[luci] Add a custom luci launcher allowing sane Python runtime + SELinux
by Jan Pokorný
commit 81d5d9a9d759c293d81331d6920dcc2ebc714437
Author: Jan Pokorný <jpokorny(a)redhat.com>
Date: Fri Aug 22 19:37:32 2014 +0200
Add a custom luci launcher allowing sane Python runtime + SELinux
Resolves: rhbz#1026374
Signed-off-by: Jan Pokorný <jpokorny(a)redhat.com>
input_files/initscript/initscript.in | 34 +++++++++++++++++++++++++--
input_files/proxylauncher/proxylauncher.in | 7 +++++
setup.cfg | 3 +-
setup.py | 5 +++-
4 files changed, 44 insertions(+), 5 deletions(-)
---
diff --git a/input_files/initscript/initscript.in b/input_files/initscript/initscript.in
index b23d7c0..40f9172 100755
--- a/input_files/initscript/initscript.in
+++ b/input_files/initscript/initscript.in
@@ -36,7 +36,7 @@ fi
prog="@SERVICENAME@"
config="@BASECONFIG@"
sysconfig="@SYSCONFIG@"
-exec="@LAUNCHER@"
+exec="@PROXYLAUNCHER@"
sqlite_bin="/usr/bin/sqlite3"
@@ -441,6 +441,35 @@ restart() {
start
}
+# kludge to make SELinux related changes compatible with condrestart
+# triggered upon update in %postun scriptlet (rhbz#1023202, rhbz#1026374)
+condrestart_scriptlet_kludge() {
+ luci_pid=$(head -n1 "${PID_FILE}")
+ if [ -n "${luci_pid}" ] \
+ && [ "$(ps --no-header -Zp "${luci_pid}" 2>/dev/null \
+ | awk '{print $1}' | cut -d: -f3)" = "initrc_t" ]; then
+ # XXX /etc/init.d/functions:killproc
+ kill -15 -- "${luci_pid}" 2>/dev/null
+ if [ $? -eq 0 ]; then
+ cnt=0
+ while kill -0 -- "${luci_pid}" 2>/dev/null; do
+ if [ "${cnt}" -ge 5 ]; then
+ kill -9 -- "${luci_pid}" 2>/dev/null
+ break
+ fi
+ sleep 1
+ let cnt++
+ done
+ fi
+ rm -f -- "${PID_FILE}"
+ start
+ else
+ # non-kludge way
+ status &>/dev/null || exit 0
+ restart
+ fi
+}
+
status() {
# If PID file exists and contains valid PID, paster returns 0 otherwise 1
out=$(do_exec serve --status --pid-file="$PID_FILE" "$config" 2>&1)
@@ -476,8 +505,7 @@ case "$1" in
;;
condrestart|try-restart)
entry_check || exit $?
- status &>/dev/null || exit 0
- restart
+ condrestart_scriptlet_kludge
;;
status)
entry_check || exit 4
diff --git a/input_files/proxylauncher/proxylauncher.in b/input_files/proxylauncher/proxylauncher.in
new file mode 100644
index 0000000..16200cc
--- /dev/null
+++ b/input_files/proxylauncher/proxylauncher.in
@@ -0,0 +1,7 @@
+#!/usr/bin/python -Es
+try:
+ execfile("@LAUNCHER@")
+except IOError:
+ with open("@LOGFILE@", 'a') as log:
+ log.write("@LAUNCHER@ execution failed\n")
+ raise
diff --git a/setup.cfg b/setup.cfg
index a2f403b..3bf2a4e 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -21,7 +21,8 @@ logfile = /var/log/luci/luci.log
# System files (initscript and configuration files)
initscript = /etc/rc.d/init.d/luci
sysconfig = /etc/sysconfig/luci
-launcher = /usr/bin/python -Es /usr/bin/paster
+launcher = /usr/bin/paster
+proxylauncher = /usr/sbin/luci
logrotateconfig = /etc/logrotate.d/luci
pamconfig = /etc/pam.d/luci
sasl2config = /etc/sasl2/luci.conf
diff --git a/setup.py b/setup.py
index 1d11c12..76aae6a 100644
--- a/setup.py
+++ b/setup.py
@@ -279,7 +279,8 @@ pkg_prepare = setup_pkg_prepare(pkg_name, [
# System files (initscript and configuration files)
('initscript' , "initscript file"),
('sysconfig' , "configuration file coming with initscript"),
- ('launcher' , "launcher script for luci (wrapper above paster)"),
+ ('launcher' , "final launcher for the app ('paster' wrapper)"),
+ ('proxylauncher' , "initial launcher for the app ('launcher' wrapper)"),
('logrotateconfig' , "logrotate configuration file"),
('pamconfig' , "PAM configuration file"),
('sasl2config' , "Cyrus SASL configuration file"),
@@ -309,6 +310,7 @@ pkg_params = {
'configtmpl' : path_join(path_norm(pkg.config_template)),
'__initscript' : path_norm("input_files/initscript/initscript.in"),
+ '__proxylauncher' : path_norm("input_files/proxylauncher/proxylauncher.in"),
'__sysconfig' : path_norm("input_files/sysconfig/sysconfig.in"),
'__logrotateconfig' : path_norm("input_files/logrotateconfig/logrotateconfig.in"),
