Commit 7f44b7d4 authored by Łukasz Nowak's avatar Łukasz Nowak

manager: Support manager:devperm allowed-disk-for-vm

parent f49bb9fb
Pipeline #8707 failed with stage
in 0 seconds
...@@ -18,6 +18,15 @@ class Manager(object): ...@@ -18,6 +18,15 @@ class Manager(object):
"""Manager needs to know config for its functioning. """Manager needs to know config for its functioning.
""" """
self.config = config self.config = config
self.allowed_disk_for_vm = None
if 'manager' in config:
if 'devperm' in config['manager']:
if 'allowed-disk-for-vm' in config['manager']['devperm']:
self.allowed_disk_for_vm = []
for line in config['manager']['devperm']['allowed-disk-for-vm'].splitlines():
line = line.strip()
if line:
self.allowed_disk_for_vm.append(line)
def format(self, computer): def format(self, computer):
"""Method called at `slapos node format` phase. """Method called at `slapos node format` phase.
...@@ -73,6 +82,7 @@ class Manager(object): ...@@ -73,6 +82,7 @@ class Manager(object):
logger.warning("Disk is None: %s " % disk_list, exc_info=True) logger.warning("Disk is None: %s " % disk_list, exc_info=True)
continue continue
disk = str(disk)
original = disk original = disk
try: try:
while os.path.islink(disk): while os.path.islink(disk):
...@@ -81,7 +91,12 @@ class Manager(object): ...@@ -81,7 +91,12 @@ class Manager(object):
logger.warning("Problem resolving link: %s " % original, exc_info=True) logger.warning("Problem resolving link: %s " % original, exc_info=True)
continue continue
if not str(disk).startswith("/dev/"): if self.allowed_disk_for_vm is not None:
if disk not in self.allowed_disk_for_vm:
logger.warning('Disk %s not in allowed disk list %s', disk, ', '.join(self.allowed_disk_for_vm))
continue
if not disk.startswith("/dev/"):
logger.warning("Bad disk definition: %s " % disk_list, exc_info=True) logger.warning("Bad disk definition: %s " % disk_list, exc_info=True)
continue continue
......
...@@ -3066,11 +3066,25 @@ class TestSlapgridWithPortRedirection(MasterMixin, unittest.TestCase): ...@@ -3066,11 +3066,25 @@ class TestSlapgridWithPortRedirection(MasterMixin, unittest.TestCase):
class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase): class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase):
config = {'manager_list': 'devperm'}
def setUpExpected(self):
gid = grp.getgrnam("disk").gr_gid
uid = os.stat(os.environ['HOME']).st_uid
self.test_os_chown_call_list = [
['/dev/tst', uid, gid],
['/dev/tst', uid, gid],
]
self.test_link_os_chown_call_list = [
['/dev/tst', uid, gid],
['/dev/tst', uid, gid],
]
def setUp(self): def setUp(self):
self.setUpExpected()
self.os_chown_call_list = [] self.os_chown_call_list = []
MasterMixin.setUp(self) MasterMixin.setUp(self)
manager_list = slapmanager.from_config({'manager_list': 'devperm'}) manager_list = slapmanager.from_config(self.config)
self.grid._manager_list = manager_list self.grid._manager_list = manager_list
self.computer = ComputerForTest(self.software_root, self.instance_root) self.computer = ComputerForTest(self.software_root, self.instance_root)
...@@ -3138,14 +3152,9 @@ class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase): ...@@ -3138,14 +3152,9 @@ class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase):
patch.object(os, 'chown', new=self.os_chown): patch.object(os, 'chown', new=self.os_chown):
self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS) self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS)
gid = grp.getgrnam("disk").gr_gid
uid = os.stat(os.environ['HOME']).st_uid
self.assertEqual( self.assertEqual(
self.os_chown_call_list, self.os_chown_call_list,
[ self.test_os_chown_call_list
['/dev/tst', uid, gid],
['/dev/tst', uid, gid],
]
) )
def test_link(self): def test_link(self):
...@@ -3164,14 +3173,9 @@ class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase): ...@@ -3164,14 +3173,9 @@ class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase):
patch.object(os.path, 'islink', new=self.os_path_islink): patch.object(os.path, 'islink', new=self.os_path_islink):
self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS) self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS)
gid = grp.getgrnam("disk").gr_gid
uid = os.stat(os.environ['HOME']).st_uid
self.assertEqual( self.assertEqual(
self.os_chown_call_list, self.os_chown_call_list,
[ self.test_link_os_chown_call_list
['/dev/tst', uid, gid],
['/dev/tst', uid, gid],
]
) )
def test_bad_link(self): def test_bad_link(self):
...@@ -3190,8 +3194,6 @@ class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase): ...@@ -3190,8 +3194,6 @@ class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase):
patch.object(os.path, 'islink', new=self.os_path_islink): patch.object(os.path, 'islink', new=self.os_path_islink):
self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS) self.assertEqual(self.grid.processComputerPartitionList(), slapgrid.SLAPGRID_SUCCESS)
gid = grp.getgrnam("disk").gr_gid
uid = os.stat(os.environ['HOME']).st_uid
self.assertEqual( self.assertEqual(
self.os_chown_call_list, self.os_chown_call_list,
[] []
...@@ -3236,6 +3238,44 @@ class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase): ...@@ -3236,6 +3238,44 @@ class TestSlapgridWithDevPerm(MasterMixin, unittest.TestCase):
) )
class TestSlapgridWithDevPermManagerDevPermEmpty(TestSlapgridWithDevPerm):
config = {
'manager_list': 'devperm',
'manager': {'devperm': {}}
}
class TestSlapgridWithDevPermManagerDevPermListEmpty(TestSlapgridWithDevPerm):
config = {
'manager_list': 'devperm',
'manager': {'devperm': {'allowed-disk-for-vm': ''}}
}
def setUpExpected(self):
self.test_os_chown_call_list = [
]
self.test_link_os_chown_call_list = [
]
class TestSlapgridWithDevPermManagerDevPermDisallow(TestSlapgridWithDevPerm):
config = {
'manager_list': 'devperm',
'manager': {'devperm': {'allowed-disk-for-vm': '/dev/quo'}}
}
def setUpExpected(self):
self.test_os_chown_call_list = [
]
self.test_link_os_chown_call_list = [
]
class TestSlapgridWithDevPermManagerDevPermAllow(TestSlapgridWithDevPerm):
config = {
'manager_list': 'devperm',
'manager': {'devperm': {'allowed-disk-for-vm': '/dev/tst'}}
}
class TestSlapgridManagerLifecycle(MasterMixin, unittest.TestCase): class TestSlapgridManagerLifecycle(MasterMixin, unittest.TestCase):
def setUp(self): def setUp(self):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment