def runVdsm(baseDir="/usr/share/vdsm/", configFilePath="/etc/vdsm/vdsm.conf", loggerConfigurationPath='/etc/vdsm/logger.conf'): """ Start a VDSM instance in a new thread. Return a tuple ``(ClientIF, Thread Running VDSM)`` """ if pwd.getpwuid(os.geteuid())[0] != "vdsm": raise Exception("You can't run vdsm with any user other then 'vdsm'.") sys.path.append(baseDir) from vdsm.config import config from logging import config as lconfig import clientIF loggerConfFile = loggerConfigurationPath lconfig.fileConfig(loggerConfFile) log = logging.getLogger('vds') config.read(configFilePath) cif = clientIF.clientIF(log) t = threading.Thread(target=cif.serve) t.setDaemon(True) t.start() return (cif, t)
def runVdsm( baseDir="/usr/share/vdsm/", configFilePath="/etc/vdsm/vdsm.conf", loggerConfigurationPath="/etc/vdsm/logger.conf" ): """ Starts a VDSM instance in a new thread and returns a tuple ``(ClientIF, Thread Running VDSM)`` """ if pwd.getpwuid(os.geteuid())[0] != "vdsm": raise Exception("You can't run vdsm with any user other then 'vdsm'.") sys.path.append(baseDir) from vdsm.config import config from logging import config as lconfig import clientIF loggerConfFile = loggerConfigurationPath lconfig.fileConfig(loggerConfFile) log = logging.getLogger("vds") config.read(configFilePath) cif = clientIF.clientIF(log) t = threading.Thread(target=cif.serve) t.setDaemon(True) t.start() return (cif, t)
def configure(self): if os.getuid() != 0: raise NotRootError() self._sysvToUpstart() if utils.isOvirtNode(): if not os.path.exists(P_VDSM_CERT): raise InvalidRun( "vdsm: Missing certificate, vdsm not registered") validate_ovirt_certs.validate_ovirt_certs() # Remove a previous configuration (if present) self.removeConf() config.read(self._getFile('VDSM_CONF')) vdsmConfiguration = { 'certs_exist': all(os.path.isfile(f) for f in [ self.CA_FILE, self.CERT_FILE, self.KEY_FILE ]), 'ssl_enabled': config.getboolean('vars', 'ssl'), 'sanlock_enabled': SANLOCK_ENABLED, 'libvirt_selinux': LIBVIRT_SELINUX } # write configuration for cfile, content in self.FILES.items(): content['configure'](self, content, vdsmConfiguration)
def configure(self): if os.getuid() != 0: raise NotRootError() self._sysvToUpstart() if utils.isOvirtNode(): if not os.path.exists(P_VDSM_CERT): raise InvalidRun( "vdsm: Missing certificate, vdsm not registered") validate_ovirt_certs.validate_ovirt_certs() # Remove a previous configuration (if present) self.removeConf() config.read(self._getFile('VDSM_CONF')) vdsmConfiguration = { 'certs_exist': all( os.path.isfile(f) for f in [self.CA_FILE, self.CERT_FILE, self.KEY_FILE]), 'ssl_enabled': config.getboolean('vars', 'ssl'), 'sanlock_enabled': SANLOCK_ENABLED, 'libvirt_selinux': LIBVIRT_SELINUX } # write configuration for cfile, content in self.FILES.items(): content['configure'](self, content, vdsmConfiguration)
def _certsExist(): config.read( os.path.join( SYSCONF_PATH, 'vdsm/vdsm.conf' ) ) return not config.getboolean('vars', 'ssl') or\ os.path.isfile(CERT_FILE)
def _isSslConflict(): """ return True if libvirt configuration files match ssl configuration of vdsm.conf. """ config.read(_getFile('VDSM_CONF')) ssl = config.getboolean('vars', 'ssl') lconf_p = ParserWrapper({ 'listen_tcp': '0', 'auth_tcp': 'sasl', 'listen_tls': '1', }) lconf_p.read(_getFile('LCONF')) listen_tcp = lconf_p.getint('listen_tcp') auth_tcp = lconf_p.get('auth_tcp') listen_tls = lconf_p.getint('listen_tls') qconf_p = ParserWrapper({'spice_tls': '0'}) qconf_p.read(_getFile('QCONF')) spice_tls = qconf_p.getboolean('spice_tls') ret = True if ssl: if listen_tls != 0 and listen_tcp != 1 and auth_tcp != '"none"' and \ spice_tls != 0: sys.stdout.write( "SUCCESS: ssl configured to true. No conflicts\n") else: sys.stdout.write( "FAILED: " "conflicting vdsm and libvirt-qemu tls configuration.