'__pamconfig' : path_norm("input_files/pamconfig/pamconfig.in"),
@@ -412,6 +414,7 @@ setup(
data_files=[
dict(src='__certconfig', dst='certconfig', substitute=True),
dict(src='__initscript', dst='initscript', substitute=True),
+ dict(src='__proxylauncher', dst='proxylauncher', substitute=True),
dict(src='__sysconfig', dst='sysconfig', substitute=True),
dict(src='__logrotateconfig', dst='logrotateconfig', substitute=True),
dict(src='__pamconfig', dst='pamconfig', substitute=False),
9 years, 9 months
[luci] Fix luci unable to handle node name ending w/ known filetype ext.
by Jan Pokorný
commit c6ed42ab3671db0ab91f1c8a170194b6f0428df4
Author: Jan Pokorný <jpokorny(a)redhat.com>
Date: Fri Aug 22 19:11:15 2014 +0200
Fix luci unable to handle node name ending w/ known filetype ext.
Resolves: rhbz#999324
Signed-off-by: Jan Pokorný <jpokorny(a)redhat.com>
luci/controllers/cluster.py | 38 ++++++++++++--------------------------
luci/lib/helpers.py | 8 +++++++-
2 files changed, 19 insertions(+), 27 deletions(-)
---
diff --git a/luci/controllers/cluster.py b/luci/controllers/cluster.py
index 3159145..8bb6f52 100644
--- a/luci/controllers/cluster.py
+++ b/luci/controllers/cluster.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2009-2014 Red Hat, Inc.
+# Copyright 2014 Red Hat, Inc.
#
# This program is free software; you can redistribute
# it and/or modify it under the terms of version 2 of the
@@ -13,7 +13,7 @@ from tg import request, expose, redirect, flash, app_globals, tmpl_context, requ
# third party imports
from repoze.what.predicates import not_anonymous, in_any_group, is_user, Any, NotAuthorizedError
-from luci.lib.helpers import quote_plus, unquote_plus, ugettext as _
+from luci.lib.helpers import quote_plus, unquote_plus, unquote_plus_term_traverse, ugettext as _
# project specific imports
from luci.lib.base import BaseController
@@ -632,16 +632,8 @@ class IndividualClusterController(BaseController):
base_url = '/cluster/%s/services' % self.name
services_cmd = '/cluster/%s/services_cmd' % self.name
- if args:
- if len(args) >= 1:
- servicename = '/'.join([unquote_plus(a) for a in args])
- if request.response_ext:
- servicename = '%s%s' % (servicename, request.response_ext)
- else:
- servicename = None
-
- if 'name' in request.params:
- servicename = request.params['name']
+ servicename = (request.params['name'] if 'name' in request.params else
+ unquote_plus_term_traverse(request.response_ext, args))
try:
self.get_model()
@@ -806,17 +798,9 @@ class IndividualClusterController(BaseController):
except NotAuthorizedError, e:
flash(e, status="warning")
redirect("/")
-
- if len(args) == 1:
- if request.response_ext:
- failovername = '%s%s' % (args[0], request.response_ext)
- else:
- failovername = args[0]
- else:
- failovername = None
- if 'name' in request.params:
- failovername = request.params['name']
+ failovername = (request.params['name'] if 'name' in request.params else
+ unquote_plus_term_traverse(request.response_ext, args))
try:
self.get_model()
@@ -1080,15 +1064,17 @@ class IndividualClusterController(BaseController):
redirect(tmpl_context.cluster_url)
@expose()
- def lookup(self, nodename, *args):
+ def lookup(self, *args):
try:
permission_view(self.name)
except NotAuthorizedError, e:
flash(e, status="warning")
redirect("/")
-
- inc = IndividualNodeController(self.name, self.data, unquote_plus(nodename))
- return inc, args
+
+ # nodename not supposed to contain a slash within
+ nodename = unquote_plus_term_traverse(request.response_ext, args[:1])
+ inc = IndividualNodeController(self.name, self.data, nodename)
+ return inc, args[1:]
class IndividualNodeController(BaseController):
def __init__(self, name, iccdata, nodename):
diff --git a/luci/lib/helpers.py b/luci/lib/helpers.py
index 9794995..47cc7f6 100644
--- a/luci/lib/helpers.py
+++ b/luci/lib/helpers.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2009-2010 Red Hat, Inc.
