def run(test, params, env): """ Test command: virsh nwfilter-dumpxml. 1) Prepare parameters. 2) Run dumpxml command. 3) Check result. """ # Prepare parameters filter_name = params.get("dumpxml_filter_name", "") options_ref = params.get("dumpxml_options_ref", "") status_error = params.get("status_error", "no") # Run command cmd_result = virsh.nwfilter_dumpxml(filter_name, options=options_ref, ignore_status=True, debug=True) output = cmd_result.stdout.strip() status = cmd_result.exit_status # Check result if status_error == "yes": if status == 0: raise error.TestFail("Run successfully with wrong command.") elif status_error == "no": if status: raise error.TestFail("Run failed with right command.") # Get uuid and name from output xml and compare with nwfilter-list # output new_filter = libvirt_xml.NwfilterXML() new_filter['xml'] = output uuid = new_filter.uuid name = new_filter.filter_name if check_list(uuid, name): logging.debug("The filter with uuid %s and name %s" % (uuid, name) + " from nwfilter-dumpxml was found in" + " nwfilter-list output") else: raise error.TestFail("The uuid %s with name %s from" % (uuid, name) + " nwfilter-dumpxml did not match with" + " nwfilter-list output") # Run command second time with uuid cmd_result = virsh.nwfilter_dumpxml(uuid, options=options_ref, ignore_status=True, debug=True) output1 = cmd_result.stdout.strip() status1 = cmd_result.exit_status if status_error == "yes": if status1 == 0: raise error.TestFail("Run successfully with wrong command.") elif status_error == "no": if status1: raise error.TestFail("Run failed with right command.") if output1 != output: raise error.TestFail("nwfilter dumpxml output was different" + " between using filter uuid and name")
def nwfilter_validate(file=None, **virsh_dargs): """ Test for schema nwfilter """ cmd_result = virsh.nwfilter_list(**virsh_dargs) libvirt.check_exit_status(cmd_result) try: uuid = re.findall(r"(\S+)\ +(\S+)[\ +\n]", str(cmd_result.stdout))[1][0] except IndexError: raise error.TestError("Fail to get nwfilter uuid") if uuid: cmd_result = virsh.nwfilter_dumpxml(uuid, to_file=file, **virsh_dargs) libvirt.check_exit_status(cmd_result)
def run(test, params, env): """ Test command: virsh nwfilter-define. 1) Prepare parameters. 2) Set options of virsh define. 3) Run define command. 4) Check result. 5) Clean env """ # Prepare parameters filter_name = params.get("filter_name", "testcase") filter_chain = params.get("filter_chain", "root") filter_priority = params.get("filter_priority", "") filter_uuid = params.get("filter_uuid", "5c6d49af-b071-6127-b4ec-6f8ed4b55335") filterref = params.get("filterref") filterref_name = params.get("filterref_name") exist_filter = params.get("exist_filter", "no-mac-spoofing") filter_xml = params.get("filter_create_xml_file") options_ref = params.get("options_ref", "") status_error = params.get("status_error", "no") # prepare rule and protocol attributes protocol = {} rule_dict = {} rule_dict_tmp = {} # rule string should end with EOL as separator, multiple rules is supported rule = params.get("rule", "rule_action=accept rule_direction=out protocol=mac EOL") rule_list = rule.split('EOL') for i in range(len(rule_list)): if rule_list[i]: attr = rule_list[i].split() for j in range(len(attr)): attr_list = attr[j].split('=') rule_dict_tmp[attr_list[0]] = attr_list[1] rule_dict[i] = rule_dict_tmp rule_dict_tmp = {} # process protocol parameter for i in rule_dict.keys(): if 'protocol' not in rule_dict[i]: # Set protocol as string 'None' as parse from cfg is # string 'None' protocol[i] = 'None' else: protocol[i] = rule_dict[i]['protocol'] rule_dict[i].pop('protocol') if protocol[i] in PROTOCOL_TYPES: # replace '-' with '_' in ipv6 types as '-' is not # supposed to be in class name if '-' in protocol[i]: protocol[i] = protocol[i].replace('-', '_') else: raise error.TestFail("Given protocol type %s" % protocol[i] + " is not in supported list %s" % PROTOCOL_TYPES) if filter_xml == "invalid-filter-xml": tmp_xml = xml_utils.TempXMLFile() tmp_xml.write('"<filter><<<BAD>>><\'XML</name\>' '!