Reviewed-by: Zhou Zheng Sheng <zhshzhou@linux.vnet.ibm.com> on 2014/01/03 15:42, shaohef@linux.vnet.ibm.com wrote:

From: ShaoHe Feng <shaohef@linux.vnet.ibm.com>

We want to fix the searchable permission for qemu user. But we should find the username of qemu process firstly.

searchable permission is a known problem. We have discussed several times on IRC.

Royce reports the qemu username is different on different distros

Adam, Aline, Royce and I think we can probe qemu username with the similar method of qemu iso stream support.

Zhou Zheng Sheng gives a better way to find the qemu process ID

Signed-off-by: ShaoHe Feng <shaohef@linux.vnet.ibm.com> Signed-off-by: Zhou Zheng Sheng <zhshzhou@linux.vnet.ibm.com> Signed-off-by: Royce Lv <lvroyce@linux.vnet.ibm.com> Signed-off-by: Aline Manera <alinefm@linux.vnet.ibm.com> --- Makefile.am | 3 ++- src/kimchi/Makefile.am | 1 + src/kimchi/kvmusertests.py | 66 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 src/kimchi/kvmusertests.py

diff --git a/Makefile.am b/Makefile.am index 1fb3502..bbb1273 100644 --- a/Makefile.am +++ b/Makefile.am @@ -45,12 +45,13 @@ PEP8_WHITELIST = \ src/kimchi/auth.py \ src/kimchi/cachebust.py \ src/kimchi/config.py.in \ + src/kimchi/control/*.py \ src/kimchi/disks.py \ src/kimchi/featuretests.py \ + src/kimchi/kvmusertests.py \ src/kimchi/rollbackcontext.py \ src/kimchi/root.py \ src/kimchi/server.py \ - src/kimchi/control/*.py \ tests/test_mockmodel.py \ tests/test_model.py \ tests/test_plugin.py \ diff --git a/src/kimchi/Makefile.am b/src/kimchi/Makefile.am index 88ccbf7..8dc079d 100644 --- a/src/kimchi/Makefile.am +++ b/src/kimchi/Makefile.am @@ -32,6 +32,7 @@ kimchi_PYTHON = \ exception.py \ featuretests.py \ isoinfo.py \ + kvmusertests.py \ mockmodel.py \ model.py \ netinfo.py \ diff --git a/src/kimchi/kvmusertests.py b/src/kimchi/kvmusertests.py new file mode 100644 index 0000000..3d69eb4 --- /dev/null +++ b/src/kimchi/kvmusertests.py @@ -0,0 +1,66 @@ +# +# Project Kimchi +# +# Copyright IBM, Corp. 2013 +# +# Authors: +# ShaoHe Feng <shaohef@linux.vnet.ibm.com> +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +import libvirt +import psutil +import uuid + + +from kimchi.rollbackcontext import RollbackContext + + +class UserTests(object): + SIMPLE_VM_XML = """ + <domain type='kvm'> + <name>%s</name> + <uuid>%s</uuid> + <memory unit='KiB'>10240</memory> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + </domain>""" + + def __init__(self): + self.vm_uuid = uuid.uuid3(uuid.NAMESPACE_DNS, 'vm-test.kimchi.org') + self.vm_name = "kimchi_test_%s" % self.vm_uuid + + def probe_user(self): + xml = self.SIMPLE_VM_XML % (self.vm_name, self.vm_uuid) + user = None + with RollbackContext() as rollback: + conn = libvirt.open('qemu:///system') + rollback.prependDefer(conn.close) + dom = conn.defineXML(xml) + rollback.prependDefer(dom.undefine) + dom.create() + rollback.prependDefer(dom.destroy) + with open('/var/run/libvirt/qemu/%s.pid' % self.vm_name) as f: + pidStr = f.read() + p = psutil.Process(int(pidStr)) + user = p.username + return user + + +if __name__ == '__main__': + ut = UserTests() + print ut.probe_user()

-- Thanks and best regards! Zhou Zheng Sheng / 周征晟 E-mail: zhshzhou@linux.vnet.ibm.com Telephone: 86-10-82454397