From bfdb9b1f5e197a0d2f76f7d32835c521e5b30d6f Mon Sep 17 00:00:00 2001
From: Thierry Carrez <thierry@openstack.org>
Date: Mon, 23 Jan 2012 11:17:34 +0100
Subject: Fix environment passing in DnsmasqFilter

Fix environment passing in DnsmasqFilter so that dnsmasq can
be run as root through nova-rootwrap. Fixes bug 919275.

Change-Id: I2e78d92b9af4ddea9c0f1c5ddbe2d55fb672310e
---
 nova/rootwrap/filters.py         | 12 +++++++++++-
 nova/tests/test_nova_rootwrap.py |  8 +++++---
 2 files changed, 16 insertions(+), 4 deletions(-)

(limited to 'nova')

diff --git a/nova/rootwrap/filters.py b/nova/rootwrap/filters.py
index 2932c5e1a..ab43f8f2b 100755
--- a/nova/rootwrap/filters.py
+++ b/nova/rootwrap/filters.py
@@ -41,6 +41,10 @@ class CommandFilter(object):
             return ['sudo', '-u', self.run_as, self.exec_path] + userargs[1:]
         return [self.exec_path] + userargs[1:]
 
+    def get_environment(self, userargs):
+        """Returns specific environment to set, None if none"""
+        return None
+
 
 class RegExpFilter(CommandFilter):
     """Command filter doing regexp matching for every argument"""
@@ -77,4 +81,10 @@ class DnsmasqFilter(CommandFilter):
         return False
 
     def get_command(self, userargs):
-        return userargs[0:2] + [self.exec_path] + userargs[3:]
+        return [self.exec_path] + userargs[3:]
+
+    def get_environment(self, userargs):
+        env = os.environ.copy()
+        env['FLAGFILE'] = userargs[0].split('=')[-1]
+        env['NETWORK_ID'] = userargs[1].split('=')[-1]
+        return env
diff --git a/nova/tests/test_nova_rootwrap.py b/nova/tests/test_nova_rootwrap.py
index c9a6962ba..a38013016 100644
--- a/nova/tests/test_nova_rootwrap.py
+++ b/nova/tests/test_nova_rootwrap.py
@@ -52,11 +52,13 @@ class RootwrapTestCase(test.TestCase):
         self.assertTrue(filtermatch is None)
 
     def test_DnsmasqFilter(self):
-        usercmd = ['FLAGFILE=A', 'NETWORK_ID="foo bar"', 'dnsmasq', 'foo']
+        usercmd = ['FLAGFILE=A', 'NETWORK_ID=foobar', 'dnsmasq', 'foo']
         f = filters.DnsmasqFilter("/usr/bin/dnsmasq", "root")
         self.assertTrue(f.match(usercmd))
-        self.assertEqual(f.get_command(usercmd),
-            ['FLAGFILE=A', 'NETWORK_ID="foo bar"', '/usr/bin/dnsmasq', 'foo'])
+        self.assertEqual(f.get_command(usercmd), ['/usr/bin/dnsmasq', 'foo'])
+        env = f.get_environment(usercmd)
+        self.assertEqual(env.get('FLAGFILE'), 'A')
+        self.assertEqual(env.get('NETWORK_ID'), 'foobar')
 
     def test_skips(self):
         # Check that all filters are skipped and that the last matches
-- 
cgit