diff options
author | Keir Fraser <keir.fraser@citrix.com> | 2007-12-05 09:44:20 +0000 |
---|---|---|
committer | Keir Fraser <keir.fraser@citrix.com> | 2007-12-05 09:44:20 +0000 |
commit | 0ea4d2fb34ca99021271c8c16e8b3d87af3c5611 (patch) | |
tree | b327efb2975bf3306c2e29c6baf3a1b4253bb83f /tools/xm-test | |
parent | c568950276dd795803aab37ba4770288455e3451 (diff) | |
download | xen-0ea4d2fb34ca99021271c8c16e8b3d87af3c5611.tar.gz xen-0ea4d2fb34ca99021271c8c16e8b3d87af3c5611.tar.bz2 xen-0ea4d2fb34ca99021271c8c16e8b3d87af3c5611.zip |
Implement legacy XML-RPC interface for ACM commands.
This patch implements a (non Xen-API) legacy XML-RPC interface for the
ACM commands and funnels the calls into code introduced by the Xen-API
support for ACM security management. Since some of the functionality
has changed, also the xm applications have changed. In particular the
following old commands have been removed along with some tools the
have become obsolete now:
- loadpolicy (included in: setpolicy)
- makepolicy (included in: setpolicy)
- cfgbootpolicy (included in: setpolicy)
and the following commands been introduced:
- setpolicy
- getpolicy
- resetpolicy
All tools have been adapted to work in Xen-API and legacy XML-RPC
mode. Both modes support the same functionality.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
Diffstat (limited to 'tools/xm-test')
-rw-r--r-- | tools/xm-test/lib/XmTestLib/acm.py | 58 | ||||
-rw-r--r-- | tools/xm-test/tests/security-acm/01_security-acm_basic.py | 6 | ||||
-rw-r--r-- | tools/xm-test/tests/security-acm/acm_utils.py | 2 |
3 files changed, 12 insertions, 54 deletions
diff --git a/tools/xm-test/lib/XmTestLib/acm.py b/tools/xm-test/lib/XmTestLib/acm.py index 23564b5096..5e1c87627f 100644 --- a/tools/xm-test/lib/XmTestLib/acm.py +++ b/tools/xm-test/lib/XmTestLib/acm.py @@ -34,56 +34,20 @@ acm_verbose = False def isACMEnabled(): return security.on() - -def getSystemPolicyName(): - s,o = traceCommand("xm getpolicy") - m = re.compile("Policy name[\s]*: ([A-z\-]+)").search(o) - if m: - polname = m.group(1) - return polname - return "" - - -def ACMLoadPolicy_XenAPI(policy='xm-test'): - polname = getSystemPolicyName() - if polname != policy: - # Try it, maybe it's not activated - traceCommand("xm setpolicy %s %s" % - (xsconstants.ACM_POLICY_ID, policy)) - polname = getSystemPolicyName() - if polname != policy: - FAIL("Need to have a system with no or policy '%s' active, " - "not %s" % (policy,polname)) - else: - s, o = traceCommand("xm activatepolicy --load") - else: - s, o = traceCommand("xm activatepolicy --load") - if not re.search("Successfully", o): - FAIL("Could not set the policy '%s'." % policy) - - -def ACMLoadPolicy(policy='xm-test'): - from xen.xm import main - if main.serverType == main.SERVER_XEN_API: - ACMLoadPolicy_XenAPI() - else: - cmd='xm dumppolicy | grep -E "^POLICY REFERENCE = ' + policy + '.$"' - s, o = traceCommand(cmd) - if o != "": - return - s, o = traceCommand("xm makepolicy %s" % (policy)) - if s != 0: - FAIL("Need to be able to do 'xm makepolicy %s' but could not" % - (policy)) - s, o = traceCommand("xm loadpolicy %s" % (policy)) - if s != 0: - FAIL("Could not load the required policy '%s'.\n" - "Start the system without any policy.\n%s" % - (policy, o)) +def ACMSetPolicy(policy='xm-test'): + cmd='xm dumppolicy | grep -E "^POLICY REFERENCE = ' + policy + '.$"' + s, o = traceCommand(cmd) + if o != "": + return + s, o = traceCommand("xm setpolicy ACM %s" % (policy)) + if s != 0: + FAIL("Could not load the required policy '%s'.\n" + "Start the system without any policy.\n%s" % \ + (policy, o)) def ACMPrepareSystem(resources): if isACMEnabled(): - ACMLoadPolicy() + ACMSetPolicy() ACMLabelResources(resources) def ACMLabelResources(resources): diff --git a/tools/xm-test/tests/security-acm/01_security-acm_basic.py b/tools/xm-test/tests/security-acm/01_security-acm_basic.py index 26666f1faa..7876c51d1b 100644 --- a/tools/xm-test/tests/security-acm/01_security-acm_basic.py +++ b/tools/xm-test/tests/security-acm/01_security-acm_basic.py @@ -6,7 +6,6 @@ # A couple of simple tests that test ACM security extensions # for the xm tool. The following xm subcommands are tested: # -# - makepolicy # - labels # - rmlabel # - addlabel @@ -28,11 +27,6 @@ testresource = "phy:ram0" if not isACMEnabled(): SKIP("Not running this test since ACM not enabled.") -status, output = traceCommand("xm makepolicy %s" % (testpolicy)) -if status != 0: - FAIL("'xm makepolicy' failed with status %d and output\n%s" % - (status,output)); - status, output = traceCommand("xm labels %s" % (testpolicy)) if status != 0: FAIL("'xm labels' failed with status %d.\n" % status) diff --git a/tools/xm-test/tests/security-acm/acm_utils.py b/tools/xm-test/tests/security-acm/acm_utils.py index 29608a38a4..67857fb2d9 100644 --- a/tools/xm-test/tests/security-acm/acm_utils.py +++ b/tools/xm-test/tests/security-acm/acm_utils.py @@ -12,4 +12,4 @@ vmconfigfile = "/tmp/xm-test.conf" if not isACMEnabled(): SKIP("Not running this test since ACM not enabled.") -ACMLoadPolicy(testpolicy) +ACMSetPolicy(testpolicy) |