+# Copyright 2014 Red Hat, Inc.
#
# This program is free software; you can redistribute
# it and/or modify it under the terms of version 2 of the
@@ -65,3 +65,9 @@ def unquote_plus(s):
"""urllib's unquote_plus, but return unicode."""
ret = unquote_plus_impl(s)
return ret if isinstance(ret, unicode) else unicode(ret, 'UTF-8')
+
+
+def unquote_plus_term_traverse(resp_ext, ps):
+ """Normalize single traversal-like entity at URL tail (no such -> None)"""
+ resp_ext = resp_ext or u''
+ return '/'.join([unquote_plus(p) for p in ps]) + resp_ext if ps else None
9 years, 9 months
[luci] Add the ability to block weak ciphers in luci (cont'd)
by Jan Pokorný
commit 336a583f8f3f1e87a0036632ac5b91fa43b72ee4
Author: Jan Pokorný <jpokorny(a)redhat.com>
Date: Fri Aug 22 19:06:17 2014 +0200
Add the ability to block weak ciphers in luci (cont'd)
This is to complement only partial commit 7dc551d.
Resolves: rhbz#991575
Signed-off-by: Jan Pokorný <jpokorny(a)redhat.com>
input_files/config.tmpl/config.tmpl.in | 6 +++++-
input_files/sysconfig/sysconfig.in | 14 ++++++++++++--
luci/initwrappers.py | 8 ++++----
setup.py | 5 ++++-
4 files changed, 25 insertions(+), 8 deletions(-)
---
diff --git a/input_files/config.tmpl/config.tmpl.in b/input_files/config.tmpl/config.tmpl.in
index 2717ee7..a337db1 100644
--- a/input_files/config.tmpl/config.tmpl.in
+++ b/input_files/config.tmpl/config.tmpl.in
@@ -77,6 +77,8 @@ tmp.sysconfig = @SYSCONFIG@
def.port = @PORT@
def.host = 0.0.0.0
def.cert_pem = @CERTPEM@
+# following is intentionally empty to use responsible implementation's defaults
+def.cipher_list =
def.cache_dir = @CACHEDIR@
def.sessions_dir = @SESSIONSDIR@
def.db_file = @DBFILE@
@@ -88,13 +90,15 @@ def.auth_tkt_timeout = 900
# ===========================================================================
[server:main]
-use = egg:Paste#http
+use = egg:@PKGNAME@
# Items to be set only if this haven't been already done in other sections
host = %(def.host)s
port = %(def.port)s
ssl_pem = %(def.cert_pem)s
+ssl_cipher_list = %(def.cipher_list)s
+ssl_allow_insecure = false
# ---------------------------------------------------------------------------
diff --git a/input_files/sysconfig/sysconfig.in b/input_files/sysconfig/sysconfig.in
index 2fb0460..05960fa 100644
--- a/input_files/sysconfig/sysconfig.in
+++ b/input_files/sysconfig/sysconfig.in
@@ -55,11 +55,21 @@ INIT_CONFIG=`cat -E <<"#END#"
# PEM file containing both the certificate itself and respective private key),
# otherwise its self-signed certificate managed automatically by @SERVICENAME@
# service is used instead;
-# currently, this certificate is used only for https connection with web
+# currently, this certificate is used only for https connection with the web
# browser, connections with ricci instances still rely on self-managed cert
# Note: If this configuration item is active and no such file can be read,
# starting @SERVICENAME@ service will fail
-#ssl_pem = "path_to/ssl_cert_pem_file"
+#ssl_pem = path_to/ssl_cert_pem_file
+
+# Change this to pass custom cipher list to be used by underlying OpenSSL
+# library in the SSL/TLS context.
+# Currently, this option only affects https connection with the web browser.
+#ssl_cipher_list = ALL!EXPORT!EXPORT40!EXPORT56!aNULL!LOW!RC4
+
+# When specifying custom ssl_cipher_list above, SSLv2 commnunication is
+# prevented by default; to override it and allow SSLv2 again, uncomment
+# the following option.
