diff options
| author | Jenkins <jenkins@review.openstack.org> | 2012-12-27 06:00:06 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2012-12-27 06:00:06 +0000 |
| commit | b3a258297a9fe631d29ae1b4660cbd5b85bdc008 (patch) | |
| tree | 6ff0429e1baf64965284b76db0a0ca2f47cef663 | |
| parent | 758cba09330fd51d91d69e2d7970085d5cb997ea (diff) | |
| parent | f393a513d7894ddb800e4dfc87da896600fb7421 (diff) | |
Merge "Ensure we add a new line when appending to rc.local"
| -rw-r--r-- | nova/tests/test_virt_disk.py | 22 | ||||
| -rw-r--r-- | nova/virt/disk/api.py | 5 |
2 files changed, 26 insertions, 1 deletions
diff --git a/nova/tests/test_virt_disk.py b/nova/tests/test_virt_disk.py index 1177aef6f..902d49704 100644 --- a/nova/tests/test_virt_disk.py +++ b/nova/tests/test_virt_disk.py @@ -84,6 +84,28 @@ class VirtDiskTest(test.TestCase): vfs.teardown() + def test_inject_data_key_with_selinux_append_with_newline(self): + + vfs = vfsguestfs.VFSGuestFS("/some/file", "qcow2") + vfs.setup() + + vfs.replace_file("/etc/rc.d/rc.local", "#!/bin/sh\necho done") + vfs.make_path("etc/selinux") + vfs.make_path("etc/rc.d") + diskapi._inject_key_into_fs("mysshkey", vfs) + + self.assertTrue("/etc/rc.d/rc.local" in vfs.handle.files) + self.assertEquals(vfs.handle.files["/etc/rc.d/rc.local"], + {'isdir': False, + 'content': "#!/bin/sh\necho done\n# Added " + "by Nova to ensure injected ssh keys have " + "the right context\nrestorecon -RF " + "root/.ssh 2>/dev/null || :\n", + 'gid': 100, + 'uid': 100, + 'mode': 0700}) + vfs.teardown() + def test_inject_net(self): vfs = vfsguestfs.VFSGuestFS("/some/file", "qcow2") diff --git a/nova/virt/disk/api.py b/nova/virt/disk/api.py index e7e3b49c8..758299f16 100644 --- a/nova/virt/disk/api.py +++ b/nova/virt/disk/api.py @@ -357,11 +357,14 @@ def _setup_selinux_for_keys(fs, sshdir): # and so to append there you'd need something like: # utils.execute('sed', '-i', '${/^exit 0$/d}' rclocal, run_as_root=True) restorecon = [ - '#!/bin/sh\n', + '\n', '# Added by Nova to ensure injected ssh keys have the right context\n', 'restorecon -RF %s 2>/dev/null || :\n' % sshdir, ] + if not fs.has_file(rclocal): + restorecon.insert(0, '#!/bin/sh') + _inject_file_into_fs(fs, rclocal, ''.join(restorecon), append=True) fs.set_permissions(rclocal, 0700) |