Previous topic

The nova.quota Module

Next topic

The nova.rootwrap.wrapper Module

This Page

Psst... hey. You're reading the latest content, but it might be out of sync with code. You can read Nova 2011.2 docs or all OpenStack docs too.

The nova.rootwrap.filters Module

class CommandFilter(exec_path, run_as, *args)

Bases: object

Command filter only checking that the 1st argument matches exec_path

get_command(userargs)

Returns command to execute (with sudo -u if run_as != root).

get_environment(userargs)

Returns specific environment to set, None if none

match(userargs)

Only check that the first argument (command) matches exec_path

class DnsmasqFilter(exec_path, run_as, *args)

Bases: nova.rootwrap.filters.CommandFilter

Specific filter for the dnsmasq call (which includes env)

get_command(userargs)
get_environment(userargs)
match(userargs)
class KillFilter(*args)

Bases: nova.rootwrap.filters.CommandFilter

Specific filter for the kill calls. 1st argument is the user to run /bin/kill under 2nd argument is the location of the affected executable Subsequent arguments list the accepted signals (if any)

This filter relies on /proc to accurately determine affected executable, so it will only work on procfs-capable systems (not OSX).

match(userargs)
class ReadFileFilter(file_path, *args)

Bases: nova.rootwrap.filters.CommandFilter

Specific filter for the utils.read_file_as_root call

match(userargs)
class RegExpFilter(exec_path, run_as, *args)

Bases: nova.rootwrap.filters.CommandFilter

Command filter doing regexp matching for every argument

match(userargs)