/test/py/ganeti.backend_unittest.py - ganeti-local - Greek Research and Technology Network's projects

| Branch: | Tag: | Revision:

root / test / py / ganeti.backend_unittest.py @ 45bc4635

History | View | Annotate | Download (18.7 kB)

       #!/usr/bin/python
+      #
       # Copyright (C) 2010, 2013 Google Inc.
+      #
       # This program is free software; you can redistribute it and/or modify
       # it under the terms of the GNU General Public License as published by
       # the Free Software Foundation; either version 2 of the License, or
       # (at your option) any later version.
+      #
       # This program is distributed in the hope that it will be useful, but
       # WITHOUT ANY WARRANTY; without even the implied warranty of
       # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
       # General Public License for more details.
+      #
       # You should have received a copy of the GNU General Public License
       # along with this program; if not, write to the Free Software
       # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
       # 02110-1301, USA.
       """Script for testing ganeti.backend"""
       import os
       import sys
       import shutil
       import tempfile
       import unittest
       from ganeti import utils
       from ganeti import constants
       from ganeti import backend
       from ganeti import netutils
       from ganeti import errors
       import testutils
       import mocks
       class TestX509Certificates(unittest.TestCase):
         def setUp(self):
           self.tmpdir = tempfile.mkdtemp()
         def tearDown(self):
           shutil.rmtree(self.tmpdir)
         def test(self):
           (name, cert_pem) = backend.CreateX509Certificate(300, cryptodir=self.tmpdir)
           self.assertEqual(utils.ReadFile(os.path.join(self.tmpdir, name,
                                                        backend._X509_CERT_FILE)),
                            cert_pem)
           self.assert_(0 < os.path.getsize(os.path.join(self.tmpdir, name,
                                                         backend._X509_KEY_FILE)))
           (name2, cert_pem2) = \
             backend.CreateX509Certificate(300, cryptodir=self.tmpdir)
           backend.RemoveX509Certificate(name, cryptodir=self.tmpdir)
           backend.RemoveX509Certificate(name2, cryptodir=self.tmpdir)
           self.assertEqual(utils.ListVisibleFiles(self.tmpdir), [])
         def testNonEmpty(self):
           (name, _) = backend.CreateX509Certificate(300, cryptodir=self.tmpdir)
           utils.WriteFile(utils.PathJoin(self.tmpdir, name, "hello-world"),
                           data="Hello World")
           self.assertRaises(backend.RPCFail, backend.RemoveX509Certificate,
                             name, cryptodir=self.tmpdir)
           self.assertEqual(utils.ListVisibleFiles(self.tmpdir), [name])
       class TestNodeVerify(testutils.GanetiTestCase):
         def testMasterIPLocalhost(self):
           # this a real functional test, but requires localhost to be reachable
           local_data = (netutils.Hostname.GetSysName(),
                         constants.IP4_ADDRESS_LOCALHOST)
           result = backend.VerifyNode({constants.NV_MASTERIP: local_data}, None)
           self.failUnless(constants.NV_MASTERIP in result,
                           "Master IP data not returned")
           self.failUnless(result[constants.NV_MASTERIP], "Cannot reach localhost")
         def testMasterIPUnreachable(self):
           # Network 192.0.2.0/24 is reserved for test/documentation as per
           # RFC 5737
           bad_data =  ("master.example.com", "192.0.2.1")
           # we just test that whatever TcpPing returns, VerifyNode returns too
           netutils.TcpPing = lambda a, b, source=None: False
           result = backend.VerifyNode({constants.NV_MASTERIP: bad_data}, None)
           self.failUnless(constants.NV_MASTERIP in result,
                           "Master IP data not returned")
           self.failIf(result[constants.NV_MASTERIP],
                       "Result from netutils.TcpPing corrupted")