+#ssl_allow_insecure = true
use=config:%(base_config)s
diff --git a/luci/initwrappers.py b/luci/initwrappers.py
index 366ce70..843c8ce 100644
--- a/luci/initwrappers.py
+++ b/luci/initwrappers.py
@@ -8,7 +8,7 @@
"""\
Wrappers for parts used during initial phase of running luci.
"""
-_
+
from pylons.util import PylonsInstaller as _PylonsInstaller
from repoze.who.config import WhoConfig as _WhoConfig, make_middleware_with_config
from paste.httpserver import server_runner as _server_runner
@@ -121,11 +121,11 @@ def server_runner(wsgi_app, global_conf, **kwargs):
pass
else:
ssl_cipher_list = kwargs.pop('ssl_cipher_list', '')
+ ssl_allow_insecure = kwargs.pop('ssl_allow_insecure', False)
if ssl_cipher_list:
ssl_pem = kwargs.pop('ssl_pem')
ssl_context = SSL.Context(SSL.SSLv23_METHOD)
- if kwargs.pop('ssl_allow_insecure', False) \
- in ('', 'false', False):
+ if ssl_allow_insecure in ('', 'false', False):
# XXX note that SSL.OP_NO_COMPRESSION is missing
ssl_context.set_options(SSL.OP_NO_SSLv2)
ssl_context.use_privatekey_file(ssl_pem)
@@ -133,7 +133,7 @@ def server_runner(wsgi_app, global_conf, **kwargs):
ssl_context.set_cipher_list(ssl_cipher_list)
kwargs['ssl_context'] = ssl_context
- return server_runner(wsgi_app, global_conf, **kwargs)
+ return _server_runner(wsgi_app, global_conf, **kwargs)
server_runner.__doc__ = (_server_runner.__doc__ or '') + """
diff --git a/setup.py b/setup.py
index bbb73fe..1d11c12 100644
--- a/setup.py
+++ b/setup.py
@@ -463,7 +463,7 @@ setup(
# introduced by setuptools); mainly following groups of entry points are
# required for interaction with PasteScript (related ``paster'' commands):
# * paste.app_install: used by ``make-config'' or ``setup-app'' commands
- # * paste.app_factory: used by ``serve'' commands
+ # * paste.app_factory and paste.server_runner: used by ``serve'' command
#
# Note 1: ``make-config'' visits the entry point via explicitly defined
# package name as parameter, ``setup-app'' and ``serve'' visit it
@@ -477,6 +477,9 @@ setup(
[paste.app_factory]
main = %(pkg_name)s.config.middleware:make_app
+
+ [paste.server_runner]
+ main = %(pkg_name)s.initwrappers:server_runner
""" % dict(pkg_name=pkg_name),
9 years, 9 months
[luci] luci: Support newly added bind-mount "name" attribute
by Ryan McCabe
commit a4fa913be73bd1324944311b9d8c7f604ff88ac9
Author: Ryan McCabe <rmccabe(a)redhat.com>
Date: Sun Aug 10 23:19:17 2014 -0400
luci: Support newly added bind-mount "name" attribute
Support the newly added bind-mount "name" attribute.
Resolves: rhbz#1117398
Signed-off-by: Ryan McCabe <rmccabe(a)redhat.com>
luci/validation/validate_resource.py | 5 +----
1 files changed, 1 insertions(+), 4 deletions(-)
---
diff --git a/luci/validation/validate_resource.py b/luci/validation/validate_resource.py
index 6058c76..0739495 100644
--- a/luci/validation/validate_resource.py
+++ b/luci/validation/validate_resource.py
@@ -238,16 +238,13 @@ def addNetfs(res, rname, model, **kw):
def addBindMount(res, rname, model, **kw):
params = (
+ ('mountpoint', _('Mount point for the bind mount'), True, None),
('source', _('Source of the bind mount'), True, None),
('force_unmount', '', False, None),
)
errors = config_resource(params, res, rname, **kw)
- # Primary attribute is mountpoint, not name
- res.removeAttribute('name')
- res.addAttribute('mountpoint', rname)
-
for a in ('force_unmount',):
if res.getAttribute(a) == 'on':
res.addAttribute(a, '1')
9 years, 9 months
[luci] luci: Remove ssh_options fields from fence agents that do not yet support it
by Ryan McCabe
commit bc8e34fc30ad45ce8e48e903ff82244cbf0c7ac1
Author: Ryan McCabe <rmccabe(a)redhat.com>
Date: Sun Aug 10 23:17:18 2014 -0400
luci: Remove ssh_options fields from fence agents that do not yet support it
Remove the ssh_options GUI fields for fence agents that do not yet support
it in RHEL.