\n" "vdsm.conf with ssl=True " "requires the following changes:\n" "libvirtd.conf: listen_tcp=0, auth_tcp=\"sasl\", " "listen_tls=1\nqemu.conf: spice_tls=1.\n" ) ret = False else: if listen_tls == 0 and listen_tcp == 1 and auth_tcp == '"none"' and \ spice_tls == 0: sys.stdout.write( "SUCCESS: ssl configured to false. No conflicts.\n") else: sys.stdout.write( "FAILED: " "conflicting vdsm and libvirt-qemu tls configuration.\n" "vdsm.conf with ssl=False " "requires the following changes:\n" "libvirtd.conf: listen_tcp=1, auth_tcp=\"none\", " "listen_tls=0\n qemu.conf: spice_tls=0.\n" ) ret = False return ret
def configure(): if utils.isOvirtNode(): if not os.path.exists(constants.P_VDSM_CERT): raise InvalidRun("vdsm: Missing certificate, vdsm not registered") validate_ovirt_certs() # Remove a previous configuration (if present) removeConf() config.read(_getFile("VDSM_CONF")) vdsmConfiguration = { "ssl_enabled": config.getboolean("vars", "ssl"), "sanlock_enabled": constants.SANLOCK_ENABLED, "libvirt_selinux": constants.LIBVIRT_SELINUX, } # write configuration for cfile, content in FILES.items(): content["configure"](content, vdsmConfiguration)
def _isSslConflict(): """ return True if libvirt configuration files match ssl configuration of vdsm.conf. """ config.read(_getFile("VDSM_CONF")) ssl = config.getboolean("vars", "ssl") lconf_p = ParserWrapper({"listen_tcp": "0", "auth_tcp": "sasl"}) lconf_p.read(_getFile("LCONF")) listen_tcp = lconf_p.getint("listen_tcp") auth_tcp = lconf_p.get("auth_tcp") qconf_p = ParserWrapper({"spice_tls": "0"}) qconf_p.read(_getFile("QCONF")) spice_tls = qconf_p.getboolean("spice_tls") ret = True if ssl: if listen_tcp != 1 and auth_tcp != '"none"' and spice_tls != 0: sys.stdout.write("SUCCESS: ssl configured to true. No conflicts\n") else: sys.stdout.write( "FAILED: " "conflicting vdsm and libvirt-qemu tls configuration.\n" "vdsm.conf with ssl=True " "requires the following changes:\n" 'libvirtd.conf: listen_tcp=0, auth_tcp="sasl", \n' "qemu.conf: spice_tls=1.\n" ) ret = False else: if listen_tcp == 1 and auth_tcp == '"none"' and spice_tls == 0: sys.stdout.write("SUCCESS: ssl configured to false. No conflicts.\n") else: sys.stdout.write( "FAILED: " "conflicting vdsm and libvirt-qemu tls configuration.\n" "vdsm.conf with ssl=False " "requires the following changes:\n" 'libvirtd.conf: listen_tcp=1, auth_tcp="none", \n' "qemu.conf: spice_tls=0.\n" ) ret = False return ret
def configure(): if utils.isOvirtNode(): if not os.path.exists(constants.P_VDSM_CERT): raise InvalidRun("vdsm: Missing certificate, vdsm not registered") validate_ovirt_certs() # Remove a previous configuration (if present) removeConf() config.read(_getFile('VDSM_CONF')) vdsmConfiguration = { 'ssl_enabled': config.getboolean('vars', 'ssl'), 'sanlock_enabled': constants.SANLOCK_ENABLED, 'libvirt_selinux': constants.LIBVIRT_SELINUX } # write configuration for cfile, content in FILES.items(): content['configure'](content, vdsmConfiguration)
def configure(): _sysvToUpstart() if utils.isOvirtNode(): if not os.path.exists(constants.P_VDSM_CERT): raise InvalidRun( "vdsm: Missing certificate, vdsm not registered") validate_ovirt_certs() # Remove a previous configuration (if present) removeConf() config.read(_getFile('VDSM_CONF')) vdsmConfiguration = { 'ssl_enabled': config.getboolean('vars', 'ssl'), 'sanlock_enabled': constants.SANLOCK_ENABLED, 'libvirt_selinux': constants.LIBVIRT_SELINUX } # write configuration for cfile, content in FILES.items(): content['configure'](content, vdsmConfiguration)
def _certsExist(): config.read(os.path.join(SYSCONF_PATH, 'vdsm/vdsm.conf')) return not config.getboolean('vars', 'ssl') or\ os.path.isfile(CERT_FILE)
def _get_config_item(file, section, item, default): config.read(file) try: return config.get(section, item) except: return default