       def _DefRestrictedCmdOwner():
         return (os.getuid(), os.getgid())
       class TestVerifyRestrictedCmdName(unittest.TestCase):
         def testAcceptableName(self):
           for i in ["foo", "bar", "z1", "000first", "hello-world"]:
             for fn in [lambda s: s, lambda s: s.upper(), lambda s: s.title()]:
               (status, msg) = backend._VerifyRestrictedCmdName(fn(i))
               self.assertTrue(status)
               self.assertTrue(msg is None)
         def testEmptyAndSpace(self):
           for i in ["", " ", "\t", "\n"]:
             (status, msg) = backend._VerifyRestrictedCmdName(i)
             self.assertFalse(status)
             self.assertEqual(msg, "Missing command name")
         def testNameWithSlashes(self):
           for i in ["/", "./foo", "../moo", "some/name"]:
             (status, msg) = backend._VerifyRestrictedCmdName(i)
             self.assertFalse(status)
             self.assertEqual(msg, "Invalid command name")
         def testForbiddenCharacters(self):
           for i in ["#", ".", "..", "bash -c ls", "'"]:
             (status, msg) = backend._VerifyRestrictedCmdName(i)
             self.assertFalse(status)
             self.assertEqual(msg, "Command name contains forbidden characters")
       class TestVerifyRestrictedCmdDirectory(unittest.TestCase):
         def setUp(self):
           self.tmpdir = tempfile.mkdtemp()
         def tearDown(self):
           shutil.rmtree(self.tmpdir)
         def testCanNotStat(self):
           tmpname = utils.PathJoin(self.tmpdir, "foobar")
           self.assertFalse(os.path.exists(tmpname))
           (status, msg) = \
             backend._VerifyRestrictedCmdDirectory(tmpname, _owner=NotImplemented)
           self.assertFalse(status)
           self.assertTrue(msg.startswith("Can't stat(2) '"))
         def testTooPermissive(self):
           tmpname = utils.PathJoin(self.tmpdir, "foobar")
           os.mkdir(tmpname)
           for mode in [0777, 0706, 0760, 0722]:
             os.chmod(tmpname, mode)
             self.assertTrue(os.path.isdir(tmpname))
             (status, msg) = \
               backend._VerifyRestrictedCmdDirectory(tmpname, _owner=NotImplemented)
             self.assertFalse(status)
             self.assertTrue(msg.startswith("Permissions on '"))
         def testNoDirectory(self):
           tmpname = utils.PathJoin(self.tmpdir, "foobar")
           utils.WriteFile(tmpname, data="empty\n")
           self.assertTrue(os.path.isfile(tmpname))
           (status, msg) = \
             backend._VerifyRestrictedCmdDirectory(tmpname,
                                                   _owner=_DefRestrictedCmdOwner())
           self.assertFalse(status)
           self.assertTrue(msg.endswith("is not a directory"))
         def testNormal(self):
           tmpname = utils.PathJoin(self.tmpdir, "foobar")
           os.mkdir(tmpname)
           self.assertTrue(os.path.isdir(tmpname))
           (status, msg) = \
             backend._VerifyRestrictedCmdDirectory(tmpname,
                                                   _owner=_DefRestrictedCmdOwner())
           self.assertTrue(status)
           self.assertTrue(msg is None)
       class TestVerifyRestrictedCmd(unittest.TestCase):
         def setUp(self):
           self.tmpdir = tempfile.mkdtemp()
         def tearDown(self):
           shutil.rmtree(self.tmpdir)
         def testCanNotStat(self):
           tmpname = utils.PathJoin(self.tmpdir, "helloworld")
           self.assertFalse(os.path.exists(tmpname))
           (status, msg) = \
             backend._VerifyRestrictedCmd(self.tmpdir, "helloworld",
                                          _owner=NotImplemented)
           self.assertFalse(status)
           self.assertTrue(msg.startswith("Can't stat(2) '"))
         def testNotExecutable(self):
           tmpname = utils.PathJoin(self.tmpdir, "cmdname")
           utils.WriteFile(tmpname, data="empty\n")
           (status, msg) = \
             backend._VerifyRestrictedCmd(self.tmpdir, "cmdname",
                                          _owner=_DefRestrictedCmdOwner())