Resolves: rhbz#1117398
Signed-off-by: Ryan McCabe <rmccabe(a)redhat.com>
luci/templates/fence_devices.html | 8 ++++----
luci/templates/fence_instances.html | 14 +++++++-------
luci/validation/validate_fence.py | 24 ++++++++++++------------
3 files changed, 23 insertions(+), 23 deletions(-)
---
diff --git a/luci/templates/fence_devices.html b/luci/templates/fence_devices.html
index 0d34910..f7b154c 100644
--- a/luci/templates/fence_devices.html
+++ b/luci/templates/fence_devices.html
@@ -2703,7 +2703,7 @@
<label class="choice">Use SSH</label>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
@@ -3238,7 +3238,7 @@
py:attrs="cur_fencedev and {'value': cur_fencedev.getAttribute('passwd_script')} or {}"/>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
@@ -3689,7 +3689,7 @@
<label class="choice">Use SSH</label>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
@@ -4081,7 +4081,7 @@
<label class="choice">Use SSH</label>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
diff --git a/luci/templates/fence_instances.html b/luci/templates/fence_instances.html
index fca35cc..6e45257 100644
--- a/luci/templates/fence_instances.html
+++ b/luci/templates/fence_instances.html
@@ -145,7 +145,7 @@
py:attrs="cur_fence_inst and cur_fence_inst.getAttribute('secure') and {'checked': 'checked'}"/>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
@@ -198,7 +198,7 @@
py:attrs="cur_fence_inst and cur_fence_inst.getAttribute('secure') and {'checked': 'checked'}"/>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
@@ -294,7 +294,7 @@
py:attrs="cur_fence_inst and cur_fence_inst.getAttribute('secure') and {'checked': 'checked'}"/>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
@@ -423,7 +423,7 @@
py:attrs="cur_fence_inst and cur_fence_inst.getAttribute('secure') and {'checked': 'checked'}"/>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
@@ -678,7 +678,7 @@
py:attrs="cur_fence_inst and cur_fence_inst.getAttribute('secure') and {'checked': 'checked'}"/>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
@@ -751,7 +751,7 @@
py:attrs="cur_fence_inst and cur_fence_inst.getAttribute('secure') and {'checked': 'checked'}"/>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
@@ -1264,7 +1264,7 @@
py:attrs="cur_fence_inst and cur_fence_inst.getAttribute('secure') and {'checked': 'checked'}"/>
</td>
</tr>
- <tr>
+ <tr py:if="0">
<td>SSH Options</td>
<td>
<input type="text" class="text" name="ssh_options"
diff --git a/luci/validation/validate_fence.py b/luci/validation/validate_fence.py
index 91095a1..04996fa 100644
--- a/luci/validation/validate_fence.py
+++ b/luci/validation/validate_fence.py
@@ -429,7 +429,7 @@ def val_rsb_fd(fencedev, fence_name, **kw):
('login_timeout', False),
('retry_on', False),
('secure', False),
- ('ssh_options', False),
+# ('ssh_options', False),
('identity_file', False),
)
@@ -457,7 +457,7 @@ def val_drac5_fd(fencedev, fence_name, **kw):
('module_name', False),
('cmd_prompt', False),
('secure', False),
- ('ssh_options', False),
+# ('ssh_options', False),
('identity_file', False),
('passwd', False),
('passwd_script', False),
@@ -788,7 +788,7 @@ def val_ilo_mp_fd(fencedev, fence_name, **kw):
('passwd', False),
('passwd_script', False),
('secure', False),
- ('ssh_options', False),
+# ('ssh_options', False),
('identity_file', False),
('cmd_prompt', False),
('power_wait', False),
@@ -1011,7 +1011,7 @@ def val_wti_fi(fenceinst, parent_name, **kw):
params = (
('port', True),
('secure', False),
- ('ssh_options', False),
+# ('ssh_options', False),
('identity_file', False),
('delay', False),
)
@@ -1037,7 +1037,7 @@ def val_brocade_fi(fenceinst, parent_name, **kw):
('delay', False),
('secure', False),
('identity_file', False),
- ('ssh_options', False),
+# ('ssh_options', False),
)
errors = config_fence_attr(params, fenceinst, parent_name, **kw)
@@ -1073,7 +1073,7 @@ def val_bladecenter_fi(fenceinst, parent_name, **kw):
('port', True),
('switch', False),
('secure', False),
