Dan Kenigsberg has posted comments on this change.
Change subject: BZ#736114 bootstrap: override iptables if requested
......................................................................
Patch Set 2: (5 inline comments)
....................................................
File vds_bootstrap/vds_bootstrap.py
Line 139: pass
Line 140: sys.path.append(VDSM_DIR)
Line 141:
Line 142: __DEFAULT_IPTABLES__ = """
Line 143: # oVirt automatically generated firewall configuration
fixed text
Line 144: *filter
Line 145: :INPUT ACCEPT [0:0]
Line 146: :FORWARD ACCEPT [0:0]
Line 147: :OUTPUT ACCEPT [0:0]
Line 169: """
Line 170: __SYSCONFIG_IPTABLES__ = '/etc/sysconfig/iptables'
Line 171:
Line 172: def _safeWrite(fname, s):
Line 173: "Write s into fname atomically"
triple quote is important only for multiline strings.
Line 174:
Line 175: t = tempfile.NamedTemporaryFile(delete=False)
Line 176: t.write(s)
Line 177: t.close()
Line 187: if oldstat is not None:
Line 188: os.chmod(fname, oldstat.st_mode)
Line 189: os.chown(fname, oldstat.st_uid, oldstat.st_gid)
Line 190:
Line 191: selinux.restorecon(fname)
yeah, I am trying to set the exact permissions - but if it fails, tough luck, log and
continue.
Line 192: except OSError:
Line 193: logging.debug('trying to maintain file permissions',
exc_info=True)
Line 194:
Line 195:
Line 748: self._xmlOutput('SetSSHAccess', self.status, None, None,
self.message)
Line 749: return self.rc
Line 750:
Line 751: def overrideFirewall(self):
Line 752: self.message = 'overriden firewall successfully'
Done
Line 753: self.rc = True
Line 754: self.st = 'OK'
Line 755:
Line 756: try:
Line 753: self.rc = True
Line 754: self.st = 'OK'
Line 755:
Line 756: try:
Line 757: _safeWrite(__SYSCONFIG_IPTABLES__)
Doh!
Line 758: except Exception, e:
Line 759: self.message = str(e)
Line 760: self.rc = False
Line 761: self.st = 'FAIL'
--
To view, visit
http://gerrit.usersys.redhat.com/945
To unsubscribe, visit
http://gerrit.usersys.redhat.com/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I6a2e7d0512a2c9fc691135bf42b03fdcb3ee088a
Gerrit-PatchSet: 2
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Dan Kenigsberg <danken(a)redhat.com>
Gerrit-Reviewer: Dan Kenigsberg <danken(a)redhat.com>
Gerrit-Reviewer: Yotam Oron <yoron(a)redhat.com>