def start(args, stdin=None, stdout=None, stderr=None, cwd=None, env=None,
sudo=False, setsid=False, nice=None, ioclass=None, ioclassdata=None,
reset_cpu_affinity=True):
"""
Starts a command and return it. The caller is responsible for communicating
with the commmand, waiting for it, and if needed, terminating it.
args are always logged when command starts. If args contain sensitive
information that should not be logged, such as passwords, they must be
wrapped with ProtectedPassword.
Arguments:
args (list): Command arguments
stdin (file or int): file object or descriptor for sending data to the
child process stdin.
stdout (file or int): file object or descriptor for receiving data from
the child process stdout.
stderr (file or int): file object or descriptor for receiving data from
the child process stderr.
cwd (str): working directory for the child process
env (dict): environment of the new child process
sudo (bool): if set to True, run the command via sudo
nice (int): if not None, run the command via nice command with the
specified nice value
ioclass (int): if not None, run the command with the ionice command
using specified ioclass value.
ioclassdata (int): if ioclass is set, the scheduling class data. 0-7
are valid data (priority levels).
reset_cpu_affinity (bool): Run the command via the taskset command,
allowing the child process to run on all cpus (default True).
Returns:
subprocess.Popen instance or commands.PrivilegedPopen if sudo is True.
Raises:
OSError if the command could not start.
"""
args = cmdutils.wrap_command(
args,
with_ioclass=ioclass,
ioclassdata=ioclassdata,
with_nice=nice,
with_setsid=setsid,
with_sudo=sudo,
reset_cpu_affinity=reset_cpu_affinity,
)
log.debug(cmdutils.command_log_line(args, cwd=cwd))
args = [password.unprotect(a) for a in args]
cmd_class = PrivilegedPopen if sudo else subprocess.Popen
return cmd_class(
args,
cwd=cwd,
stdin=stdin,
stdout=stdout,
stderr=stderr,
env=env)
def testSetSaslPasswordInFips(self):
graphics_params = dict(_GRAPHICS_DEVICE_PARAMS)
del graphics_params['existingConnAction']
device = self.GRAPHIC_DEVICES[1] # VNC
graphics_xml = ('<graphics type="%s" port="5900"/>' %
(device['device'], ))
device_xml = '<devices>%s</devices>' % (graphics_xml, )
with fake.VM(xmldevices=graphics_xml) as testvm:
def _fake_set_vnc_pwd(username, pwd):
testvm.pwd = pwd
testvm.username = username
testvm._dom = fake.Domain(device_xml)
testvm.pwd = "invalid"
params = {'graphicsType': device['device']}
params.update(graphics_params)
params['params']['fips'] = 'true'
params['params']['vncUsername'] = '******'
with MonkeyPatchScope([(saslpasswd2, 'set_vnc_password',
_fake_set_vnc_pwd)]):
testvm.updateDevice(params)
assert password.unprotect(params['password']) == \
testvm.pwd
assert params['params']['vncUsername'] == testvm.username
def testSetSaslPasswordInFips(self):
graphics_params = dict(_GRAPHICS_DEVICE_PARAMS)
del graphics_params['existingConnAction']
device = self.GRAPHIC_DEVICES[1] # VNC
graphics_xml = ('<graphics type="%s" port="5900"/>' %
(device['device'],))
device_xml = '<devices>%s</devices>''' % (graphics_xml,)
with fake.VM(xmldevices=graphics_xml) as testvm:
def _fake_set_vnc_pwd(username, pwd):
testvm.pwd = pwd
testvm.username = username
testvm._dom = fake.Domain(device_xml)
testvm.pwd = "invalid"
params = {'graphicsType': device['device']}
params.update(graphics_params)
params['params']['fips'] = 'true'
params['params']['vncUsername'] = '******'
with MonkeyPatchScope([(saslpasswd2, 'set_vnc_password',
_fake_set_vnc_pwd)]):
testvm.updateDevice(params)
self.assertEqual(password.unprotect(params['password']),
testvm.pwd)
self.assertEqual(params['params']['vncUsername'], testvm.username)
def test_supervdsm_read_write(monkeypatch):
with directory_data(monkeypatch):
encoded, _modified = virt.read_tpm_data(UUID, -1)
assert password.unprotect(encoded)
with temporary_directory(monkeypatch):
virt.write_tpm_data(UUID, encoded)
assert encoded == virt.read_tpm_data(UUID, -1)[0]
def write_tpm_data(vm_id, tpm_data):
"""
Write TPM data for the given VM.