- ('ssh_options', False),
+# ('ssh_options', False),
('identity_file', False),
('delay', False),
)
@@ -1086,7 +1086,7 @@ def val_ipdu_fi(fenceinst, parent_name, **kw):
('port', True),
('switch', False),
('secure', False),
- ('ssh_options', False),
+# ('ssh_options', False),
('identity_file', False),
('delay', False),
)
@@ -1116,8 +1116,8 @@ def val_lpar_fi(fenceinst, parent_name, **kw):
params = (
('partition', True),
('managed', True),
- ('secure', True),
- ('ssh_options', False),
+ ('secure', False),
+# ('ssh_options', False),
('identity_file', False),
('delay', False),
)
@@ -1168,7 +1168,7 @@ def val_vmware_fi(fenceinst, parent_name, **kw):
params = (
('port', True),
('secure', False),
- ('ssh_options', False),
+# ('ssh_options', False),
('identity_file', False),
('delay', False),
)
@@ -1188,7 +1188,7 @@ def val_ldom_fi(fenceinst, parent_name, **kw):
params = (
('port', True),
('secure', False),
- ('ssh_options', False),
+# ('ssh_options', False),
('identity_file', False),
('delay', False),
)
@@ -1236,7 +1236,7 @@ def val_hpblade_fi(fenceinst, parent_name, **kw):
params = (
('port', True),
('secure', False),
- ('ssh_options', False),
+# ('ssh_options', False),
('identity_file', False),
('delay', False),
)
9 years, 9 months
[luci] luci: Remove bad default values for startup_wait and shutdown_wait
by Ryan McCabe
commit 5742117eca9a1ead3f9a35572f1da0cdb651e65d
Author: Ryan McCabe <rmccabe(a)redhat.com>
Date: Sun Aug 10 23:14:57 2014 -0400
luci: Remove bad default values for startup_wait and shutdown_wait
Remove incorrect default values in the form fields for startup_wait
and shutdown_wait attributes. Simply leaving the fields blank will
cause the correct defaults to be used.
Resolves: rhbz#1117398
Signed-off-by: Ryan McCabe <rmccabe(a)redhat.com>
luci/templates/resource_list.html | 32 ++++++++++++++++++--------------
1 files changed, 18 insertions(+), 14 deletions(-)
---
diff --git a/luci/templates/resource_list.html b/luci/templates/resource_list.html
index 996afec..fc5b482 100644
--- a/luci/templates/resource_list.html
+++ b/luci/templates/resource_list.html
@@ -467,9 +467,16 @@
<h3>Bind Mount</h3>
<table class="formtable">
<tr>
- <td>Mount Point</td>
+ <td>Name</td>
<td>
<input type="text" class="text" name="resourcename"
+ py:attrs="res and {'value':res.getAttribute('name'), 'disabled':global_resource and 'disabled' or None} or {}" />
+ </td>
+ </tr>
+ <tr>
+ <td>Mount Point</td>
+ <td>
+ <input type="text" class="text" name="mountpoint"
py:attrs="res and {'value':res.getAttribute('mountpoint'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -664,7 +671,7 @@
<tr>
<td>Shutdown Wait (seconds)</td>
<td>
- <input type="text" class="text" name="shutdown_wait" value="0"
+ <input type="text" class="text" name="shutdown_wait"
py:attrs="res and {'value':res.getAttribute('shutdown_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -787,7 +794,7 @@
<tr>
<td>Shutdown Wait (seconds)</td>
<td>
- <input type="text" class="text" name="shutdown_wait" value="0"
+ <input type="text" class="text" name="shutdown_wait"
py:attrs="res and {'value':res.getAttribute('shutdown_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -839,14 +846,14 @@
<tr>
<td>Startup Wait (seconds)</td>
<td>
- <input type="text" class="text" name="startup_wait" value="0"
+ <input type="text" class="text" name="startup_wait"
py:attrs="res and {'value':res.getAttribute('startup_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
<tr>
<td>Shutdown Wait (seconds)</td>
<td>
- <input type="text" class="text" name="shutdown_wait" value="0"
+ <input type="text" class="text" name="shutdown_wait"
py:attrs="res and {'value':res.getAttribute('shutdown_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -943,7 +950,7 @@
<tr>
<td>Shutdown Wait (seconds)</td>
<td>
- <input type="text" class="text" name="shutdown_wait" value="0"
+ <input type="text" class="text" name="shutdown_wait"
py:attrs="res and {'value':res.getAttribute('shutdown_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -998,14 +1005,14 @@