@#$%^&*)>(}>}{CORRUPTE|>!</filter>') tmp_xml.flush() filter_xml = tmp_xml.name logging.info("Test invalid xml is: %s" % filter_xml) elif filter_xml != " ": # Use exist xml as template with new attributes new_filter = libvirt_xml.NwfilterXML() filterxml = new_filter.new_from_filter_dumpxml(exist_filter) logging.debug("the exist xml is:\n%s" % filterxml.xmltreefile) # Backup xml if only update exist filter if exist_filter == filter_name: backup_xml = filterxml.xmltreefile.backup_copy() # Set filter attribute filterxml.filter_name = filter_name filterxml.filter_chain = filter_chain filterxml.filter_priority = filter_priority filterxml.uuid = filter_uuid if filterref: filterxml.filterref = filterref filterxml.filterref_name = filterref_name # Set rule attribute index_total = filterxml.get_rule_index() rule = filterxml.get_rule(0) rulexml = rule.backup_rule() for i in range(len(rule_dict.keys())): rulexml.rule_action = rule_dict[i].get('rule_action') rulexml.rule_direction = rule_dict[i].get('rule_direction') rulexml.rule_priority = rule_dict[i].get('rule_priority') rulexml.rule_statematch = rule_dict[i].get('rule_statematch') for j in RULE_ATTR: if j in rule_dict[i].keys(): rule_dict[i].pop(j) # set protocol attribute if protocol[i] != 'None': protocolxml = rulexml.get_protocol(protocol[i]) new_one = protocolxml.new_attr(**rule_dict[i]) protocolxml.attrs = new_one rulexml.xmltreefile = protocolxml.xmltreefile else: rulexml.del_protocol() if i <= len(index_total) - 1: filterxml.set_rule(rulexml, i) else: filterxml.add_rule(rulexml) # Reset rulexml rulexml = rule.backup_rule() logging.info("The xml for define is:\n%s" % filterxml.xmltreefile) filterxml.xmltreefile.write(filter_xml) # Run command cmd_result = virsh.nwfilter_define(filter_xml, options=options_ref, ignore_status=True, debug=True) status = cmd_result.exit_status # Check result chk_result = check_list(filter_uuid, filter_name) xml_path = "%s/%s.xml" % (NWFILTER_ETC_DIR, filter_name) if status_error == "yes": if status == 0: raise error.TestFail("Run successfully with wrong command.") elif status_error == "no": if status: raise error.TestFail("Run failed with right command.") if not chk_result: raise error.TestFail("Can't find filter in nwfilter-list output") if not os.path.exists(xml_path): raise error.TestFail("Can't find filter xml under %s" % NWFILTER_ETC_DIR) logging.info("Dump the xml after define:") virsh.nwfilter_dumpxml(filter_name, ignore_status=True, debug=True) # Clean env if exist_filter == filter_name: logging.info("Restore exist filter: %s" % exist_filter) backup_xml.write(filter_xml) virsh.nwfilter_define(filter_xml, options="", ignore_status=True, debug=True) else: if chk_result: virsh.nwfilter_undefine(filter_name, options="", ignore_status=True, debug=True) if os.path.exists(filter_xml): os.remove(filter_xml)
def run(test, params, env): """ Test command: virsh nwfilter-dumpxml. 1) Prepare parameters. 2) Run dumpxml command. 