           self.assertFalse(status)
           self.assertTrue(msg.startswith("access(2) thinks '"))
         def testExecutable(self):
           tmpname = utils.PathJoin(self.tmpdir, "cmdname")
           utils.WriteFile(tmpname, data="empty\n", mode=0700)
           (status, executable) = \
             backend._VerifyRestrictedCmd(self.tmpdir, "cmdname",
                                          _owner=_DefRestrictedCmdOwner())
           self.assertTrue(status)
           self.assertEqual(executable, tmpname)
       class TestPrepareRestrictedCmd(unittest.TestCase):
         _TEST_PATH = "/tmp/some/test/path"
         def testDirFails(self):
           def fn(path):
             self.assertEqual(path, self._TEST_PATH)
             return (False, "test error 31420")
           (status, msg) = \
             backend._PrepareRestrictedCmd(self._TEST_PATH, "cmd21152",
                                           _verify_dir=fn,
                                           _verify_name=NotImplemented,
                                           _verify_cmd=NotImplemented)
           self.assertFalse(status)
           self.assertEqual(msg, "test error 31420")
         def testNameFails(self):
           def fn(cmd):
             self.assertEqual(cmd, "cmd4617")
             return (False, "test error 591")
           (status, msg) = \
             backend._PrepareRestrictedCmd(self._TEST_PATH, "cmd4617",
                                           _verify_dir=lambda _: (True, None),
                                           _verify_name=fn,
                                           _verify_cmd=NotImplemented)
           self.assertFalse(status)
           self.assertEqual(msg, "test error 591")
         def testCommandFails(self):
           def fn(path, cmd):
             self.assertEqual(path, self._TEST_PATH)
             self.assertEqual(cmd, "cmd17577")
             return (False, "test error 25524")
           (status, msg) = \
             backend._PrepareRestrictedCmd(self._TEST_PATH, "cmd17577",
                                           _verify_dir=lambda _: (True, None),
                                           _verify_name=lambda _: (True, None),
                                           _verify_cmd=fn)
           self.assertFalse(status)
           self.assertEqual(msg, "test error 25524")
         def testSuccess(self):
           def fn(path, cmd):
             return (True, utils.PathJoin(path, cmd))
           (status, executable) = \
             backend._PrepareRestrictedCmd(self._TEST_PATH, "cmd22633",
                                           _verify_dir=lambda _: (True, None),
                                           _verify_name=lambda _: (True, None),
                                           _verify_cmd=fn)
           self.assertTrue(status)
           self.assertEqual(executable, utils.PathJoin(self._TEST_PATH, "cmd22633"))
       def _SleepForRestrictedCmd(duration):
         assert duration > 5
       def _GenericRestrictedCmdError(cmd):
         return "Executing command '%s' failed" % cmd
       class TestRunRestrictedCmd(unittest.TestCase):
         def setUp(self):
           self.tmpdir = tempfile.mkdtemp()
         def tearDown(self):
           shutil.rmtree(self.tmpdir)
         def testNonExistantLockDirectory(self):
           lockfile = utils.PathJoin(self.tmpdir, "does", "not", "exist")
           sleep_fn = testutils.CallCounter(_SleepForRestrictedCmd)
           self.assertFalse(os.path.exists(lockfile))
           self.assertRaises(backend.RPCFail,
                             backend.RunRestrictedCmd, "test",
                             _lock_timeout=NotImplemented,
                             _lock_file=lockfile,
                             _path=NotImplemented,
                             _sleep_fn=sleep_fn,
                             _prepare_fn=NotImplemented,
                             _runcmd_fn=NotImplemented,
                             _enabled=True)
           self.assertEqual(sleep_fn.Count(), 1)
         @staticmethod
         def _TryLock(lockfile):
           sleep_fn = testutils.CallCounter(_SleepForRestrictedCmd)