<tr>
<td>Shutdown Wait (seconds)</td>
<td>
- <input type="text" class="text" name="shutdown_wait" value="0"
+ <input type="text" class="text" name="shutdown_wait"
py:attrs="res and {'value':res.getAttribute('shutdown_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
<tr py:if="cluster_os != 'RHEL' or os_version > 6.5">
<td>Startup Wait (seconds)</td>
<td>
- <input type="text" class="text" name="startup_wait" value="0"
+ <input type="text" class="text" name="startup_wait"
py:attrs="res and {'value':res.getAttribute('startup_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -1066,7 +1073,7 @@
<tr>
<td>Shutdown Wait (seconds)</td>
<td>
- <input type="text" class="text" name="shutdown_wait" value="30"
+ <input type="text" class="text" name="shutdown_wait"
py:attrs="res and {'value':res.getAttribute('shutdown_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -1114,7 +1121,7 @@
<tr>
<td>Shutdown Wait (seconds)</td>
<td>
- <input type="text" class="text" name="shutdown_wait" value="30"
+ <input type="text" class="text" name="shutdown_wait"
py:attrs="res and {'value':res.getAttribute('shutdown_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -1451,7 +1458,6 @@
<td>Start Timeout (seconds)</td>
<td>
<input type="text" class="text" name="start_timeout"
- value="0"
py:attrs="res and {'value':res.getAttribute('start_timeout'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -1459,7 +1465,6 @@
<td>Shutdown Timeout (seconds)</td>
<td>
<input type="text" class="text" name="shutdown_timeout"
- value="0"
py:attrs="res and {'value':res.getAttribute('shutdown_timeout'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -1467,7 +1472,6 @@
<td>Deep Probe Timeout (seconds)</td>
<td>
<input type="text" class="text" name="deep_probe_timeout"
- value="0"
py:attrs="res and {'value':res.getAttribute('deep_probe_timeout'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
@@ -1706,7 +1710,7 @@
<tr>
<td>Shutdown Wait (seconds)</td>
<td>
- <input type="text" class="text" name="shutdown_wait" value="5"
+ <input type="text" class="text" name="shutdown_wait"
py:attrs="res and {'value':res.getAttribute('shutdown_wait'), 'disabled':global_resource and 'disabled' or None} or {}" />
</td>
</tr>
9 years, 9 months
[luci] luci: Allow nfsclient to be a child of nfsserver
by Ryan McCabe
commit 1416de5da9a11f3237bc2854b6c13a662f95afb0
Author: Ryan McCabe <rmccabe(a)redhat.com>
Date: Sun Aug 10 23:13:17 2014 -0400
luci: Allow nfsclient to be a child of nfsserver
Allow nfsclient resources to be children of nfsserver resources
in addition to nfsexport.
Resolves: rhbz#919243
Signed-off-by: Ryan McCabe <rmccabe(a)redhat.com>
luci/lib/ClusterConf/NFSClient.py | 8 ++++----
luci/lib/ClusterConf/NFSServer.py | 4 ++--
2 files changed, 6 insertions(+), 6 deletions(-)
---
diff --git a/luci/lib/ClusterConf/NFSClient.py b/luci/lib/ClusterConf/NFSClient.py
index 1c8e333..1543047 100644
--- a/luci/lib/ClusterConf/NFSClient.py
+++ b/luci/lib/ClusterConf/NFSClient.py
@@ -21,17 +21,17 @@ class NFSClient(BaseResource):
self.deny_all_children = DENY_ALL_CHILDREN
def SanityCheck(self):
- # Must be a child of some nfsexport
+ # Must be a child of some nfsexport or nfsserver
found_export = False
parent = self
while True:
parent = parent.getParent()
if not parent:
break
-
- if parent.getTagName() == 'nfsexport':
+ parent_type = parent.getTagName()
+ if parent_type in ('nfsexport', 'nfsserver'):
found_export = True
break
if not found_export:
- raise Exception, '%s resources must have a parent nfsexport resource' % self.getTagName()
+ raise Exception, '%s resources must have a parent nfsexport or nfsserver resource' % self.getTagName()
diff --git a/luci/lib/ClusterConf/NFSServer.py b/luci/lib/ClusterConf/NFSServer.py
index c04be73..00d3183 100644
--- a/luci/lib/ClusterConf/NFSServer.py
+++ b/luci/lib/ClusterConf/NFSServer.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2010 Red Hat, Inc.