3) Check result. """ # Prepare parameters filter_name = params.get("dumpxml_filter_name", "") options_ref = params.get("dumpxml_options_ref", "") status_error = params.get("status_error", "no") # acl polkit params uri = params.get("virsh_uri") unprivileged_user = params.get('unprivileged_user') if unprivileged_user: if unprivileged_user.count('EXAMPLE'): unprivileged_user = '******' if not libvirt_version.version_compare(1, 1, 1): if params.get('setup_libvirt_polkit') == 'yes': raise error.TestNAError("API acl test not supported in current" " libvirt version.") virsh_dargs = {'ignore_status': True, 'debug': True} if params.get('setup_libvirt_polkit') == 'yes': virsh_dargs['unprivileged_user'] = unprivileged_user virsh_dargs['uri'] = uri # Run command cmd_result = virsh.nwfilter_dumpxml(filter_name, options=options_ref, **virsh_dargs) output = cmd_result.stdout.strip() status = cmd_result.exit_status # Check result if status_error == "yes": if status == 0: raise error.TestFail("Run successfully with wrong command.") elif status_error == "no": if status: raise error.TestFail("Run failed with right command.") # Get uuid and name from output xml and compare with nwfilter-list # output new_filter = libvirt_xml.NwfilterXML() new_filter['xml'] = output uuid = new_filter.uuid name = new_filter.filter_name if check_list(uuid, name): logging.debug("The filter with uuid %s and name %s" % (uuid, name) + " from nwfilter-dumpxml was found in" " nwfilter-list output") else: raise error.TestFail("The uuid %s with name %s from" % (uuid, name) + " nwfilter-dumpxml did not match with" " nwfilter-list output") # Run command second time with uuid cmd_result = virsh.nwfilter_dumpxml(uuid, options=options_ref, **virsh_dargs) output1 = cmd_result.stdout.strip() status1 = cmd_result.exit_status if status_error == "yes": if status1 == 0: raise error.TestFail("Run successfully with wrong command.") elif status_error == "no": if status1: raise error.TestFail("Run failed with right command.") if output1 != output: raise error.TestFail("nwfilter dumpxml output was different" + " between using filter uuid and name")
def run(test, params, env): """ Test command: virsh nwfilter-define. 1) Prepare parameters. 2) Set options of virsh define. 3) Run define command. 4) Check result. 5) Clean env """ # Prepare parameters filter_name = params.get("filter_name", "testcase") filter_uuid = params.get("filter_uuid", "11111111-b071-6127-b4ec-111111111111") exist_filter = params.get("exist_filter", "no-mac-spoofing") filter_xml = params.get("filter_create_xml_file") options_ref = params.get("options_ref", "") status_error = params.get("status_error", "no") boundary_test_skip = "yes" == params.get("boundary_test_skip") new_uuid = "yes" == params.get("new_uuid", 'no') bug_url = params.get("bug_url") # libvirt acl polkit related params uri = params.get("virsh_uri") unprivileged_user = params.get('unprivileged_user') if unprivileged_user: if unprivileged_user.count('EXAMPLE'): unprivileged_user = '******' if not libvirt_version.version_compare(1, 1, 1): if params.get('setup_libvirt_polkit') == 'yes': test.cancel("API acl test not supported in current" " libvirt version.") if exist_filter == filter_name and new_uuid: # Since commit 46a811d, update filter with new uuid will fail. if libvirt_version.version_compare(1, 2, 7): status_error = 'yes' else: status_error = 'no' try: if filter_xml == "invalid-filter-xml": tmp_xml = xml_utils.TempXMLFile() tmp_xml.write('"<filter><<<BAD>>><\'XML</name\>' '!@#$%^&*)>(}>}{CORRUPTE|>!</filter>') tmp_xml.flush() filter_xml = tmp_xml.name logging.info("Test invalid xml is: %s" % filter_xml) elif filter_xml: # Create filter xml new_filter = libvirt_xml.NwfilterXML() filterxml_backup = new_filter.new_from_filter_dumpxml(exist_filter) # Backup xml if only update exist filter if exist_filter == filter_name and not new_uuid: filter_uuid = filterxml_backup.uuid params['filter_uuid'] = filter_uuid filterxml = utlv.create_nwfilter_xml(params) filterxml.xmltreefile.write(filter_xml) # Run command cmd_result = virsh.nwfilter_define(filter_xml, options=options_ref, unprivileged_user=unprivileged_user, uri=uri, ignore_status=True, debug=True) status = cmd_result.exit_status # Check result chk_result = check_list(filter_uuid, filter_name) xml_path = "%s/%s.xml" % (NWFILTER_ETC_DIR, filter_name) if