From fbda4315cd314f1db13c6dbdfb85eef5a70f6614 Mon Sep 17 00:00:00 2001 From: "atse@norwich.uk.xensource.com" Date: Thu, 28 Sep 2006 12:46:09 +0100 Subject: [PATCH] [XM] Report proper ACMError(s) instead of silently exiting. Remove try except blocks so that ACMError(s) are properly reported to the user rather than silently fail. Signed-off-by: Alastair Tse --- tools/python/xen/xm/addlabel.py | 70 ++++++++++++++++--------------- tools/python/xen/xm/dry-run.py | 41 +++++++++--------- tools/python/xen/xm/dumppolicy.py | 18 ++++---- tools/python/xen/xm/rmlabel.py | 31 +++++++------- 4 files changed, 81 insertions(+), 79 deletions(-) diff --git a/tools/python/xen/xm/addlabel.py b/tools/python/xen/xm/addlabel.py index 7bbe86eecc..86e4ff7b74 100644 --- a/tools/python/xen/xm/addlabel.py +++ b/tools/python/xen/xm/addlabel.py @@ -115,43 +115,45 @@ def add_domain_label(label, configfile, policyref): config_fd.close() -def main (argv): - try: - policyref = None - if len(argv) not in (4, 5): - raise OptionError('Needs either 2 or 3 arguments') - - label = argv[1] - - if len(argv) == 5: - policyref = argv[4] - elif security.on(): - policyref = security.active_policy - else: - security.err("No active policy. Policy must be specified in command line.") - - if argv[2].lower() == "dom": - configfile = argv[3] - if configfile[0] != '/': - for prefix in [".", "/etc/xen"]: - configfile = prefix + "/" + configfile - if os.path.isfile(configfile): - break - if not validate_config_file(configfile): - raise OptionError('Invalid config file') - else: - add_domain_label(label, configfile, policyref) - elif argv[2].lower() == "res": - resource = argv[3] - add_resource_label(label, resource, policyref) +def main(argv): + policyref = None + if len(argv) not in (4, 5): + raise OptionError('Needs either 2 or 3 arguments') + + label = argv[1] + + if len(argv) == 5: + policyref = argv[4] + elif security.on(): + policyref = security.active_policy + else: + raise OptionError("No active policy. Must specify policy on the " + "command line.") + + if argv[2].lower() == "dom": + configfile = argv[3] + if configfile[0] != '/': + for prefix in [".", "/etc/xen"]: + configfile = prefix + "/" + configfile + if os.path.isfile(configfile): + break + if not validate_config_file(configfile): + raise OptionError('Invalid config file') else: - raise OptionError('Need to specify either "dom" or "res" as object to add label to.') + add_domain_label(label, configfile, policyref) + elif argv[2].lower() == "res": + resource = argv[3] + add_resource_label(label, resource, policyref) + else: + raise OptionError('Need to specify either "dom" or "res" as ' + 'object to add label to.') - except security.ACMError: - sys.exit(-1) - if __name__ == '__main__': - main(sys.argv) + try: + main(sys.argv) + except Exception, e: + sys.stderr.write('Error: %s\n' % str(e)) + sys.exit(-1) diff --git a/tools/python/xen/xm/dry-run.py b/tools/python/xen/xm/dry-run.py index 1202316f70..9aa56d2f94 100644 --- a/tools/python/xen/xm/dry-run.py +++ b/tools/python/xen/xm/dry-run.py @@ -32,27 +32,26 @@ def help(): individually along with the final security decision.""" def main (argv): - try: - if len(argv) != 2: - raise OptionError('Invalid number of arguments') - - passed = 0 - (opts, config) = create.parseCommandLine(argv) - if create.check_domain_label(config, verbose=1): - if create.config_security_check(config, verbose=1): - passed = 1 - else: - print "Checking resources: (skipped)" - - if passed: - print "Dry Run: PASSED" - else: - print "Dry Run: FAILED" - sys.exit(-1) - - except security.ACMError: + if len(argv) != 2: + raise OptionError('Invalid number of arguments') + + passed = 0 + (opts, config) = create.parseCommandLine(argv) + if create.check_domain_label(config, verbose=1): + if create.config_security_check(config, verbose=1): + passed = 1 + else: + print "Checking resources: (skipped)" + + if passed: + print "Dry Run: PASSED" + else: + print "Dry Run: FAILED" sys.exit(-1) - if __name__ == '__main__': - main(sys.argv) + try: + main(sys.argv) + except Exception, e: + sys.stderr.write('Error: %s\n' % str(e)) + sys.exit(-1) diff --git a/tools/python/xen/xm/dumppolicy.py b/tools/python/xen/xm/dumppolicy.py index 3de9e42a19..c57e8e4ad5 100644 --- a/tools/python/xen/xm/dumppolicy.py +++ b/tools/python/xen/xm/dumppolicy.py @@ -19,7 +19,7 @@ """ import sys from xen.util.security import ACMError, err, dump_policy - +from xen.xm.opts import OptionError def help(): return """ @@ -27,16 +27,16 @@ def help(): (low-level).""" def main(argv): - try: - if len(argv) != 1: - usage() - - dump_policy() - except ACMError: - sys.exit(-1) + if len(argv) != 1: + raise OptionError("No arguments expected.") + dump_policy() if __name__ == '__main__': - main(sys.argv) + try: + main(sys.argv) + except Exception, e: + sys.stderr.write('Error: %s\n' % str(e)) + sys.exit(-1) diff --git a/tools/python/xen/xm/rmlabel.py b/tools/python/xen/xm/rmlabel.py index 0d0993b6e5..9cfdeae350 100644 --- a/tools/python/xen/xm/rmlabel.py +++ b/tools/python/xen/xm/rmlabel.py @@ -42,14 +42,14 @@ def rm_resource_label(resource): try: access_control = dictio.dict_read("resources", file) except: - security.err("Resource file not found, cannot remove label!") + raise security.ACMError("Resource file not found, cannot remove label!") # remove the entry and update file if access_control.has_key(resource): del access_control[resource] dictio.dict_write(access_control, "resources", file) else: - security.err("Resource not labeled.") + raise security.ACMError("Resource not labeled") def rm_domain_label(configfile): @@ -65,8 +65,8 @@ def rm_domain_label(configfile): fd = open(file, "rb") break if not fd: - security.err("Configuration file '"+configfile+"' not found.") - + raise OptionError("Configuration file '%s' not found." % configfile) + # read in the domain config file, removing label ac_entry_re = re.compile("^access_control\s*=.*", re.IGNORECASE) ac_exit_re = re.compile(".*'\].*") @@ -86,7 +86,7 @@ def rm_domain_label(configfile): # send error message if we didn't find anything to remove if not removed: - security.err("Domain not labeled.") + raise security.ACMError('Domain not labeled') # write the data back out to the file fd = open(file, "wb") @@ -102,17 +102,18 @@ def main (argv): if argv[1].lower() not in ('dom', 'res'): raise OptionError('Unrecognised type argument: %s' % argv[1]) - try: - if argv[1].lower() == "dom": - configfile = argv[2] - rm_domain_label(configfile) - elif argv[1].lower() == "res": - resource = argv[2] - rm_resource_label(resource) - except security.ACMError: - sys.exit(-1) + if argv[1].lower() == "dom": + configfile = argv[2] + rm_domain_label(configfile) + elif argv[1].lower() == "res": + resource = argv[2] + rm_resource_label(resource) if __name__ == '__main__': - main(sys.argv) + try: + main(sys.argv) + except Exception, e: + sys.stderr.write('Error: %s\n' % str(e)) + sys.exit(-1) -- 2.30.2