+# Copyright (C) 2010-2014 Red Hat, Inc.
#
# This program is free software; you can redistribute
# it and/or modify it under the terms of version 2 of the
@@ -11,7 +11,7 @@ from gettext import gettext as _
TAG_NAME = 'nfsserver'
RESOURCE_TYPE = _('NFS Server')
-DENY_ALL_CHILDREN = True
+DENY_ALL_CHILDREN = False
class NFSServer(BaseResource):
def __init__(self):
9 years, 9 months
[luci] luci: Fix positioning of sort arrows
by Ryan McCabe
commit d3fa5ca0a3eaef1d2a31ca8a6425a03c41100d97
Author: Ryan McCabe <rmccabe(a)redhat.com>
Date: Sun Aug 10 23:11:53 2014 -0400
luci: Fix positioning of sort arrows
Fix the positioning of the "this column can be sorted" icon.
Resolves: rhbz#919225
Signed-off-by: Ryan McCabe <rmccabe(a)redhat.com>
luci/public/css/style.css | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/luci/public/css/style.css b/luci/public/css/style.css
index 9bcbaea..bfdb41b 100644
--- a/luci/public/css/style.css
+++ b/luci/public/css/style.css
@@ -651,7 +651,7 @@ display: none ! important;
}
table.tablesorter thead tr .header {
- background: transparent url(../images/bg.gif) no-repeat center right;
+ background: transparent url(../images/bg.gif) no-repeat +6em;
cursor: pointer;
}
9 years, 9 months
[luci] luci: Allow & in XML attribute values
by Ryan McCabe
commit b20deb51aab4379623a4744214a592cf3a546dd5
Author: Ryan McCabe <rmccabe(a)redhat.com>
Date: Sun Aug 10 23:10:39 2014 -0400
luci: Allow & in XML attribute values
Allow the & character in XML attribute values. Also do not error out
when reading an existing cluster.conf file that contains illegal characters
in XML attribute values.
Resolves: rhbz#855112
Signed-off-by: Ryan McCabe <rmccabe(a)redhat.com>
luci/lib/ClusterConf/ModelBuilder.py | 14 ++++++++++++--
luci/lib/ClusterConf/TagObject.py | 6 +++---
2 files changed, 15 insertions(+), 5 deletions(-)
---
diff --git a/luci/lib/ClusterConf/ModelBuilder.py b/luci/lib/ClusterConf/ModelBuilder.py
index 262229d..ca3599b 100644
--- a/luci/lib/ClusterConf/ModelBuilder.py
+++ b/luci/lib/ClusterConf/ModelBuilder.py
@@ -226,7 +226,12 @@ class ModelBuilder:
new_object.comments = [c.data for c in comment_nodes]
for k, v in parent_node.attributes.items():
- new_object.addAttribute(k, v)
+ try:
+ new_object.addAttribute(k, v)
+ except ValueError, e:
+ # This should only be thrown when illegal characters are used.
+ # Allow it when reading in an existing configuration.
+ pass
if unknown_element is True:
self.unknown_elements.append((parent_object, new_object))
@@ -394,7 +399,12 @@ class ModelBuilder:
if entity_attr is not None:
for i in entity_attr.iterkeys():
if not rf.attr_hash.has_key(i):
- rf.addAttribute(i, entity_attr[i])
+ try:
+ rf.addAttribute(i, entity_attr[i])
+ except ValueError, e:
+ # This should only be thrown when illegal characters are used.
+ # Allow it when reading in an existing configuration.
+ pass
except:
pass
diff --git a/luci/lib/ClusterConf/TagObject.py b/luci/lib/ClusterConf/TagObject.py
index fec05d9..ae92495 100644
--- a/luci/lib/ClusterConf/TagObject.py
+++ b/luci/lib/ClusterConf/TagObject.py
@@ -17,7 +17,7 @@ class TagObject(object):
self.element_text = None
self.errors = False
self.parent = None
- self.badchars = set('<>&"')
+ self.badchars = set('<>"')
def getParent(self):
return self.parent
@@ -40,9 +40,9 @@ class TagObject(object):
if value is None:
return self.removeAttribute(name)
uvalue = unicode(value)
- if any((c in self.badchars) for c in uvalue):
- raise ValueError, 'Attributes may not contain the following characters: > < " &'
self.attr_hash[name] = uvalue
+ if any((c in self.badchars) for c in uvalue):
+ raise ValueError, 'Attributes may not contain the following characters: > < "'
return value
def addIntegerAttribute(self, name, val, bounds=(None, None)):
9 years, 9 months