Allows nova to read files as root

* Adds a rootwrap filter to limit readable files * Adds a utils method to read a file as root * adds tests to verify the additions work Change-Id: Ic1ffb6f72f9b73795d5f39fac719842e6bdf16dd
author: Vishvananda Ishaya <vishvananda@gmail.com> 2012-02-03 15:29:00 -0800
committer: Vishvananda Ishaya <vishvananda@gmail.com> 2012-02-03 16:49:42 -0800
commit: 65e233133e801439caaa8265b0de68c70a04ccd2 (patch)
tree: 0929feec40ec2ebfc6a72f556e1414eb66d30c67 /nova/utils.py
parent: 61c434baa77fa2744cac81f64957da319078614e (diff)
download: nova-65e233133e801439caaa8265b0de68c70a04ccd2.tar.gz
nova-65e233133e801439caaa8265b0de68c70a04ccd2.tar.xz
nova-65e233133e801439caaa8265b0de68c70a04ccd2.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/nova/utils.py b/nova/utils.py
index 72e1cd3e0..452646d4d 100644
--- a/nova/utils.py
+++ b/nova/utils.py
@@ -1412,3 +1412,12 @@ def generate_mac_address():
            random.randint(0x00, 0xff),
            random.randint(0x00, 0xff)]
     return ':'.join(map(lambda x: "%02x" % x, mac))
+
+
+def read_file_as_root(file_path):
+    """Secure helper to read file as root."""
+    try:
+        out, _err = execute('cat', file_path, run_as_root=True)
+        return out
+    except exception.ProcessExecutionError:
+        raise exception.FileNotFound(file_path=file_path)
author	Vishvananda Ishaya <vishvananda@gmail.com>	2012-02-03 15:29:00 -0800
committer	Vishvananda Ishaya <vishvananda@gmail.com>	2012-02-03 16:49:42 -0800
commit	65e233133e801439caaa8265b0de68c70a04ccd2 (patch)
tree	0929feec40ec2ebfc6a72f556e1414eb66d30c67 /nova/utils.py
parent	61c434baa77fa2744cac81f64957da319078614e (diff)
download	nova-65e233133e801439caaa8265b0de68c70a04ccd2.tar.gz nova-65e233133e801439caaa8265b0de68c70a04ccd2.tar.xz nova-65e233133e801439caaa8265b0de68c70a04ccd2.zip