status_error == "yes": if status == 0: if boundary_test_skip: test.cancel("Boundary check commit 4f20943 not" " in this libvirt build yet.") else: err_msg = "Run successfully with wrong command." if bug_url: err_msg += " Check more info in %s" % bug_url test.fail(err_msg) elif status_error == "no": if status: err_msg = "Run failed with right command." if bug_url: err_msg += " Check more info in %s" % bug_url test.fail(err_msg) if not chk_result: test.fail("Can't find filter in nwfilter-list" + " output") if not os.path.exists(xml_path): test.fail("Can't find filter xml under %s" % NWFILTER_ETC_DIR) logging.info("Dump the xml after define:") virsh.nwfilter_dumpxml(filter_name, ignore_status=True, debug=True) finally: # Clean env if exist_filter == filter_name: logging.info("Restore exist filter: %s" % exist_filter) virsh.nwfilter_undefine(filter_name, ignore_status=True) virsh.nwfilter_define(filterxml_backup.xml, ignore_status=True) else: if chk_result: virsh.nwfilter_undefine(filter_name, ignore_status=True) if os.path.exists(filter_xml): os.remove(filter_xml)
def run(test, params, env): """ Test command: virsh nwfilter-define. 1) Prepare parameters. 2) Set options of virsh define. 3) Run define command. 4) Check result. 5) Clean env """ # Prepare parameters filter_name = params.get("filter_name", "testcase") filter_chain = params.get("filter_chain", "root") filter_priority = params.get("filter_priority", "") filter_uuid = params.get("filter_uuid", "5c6d49af-b071-6127-b4ec-6f8ed4b55335") filterref = params.get("filterref") filterref_name = params.get("filterref_name") exist_filter = params.get("exist_filter", "no-mac-spoofing") filter_xml = params.get("filter_create_xml_file") options_ref = params.get("options_ref", "") status_error = params.get("status_error", "no") # prepare rule and protocol attributes protocol = {} rule_dict = {} rule_dict_tmp = {} # rule string should end with EOL as separator, multiple rules is supported rule = params.get( "rule", "rule_action=accept rule_direction=out protocol=mac EOL") rule_list = rule.split('EOL') for i in range(len(rule_list)): if rule_list[i]: attr = rule_list[i].split() for j in range(len(attr)): attr_list = attr[j].split('=') rule_dict_tmp[attr_list[0]] = attr_list[1] rule_dict[i] = rule_dict_tmp rule_dict_tmp = {} # process protocol parameter for i in rule_dict.keys(): if 'protocol' not in rule_dict[i]: # Set protocol as string 'None' as parse from cfg is # string 'None' protocol[i] = 'None' else: protocol[i] = rule_dict[i]['protocol'] rule_dict[i].pop('protocol') if protocol[i] in PROTOCOL_TYPES: # replace '-' with '_' in ipv6 types as '-' is not # supposed to be in class name if '-' in protocol[i]: protocol[i] = protocol[i].replace('-', '_') else: raise error.TestFail("Given protocol type %s" % protocol[i] + " is not in supported list %s" % PROTOCOL_TYPES) if filter_xml == "invalid-filter-xml": tmp_xml = xml_utils.TempXMLFile() tmp_xml.write('"<filter><<<BAD>>><\'XML</name\>' '!@#$%^&*)>(}>}{CORRUPTE|>!</filter>') tmp_xml.flush() filter_xml = tmp_xml.name logging.info("Test invalid xml is: %s" % filter_xml) elif filter_xml != " ": # Use exist xml as template with new attributes new_filter = libvirt_xml.NwfilterXML() filterxml = new_filter.new_from_filter_dumpxml(exist_filter) logging.debug("the exist xml is:\n%s" % filterxml.xmltreefile) # Backup xml if only update exist filter if exist_filter == filter_name: backup_xml = filterxml.xmltreefile.backup_copy() # Set filter attribute filterxml.filter_name = filter_name filterxml.filter_chain = filter_chain filterxml.filter_priority = filter_priority filterxml.uuid = filter_uuid if filterref: filterxml.filterref = filterref filterxml.filterref_name = filterref_name # Set rule attribute index_total = filterxml.get_rule_index() rule = filterxml.get_rule(0) rulexml = rule.backup_rule() for i in range(len(rule_dict.keys())): rulexml.rule_action = rule_dict[i].get('rule_action') rulexml.rule_direction = rule_dict[i].get('rule_direction') rulexml.rule_priority = rule_dict[i].get('rule_priority') rulexml.rule_statematch = rule_dict[i].get('rule_statematch') for j in RULE_ATTR: if j in rule_dict[i].keys(): rule_dict[i].pop(j) # set protocol attribute if protocol[i] != 'None': protocolxml = rulexml.get_protocol(protocol[i]) new_one = protocolxml.new_attr(**rule_dict[i]) protocolxml.attrs = new_one rulexml.xmltreefile = protocolxml.xmltreefile else: rulexml.del_protocol() if i <= len(index_total) - 1: filterxml.set_rule(rulexml, i) else: filterxml.add_rule(rulexml) # Reset rulexml rulexml = rule.backup_rule() logging.info("The xml for define is:\n%s" % filterxml.xmltreefile) filterxml.xmltreefile.write(filter_xml) # Run command cmd_result = virsh.nwfilter_define(filter_xml, options=options_ref, ignore_status=True, debug=True) status = cmd_result.exit_status # Check result chk_result = check_list(filter_uuid, filter_name) xml_path = "%s/%s.xml" % (NWFILTER_ETC_DIR, filter_name) if status_error == "yes": if status == 0: raise error.TestFail("Run successfully with wrong command.") elif status_error == "no": if status: raise error.TestFail("Run failed with right command.") if not chk_result: raise error.TestFail("Can't find filter in nwfilter-list output") if not os.path.exists(xml_path): raise error.TestFail("Can't find filter xml under %s" % NWFILTER_ETC_DIR) logging.info("Dump the xml after define:") virsh.nwfilter_dumpxml(filter_name, ignore_status=True, debug=True) # Clean env if exist_filter == filter_name: logging.info("Restore exist filter: %s" % exist_filter) backup_xml.write(filter_xml) virsh.nwfilter_define(filter_xml, options="", ignore_status=True, debug=True) else: if chk_result: virsh.nwfilter_undefine(filter_name, options="", ignore_status=True, debug=True) if os.path.exists(filter_xml): os.remove(filter_xml)
def run(test, params, env): """ Test command: virsh nwfilter-dumpxml. 1) Prepare parameters. 2) Run dumpxml command. 3) Check result. """ # Prepare parameters filter_name = params.get("dumpxml_filter_name", "") options_ref = params.get("dumpxml_options_ref", "") status_error = params.get("status_error", "no") # acl polkit params uri = params.get("virsh_uri") unprivileged_user = params.get('unprivileged_user') if unprivileged_user: if unprivileged_user.count('EXAMPLE'): unprivileged_user = '******' if not libvirt_version.version_compare(1, 1, 1): if params.get('setup_libvirt_polkit') == 'yes': test.cancel("API acl test not supported in current" " libvirt version.") virsh_dargs = {'ignore_status': True, 'debug': True} if params.get('setup_libvirt_polkit') == 'yes': virsh_dargs['unprivileged_user'] = unprivileged_user virsh_dargs['uri'] = uri # Run command cmd_result = virsh.nwfilter_dumpxml(filter_name, options=options_ref, **virsh_dargs) output = cmd_result.stdout.strip() status = cmd_result.exit_status # Check result if status_error == "yes": if status == 0: test.fail("Run successfully with wrong command.") elif status_error == "no": if status: test.fail("Run failed with right command.") # Get uuid and name from output xml and compare with nwfilter-list # output new_filter = libvirt_xml.NwfilterXML() new_filter['xml'] = output uuid = new_filter.uuid name = new_filter.filter_name if check_list(uuid, name): logging.debug("The filter with uuid %s and name %s" % (uuid, name) + " from nwfilter-dumpxml was found in" " nwfilter-list output") else: test.fail("The uuid %s with name %s from" % (uuid, name) + " nwfilter-dumpxml did not match with" " nwfilter-list output") # Run command second time with uuid cmd_result = virsh.nwfilter_dumpxml(uuid, options=options_ref, **virsh_dargs) output1 = cmd_result.stdout.strip() status1 = cmd_result.exit_status if status_error == "yes": if status1 == 0: test.fail("Run successfully with wrong command.") elif status_error == "no": if status1: test.fail("Run failed with right command.") if output1 != output: test.fail("nwfilter dumpxml output was different" + " between using filter uuid and name")