:param vm_id: VM id
:type vm_id: string
:param tpm_data: encoded TPM data as previously obtained from
`read_tpm_data()`
:type tpm_data: ProtectedPassword
"""
tpm_data = password.unprotect(tpm_data)
# Permit only archives with plain files and directories to prevent various
# kinds of attacks.
with tempfile.TemporaryDirectory() as d:
accessor = filedata.DirectoryData(os.path.join(d, 'check'))
accessor.store(tpm_data)
for root, dirs, files in os.walk(d):
for f in files:
path = os.path.join(root, f)
if not os.path.isfile(path):
logging.error("Special file in TPM data: %s", path)
raise exception.ExternalDataFailed(
reason="Cannot write TPM data with non-regular files",
path=path)
# OK, write the data to the target location
accessor = filedata.DirectoryData(filedata.tpm_path(vm_id))
accessor.store(tpm_data)
def start(args, stdin=None, stdout=None, stderr=None, cwd=None, env=None,
sudo=False, setsid=False, nice=None, ioclass=None, ioclassdata=None,
reset_cpu_affinity=True):
"""
Starts a command and return it. The caller is responsible for communicating
with the commmand, waiting for it, and if needed, terminating it.
args are always logged when command starts. If args contain sensitive
information that should not be logged, such as passwords, they must be
wrapped with ProtectedPassword.
Arguments:
args (list): Command arguments
stdin (file or int): file object or descriptor for sending data to the
child process stdin.
stdout (file or int): file object or descriptor for receiving data from
the child process stdout.
stderr (file or int): file object or descriptor for receiving data from
the child process stderr.
cwd (str): working directory for the child process
env (dict): environment of the new child process
sudo (bool): if set to True, run the command via sudo
nice (int): if not None, run the command via nice command with the
specified nice value
ioclass (int): if not None, run the command with the ionice command
using specified ioclass value.
ioclassdata (int): if ioclass is set, the scheduling class data. 0-7
are valid data (priority levels).
reset_cpu_affinity (bool): Run the command via the taskset command,
allowing the child process to run on all cpus (default True).
Returns:
subprocess.Popen instance or commands.PrivilegedPopen if sudo is True.
Raises:
OSError if the command could not start.
"""
args = cmdutils.wrap_command(
args,
with_ioclass=ioclass,
ioclassdata=ioclassdata,
with_nice=nice,
with_setsid=setsid,
with_sudo=sudo,
reset_cpu_affinity=reset_cpu_affinity,
)
log.debug(cmdutils.command_log_line(args, cwd=cwd))
args = [password.unprotect(a) for a in args]
cmd_class = PrivilegedPopen if sudo else subprocess.Popen
return cmd_class(
args,
cwd=cwd,
stdin=stdin,
stdout=stdout,
stderr=stdout,
env=env)
def write_nvram_data(vm_id, nvram_data):
nvram_data = password.unprotect(nvram_data)
nvram_path = filedata.nvram_path(vm_id)
# Create the file with restricted permissions owned by root
if os.path.exists(nvram_path):
os.remove(nvram_path)
fd = os.open(nvram_path, os.O_WRONLY | os.O_CREAT | os.O_EXCL, mode=0o600)
os.close(fd)
# Write content
accessor = filedata.FileData(nvram_path)
accessor.store(nvram_data)