on 2014/01/02 19:12, shaohef@linux.vnet.ibm.com wrote:
From: ShaoHe Feng <shaohef@linux.vnet.ibm.com>
We want to fix the searchable permission for qemu user. But we should find the username of qemu process firstly.
searchable permission is a known problem. We have discussed several times on IRC.
Royce reports the qemu username is different on different distros
Adam, Aline, Royce and I think we can probe qemu username with the similar method of qemu iso stream support.
Zhou Zheng Sheng gives a better way to find the qemu process ID
Signed-off-by: ShaoHe Feng <shaohef@linux.vnet.ibm.com> Signed-off-by: Zhou Zheng Sheng <zhshzhou@linux.vnet.ibm.com> Signed-off-by: Royce Lv <lvroyce@linux.vnet.ibm.com> Signed-off-by: Aline Manera <alinefm@linux.vnet.ibm.com> --- Makefile.am | 3 ++- src/kimchi/kvmusertests.py | 66 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 src/kimchi/kvmusertests.py
diff --git a/Makefile.am b/Makefile.am index 1fb3502..bbb1273 100644 --- a/Makefile.am +++ b/Makefile.am @@ -45,12 +45,13 @@ PEP8_WHITELIST = \ src/kimchi/auth.py \ src/kimchi/cachebust.py \ src/kimchi/config.py.in \ + src/kimchi/control/*.py \ src/kimchi/disks.py \ src/kimchi/featuretests.py \ + src/kimchi/kvmusertests.py \ src/kimchi/rollbackcontext.py \ src/kimchi/root.py \ src/kimchi/server.py \ - src/kimchi/control/*.py \ tests/test_mockmodel.py \ tests/test_model.py \ tests/test_plugin.py \ diff --git a/src/kimchi/kvmusertests.py b/src/kimchi/kvmusertests.py new file mode 100644 index 0000000..1e55390 --- /dev/null +++ b/src/kimchi/kvmusertests.py @@ -0,0 +1,66 @@ +# +# Project Kimchi +# +# Copyright IBM, Corp. 2013 +# +# Authors: +# ShaoHe Feng <shaohef@linux.vnet.ibm.com> +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +import libvirt +import uuid +import psutil + +from kimchi.rollbackcontext import RollbackContext + + +SIMPLE_VM_XML = """ +<domain type='kvm'> + <name>%s</name> + <uuid>%s</uuid> + <memory unit='KiB'>32768</memory> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> +</domain>""" +
Is SIMPLE_VM_XML used by other module or other class? If not, it's better to move it to UserTests as a class member. class UserTests(object): SIMPLE_VM_XML = 'whatever' def probe_user(self): self.SIMPLE_VM_XML % whatever
+ +class UserTests(object): + def __init__(self): + self.vm_uuid = uuid.uuid3(uuid.NAMESPACE_DNS, 'vm-test.kimchi.org') + self.vm_name = "kimchi_test_%s" % self.vm_uuid + + def probe_user(self): + xml = SIMPLE_VM_XML % (self.vm_name, self.vm_uuid) + user = None + with RollbackContext() as rollback: + conn = libvirt.open('qemu:///system') + rollback.prependDefer(conn.close) + dom = conn.defineXML(xml) + rollback.prependDefer(dom.undefine) + dom.create() + rollback.prependDefer(dom.destroy) + with open('/var/run/libvirt/qemu/%s.pid' % self.vm_name) as f: + pidStr = f.read() + p = psutil.Process(int(pidStr)) + user = p.username + return user + + +if __name__ == '__main__': + ut = UserTests() + print ut.probe_user()
-- Thanks and best regards! Zhou Zheng Sheng / 周征晟 E-mail: zhshzhou@linux.vnet.ibm.com Telephone: 86-10-82454397