self._path) - fileSD.validateDirAccess(self._path) + fileUtils.validateDirAccess(self._path) return True def checkLink(self): -- To view, visit https://gerrit.ovirt.org/73115 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I21ead1cb635f8224cb09f7319ffcb55eebe2a9e3 Gerrit-PatchSet: 1 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Dan Kenigsberg <[email protected]> _______________________________________________ vdsm-patches mailing list -- [email protected] To unsubscribe send an email to [email protected]