def run(test, params, env): """ Test command: virsh nwfilter-define. 1) Prepare parameters. 2) Set options of virsh define. 3) Run define command. 4) Check result. 5) Clean env """ # Prepare parameters filter_name = params.get("filter_name", "testcase") filter_uuid = params.get("filter_uuid", "11111111-b071-6127-b4ec-111111111111") exist_filter = params.get("exist_filter", "no-mac-spoofing") filter_xml = params.get("filter_create_xml_file") options_ref = params.get("options_ref", "") status_error = params.get("status_error", "no") boundary_test_skip = "yes" == params.get("boundary_test_skip") new_uuid = "yes" == params.get("new_uuid", 'no') bug_url = params.get("bug_url") # libvirt acl polkit related params uri = params.get("virsh_uri") unprivileged_user = params.get('unprivileged_user') if unprivileged_user: if unprivileged_user.count('EXAMPLE'): unprivileged_user = '******' if not libvirt_version.version_compare(1, 1, 1): if params.get('setup_libvirt_polkit') == 'yes': raise error.TestNAError("API acl test not supported in current" " libvirt version.") if exist_filter == filter_name and new_uuid: # Since commit 46a811d, update filter with new uuid will fail. if libvirt_version.version_compare(1, 2, 7): status_error = 'yes' else: status_error = 'no' try: if filter_xml == "invalid-filter-xml": tmp_xml = xml_utils.TempXMLFile() tmp_xml.write('"<filter><<<BAD>>><\'XML</name\>' '!@#$%^&*)>(}>}{CORRUPTE|>!</filter>') tmp_xml.flush() filter_xml = tmp_xml.name logging.info("Test invalid xml is: %s" % filter_xml) elif filter_xml: # Create filter xml new_filter = libvirt_xml.NwfilterXML() filterxml_backup = new_filter.new_from_filter_dumpxml(exist_filter) # Backup xml if only update exist filter if exist_filter == filter_name and not new_uuid: filter_uuid = filterxml_backup.uuid params['filter_uuid'] = filter_uuid filterxml = utlv.create_nwfilter_xml(params) filterxml.xmltreefile.write(filter_xml) # Run command cmd_result = virsh.nwfilter_define(filter_xml, options=options_ref, unprivileged_user=unprivileged_user, uri=uri, ignore_status=True, debug=True) status = cmd_result.exit_status # Check result chk_result = check_list(filter_uuid, filter_name) xml_path = "%s/%s.xml" % (NWFILTER_ETC_DIR, filter_name) if status_error == "yes": if status == 0: if boundary_test_skip: raise error.TestNAError("Boundary check commit 4f20943 not" " in this libvirt build yet.") else: err_msg = "Run successfully with wrong command." if bug_url: err_msg += " Check more info in %s" % bug_url raise error.TestFail(err_msg) elif status_error == "no": if status: err_msg = "Run failed with right command." if bug_url: err_msg += " Check more info in %s" % bug_url raise error.TestFail(err_msg) if not chk_result: raise error.TestFail("Can't find filter in nwfilter-list" + " output") if not os.path.exists(xml_path): raise error.TestFail("Can't find filter xml under %s" % NWFILTER_ETC_DIR) logging.info("Dump the xml after define:") virsh.nwfilter_dumpxml(filter_name, ignore_status=True, debug=True) finally: # Clean env if exist_filter == filter_name: logging.info("Restore exist filter: %s" % exist_filter) virsh.nwfilter_undefine(filter_name, ignore_status=True) virsh.nwfilter_define(filterxml_backup.xml, ignore_status=True) else: if chk_result: virsh.nwfilter_undefine(filter_name, ignore_status=True) if os.path.exists(filter_xml): os.remove(filter_xml)