debuggers.hg

view tools/python/xen/xm/resetpolicy.py @ 0:7d21f7218375

Exact replica of unstable on 051908 + README-this
author Mukesh Rathor
date Mon May 19 15:34:57 2008 -0700 (2008-05-19)
parents
children
line source
1 #============================================================================
2 # This library is free software; you can redistribute it and/or
3 # modify it under the terms of version 2.1 of the GNU Lesser General Public
4 # License as published by the Free Software Foundation.
5 #
6 # This library is distributed in the hope that it will be useful,
7 # but WITHOUT ANY WARRANTY; without even the implied warranty of
8 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
9 # Lesser General Public License for more details.
10 #
11 # You should have received a copy of the GNU Lesser General Public
12 # License along with this library; if not, write to the Free Software
13 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
14 #============================================================================
15 # Copyright (C) 2007 International Business Machines Corp.
16 # Author: Stefan Berger <stefanb@us.ibm.com>
17 #============================================================================
18 """ Reset the system's current policy to the default state.
19 """
20 import sys
21 import xen.util.xsm.xsm as security
22 from xen.util.xsm.xsm import XSMError
23 from xen.xm.opts import OptionError
24 from xen.xm import main as xm_main
25 from xen.xm.main import server
26 from xen.util import xsconstants
27 from xen.util.acmpolicy import ACMPolicy
30 def help():
31 return """
32 Reset the system's policy to the default.
34 When the system's policy is reset, all guest VMs should be halted,
35 since otherwise this operation will fail.
36 """
39 def resetpolicy():
40 msg = None
41 xs_type = xsconstants.XS_POLICY_ACM
42 flags = xsconstants.XS_INST_LOAD
44 if xm_main.serverType == xm_main.SERVER_XEN_API:
45 if int(server.xenapi.XSPolicy.get_xstype()) & xs_type == 0:
46 raise security.XSMError("ACM policy type not supported.")
48 policystate = server.xenapi.XSPolicy.get_xspolicy()
50 acmpol = ACMPolicy(xml=policystate['repr'])
52 now_flags = int(policystate['flags'])
54 if now_flags & xsconstants.XS_INST_BOOT == 0 and \
55 not acmpol.is_default_policy():
56 msg = "Old policy not found in bootloader file."
58 try:
59 policystate = server.xenapi.XSPolicy.reset_xspolicy(xs_type)
60 except Exception, e:
61 raise security.XSMError("An error occurred resetting the "
62 "policy: %s" % str(e))
64 xserr = int(policystate['xserr'])
65 if xserr != xsconstants.XSERR_SUCCESS:
66 raise security.XSMError("Could not reset the system's policy. "
67 "Try to halt all guests.")
68 else:
69 print "Successfully reset the system's policy."
70 if msg:
71 print msg
72 else:
73 if server.xend.security.get_xstype() & xs_type == 0:
74 raise security.XSMError("ACM policy type not supported.")
76 xml, now_flags = server.xend.security.get_policy()
78 acmpol = ACMPolicy(xml=xml)
80 if int(now_flags) & xsconstants.XS_INST_BOOT == 0 and \
81 not acmpol.is_default_policy():
82 msg = "Old policy not found in bootloader file."
84 rc, errors = server.xend.security.reset_policy()
85 if rc != xsconstants.XSERR_SUCCESS:
86 raise security.XSMError("Could not reset the system's policy. "
87 "Try to halt all guests.")
88 else:
89 print "Successfully reset the system's policy."
90 if msg:
91 print msg
94 def main(argv):
95 if len(argv) != 1:
96 raise OptionError("No arguments expected.")
98 resetpolicy()
101 if __name__ == '__main__':
102 try:
103 main(sys.argv)
104 except Exception, e:
105 sys.stderr.write('Error: %s\n' % str(e))
106 sys.exit(-1)