def config_security_check(config, verbose):
"""Checks each resource listed in the config to see if the active
policy will permit creation of a new domain using the config.
Returns 1 if the config passes all tests, otherwise 0.
"""
answer = 1
# get the domain acm_label
domain_label = None
domain_policy = None
for x in sxp.children(config):
if sxp.name(x) == 'security':
domain_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
domain_policy = sxp.child_value(sxp.name(sxp.child0(x)), 'policy')
# if no domain label, use default
if not domain_label and security.on():
try:
domain_label = security.ssidref2label(security.NULL_SSIDREF)
except:
import traceback
traceback.print_exc(limit=1)
return 0
domain_policy = 'NULL'
elif not domain_label:
domain_label = ""
domain_policy = 'NULL'
if verbose:
print "Checking resources:"
# build a list of all resources in the config file
resources = []
for x in sxp.children(config):
if sxp.name(x) == 'device':
if sxp.name(sxp.child0(x)) == 'vbd':
resources.append(sxp.child_value(sxp.child0(x), 'uname'))
# perform a security check on each resource
for resource in resources:
try:
security.res_security_check(resource, domain_label)
if verbose:
print " %s: PERMITTED" % (resource)
except security.XSMError:
print " %s: DENIED" % (resource)
(poltype, res_label, res_policy) = security.get_res_label(resource)
if not res_label:
res_label = ""
print " --> res: %s (%s:%s)" % (str(res_label),
str(poltype), str(res_policy))
print " --> dom: %s (%s:%s)" % (str(domain_label),
str(poltype), str(domain_policy))
answer = 0
return answer
def config_security_check(config, verbose):
"""Checks each resource listed in the config to see if the active
policy will permit creation of a new domain using the config.
Returns 1 if the config passes all tests, otherwise 0.
"""
answer = 1
# get the domain acm_label
domain_label = None
domain_policy = None
for x in sxp.children(config):
if sxp.name(x) == 'security':
domain_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
domain_policy = sxp.child_value(sxp.name(sxp.child0(x)), 'policy')
# if no domain label, use default
if not domain_label and security.on():
try:
domain_label = security.ssidref2label(security.NULL_SSIDREF)
except:
import traceback
traceback.print_exc(limit=1)
return 0
domain_policy = 'NULL'
elif not domain_label:
domain_label = ""
domain_policy = 'NULL'
if verbose:
print "Checking resources:"
# build a list of all resources in the config file
resources = []
for x in sxp.children(config):
if sxp.name(x) == 'device':
if sxp.name(sxp.child0(x)) == 'vbd':
resources.append(sxp.child_value(sxp.child0(x), 'uname'))
# perform a security check on each resource
for resource in resources:
try:
security.res_security_check(resource, domain_label)
if verbose:
print " %s: PERMITTED" % (resource)
except security.XSMError:
print " %s: DENIED" % (resource)
(poltype, res_label, res_policy) = security.get_res_label(resource)
if not res_label:
res_label = ""
print " --> res: %s (%s:%s)" % (str(res_label), str(poltype),
str(res_policy))
print " --> dom: %s (%s:%s)" % (str(domain_label), str(poltype),
str(domain_policy))
answer = 0
return answer
def check_domain_label(config, verbose):
"""All that we need to check here is that the domain label exists and
is not null when security is on. Other error conditions are
handled when the config file is parsed.
"""
answer = 0
default_label = None
secon = 0
if security.on():
default_label = security.ssidref2label(security.NULL_SSIDREF)
secon = 1
# get the domain acm_label
dom_label = None
dom_name = None
for x in sxp.children(config):
if sxp.name(x) == 'security':
dom_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
if sxp.name(x) == 'name':
dom_name = sxp.child0(x)
# sanity check on domain label
if verbose:
print "Checking domain:"
if (not secon) and (not dom_label):
answer = 1
if verbose:
print " %s: PERMITTED" % (dom_name)
elif (secon) and (dom_label) and (dom_label != default_label):
answer = 1
if verbose:
print " %s: PERMITTED" % (dom_name)
else:
print " %s: DENIED" % (dom_name)
if not secon:
print " --> Security off, but domain labeled"
else:
print " --> Domain not labeled"
answer = 0
return answer
def check_domain_label(config, verbose):
"""All that we need to check here is that the domain label exists and
is not null when security is on. Other error conditions are
handled when the config file is parsed.
"""
answer = 0
default_label = None
secon = 0
if security.on():
default_label = security.ssidref2label(security.NULL_SSIDREF)
secon = 1
# get the domain acm_label
dom_label = None
dom_name = None
for x in sxp.children(config):
if sxp.name(x) == 'security':
dom_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
if sxp.name(x) == 'name':
dom_name = sxp.child0(x)
# sanity check on domain label
if verbose:
print "Checking domain:"
if (not secon) and (not dom_label):
answer = 1
if verbose:
print " %s: PERMITTED" % (dom_name)
elif (secon) and (dom_label) and (dom_label != default_label):
answer = 1
if verbose:
print " %s: PERMITTED" % (dom_name)
else:
print " %s: DENIED" % (dom_name)
if not secon:
print " --> Security off, but domain labeled"
else:
print " --> Domain not labeled"
answer = 0
return answer
def findImageHandlerClass(image):
"""Find the image handler class for an image config.
@param image config
@return ImageHandler subclass or None
"""
ty = sxp.name(image)
if ty is None:
raise VmError('missing image type')
imageClass = imageHandlerClasses.get(ty)
if imageClass is None:
raise VmError('unknown image type: ' + ty)
return imageClass
def dispatch(self, req):
op_name = sxp.name(req)
op_method_name = self.opname(op_name)
op_method = getattr(self, op_method_name, self.operror)
return op_method(op_name, req)
def dispatch(self, req):
op_name = sxp.name(req)
op_method_name = self.opname(op_name)
op_method = getattr(self, op_method_name, self.operror)
return op_method(op_name, req)
class XendClientProtocol:
"""Abstract class for xend clients.
"""
def xendRequest(self, url, method, args=None):
"""Make a request to xend.
Implement in a subclass.
@param url: xend request url
@param method: http method: POST or GET
@param args: request arguments (dict)
"""
raise NotImplementedError()
def xendGet(self, url, args=None):
"""Make a xend request using HTTP GET.
Requests using GET are usually 'safe' and may be repeated without
nasty side-effects.
@param url: xend request url
@param data: request arguments (dict)
"""
return self.xendRequest(url, "GET", args)
def xendPost(self, url, args):
"""Make a xend request using HTTP POST.
Requests using POST potentially cause side-effects, and should
not be repeated unless you really want to repeat the side
effect.
@param url: xend request url
@param args: request arguments (dict)
"""
return self.xendRequest(url, "POST", args)
def handleStatus(self, _, status, message):
"""Handle the status returned from the request.
"""
status = int(status)
if status in [HTTP_NO_CONTENT]:
return None
if status not in [HTTP_OK, HTTP_CREATED, HTTP_ACCEPTED]:
return self.handleException(XendError(message))
return 'ok'
def handleResponse(self, data):
"""Handle the data returned in response to the request.
"""
if data is None: return None
typ = self.getHeader('Content-Type')
if typ != sxp.mime_type:
return data
try:
pin = sxp.Parser()
pin.input(data)
pin.input_eof()
val = pin.get_val()
except sxp.ParseError, err:
return self.handleException(err)
if isinstance(val, types.ListType) and sxp.name(val) == 'xend.err':
err = XendError(val[1])
return self.handleException(err)
return val