           result = False
           try:
             backend.RunRestrictedCmd("test22717",
                                      _lock_timeout=0.1,
                                      _lock_file=lockfile,
                                      _path=NotImplemented,
                                      _sleep_fn=sleep_fn,
                                      _prepare_fn=NotImplemented,
                                      _runcmd_fn=NotImplemented,
                                      _enabled=True)
           except backend.RPCFail, err:
             assert str(err) == _GenericRestrictedCmdError("test22717"), \
                    "Did not fail with generic error message"
             result = True
           assert sleep_fn.Count() == 1
           return result
         def testLockHeldByOtherProcess(self):
           lockfile = utils.PathJoin(self.tmpdir, "lock")
           lock = utils.FileLock.Open(lockfile)
           lock.Exclusive(blocking=True, timeout=1.0)
           try:
             self.assertTrue(utils.RunInSeparateProcess(self._TryLock, lockfile))
           finally:
             lock.Close()
         @staticmethod
         def _PrepareRaisingException(path, cmd):
           assert cmd == "test23122"
           raise Exception("test")
         def testPrepareRaisesException(self):
           lockfile = utils.PathJoin(self.tmpdir, "lock")
           sleep_fn = testutils.CallCounter(_SleepForRestrictedCmd)
           prepare_fn = testutils.CallCounter(self._PrepareRaisingException)
           try:
             backend.RunRestrictedCmd("test23122",
                                      _lock_timeout=1.0, _lock_file=lockfile,
                                      _path=NotImplemented, _runcmd_fn=NotImplemented,
                                      _sleep_fn=sleep_fn, _prepare_fn=prepare_fn,
                                      _enabled=True)
           except backend.RPCFail, err:
             self.assertEqual(str(err), _GenericRestrictedCmdError("test23122"))
           else:
             self.fail("Didn't fail")
           self.assertEqual(sleep_fn.Count(), 1)
           self.assertEqual(prepare_fn.Count(), 1)
         @staticmethod
         def _PrepareFails(path, cmd):
           assert cmd == "test29327"
           return ("some error message", None)
         def testPrepareFails(self):
           lockfile = utils.PathJoin(self.tmpdir, "lock")
           sleep_fn = testutils.CallCounter(_SleepForRestrictedCmd)
           prepare_fn = testutils.CallCounter(self._PrepareFails)
           try:
             backend.RunRestrictedCmd("test29327",
                                      _lock_timeout=1.0, _lock_file=lockfile,
                                      _path=NotImplemented, _runcmd_fn=NotImplemented,
                                      _sleep_fn=sleep_fn, _prepare_fn=prepare_fn,
                                      _enabled=True)
           except backend.RPCFail, err:
             self.assertEqual(str(err), _GenericRestrictedCmdError("test29327"))
           else:
             self.fail("Didn't fail")
           self.assertEqual(sleep_fn.Count(), 1)
           self.assertEqual(prepare_fn.Count(), 1)
         @staticmethod
         def _SuccessfulPrepare(path, cmd):
           return (True, utils.PathJoin(path, cmd))
         def testRunCmdFails(self):
           lockfile = utils.PathJoin(self.tmpdir, "lock")
           def fn(args, env=NotImplemented, reset_env=NotImplemented,
                  postfork_fn=NotImplemented):
             self.assertEqual(args, [utils.PathJoin(self.tmpdir, "test3079")])
             self.assertEqual(env, {})
             self.assertTrue(reset_env)
             self.assertTrue(callable(postfork_fn))
             trylock = utils.FileLock.Open(lockfile)
             try:
               # See if lockfile is still held
               self.assertRaises(EnvironmentError, trylock.Exclusive, blocking=False)
               # Call back to release lock
               postfork_fn(NotImplemented)
               # See if lockfile can be acquired
               trylock.Exclusive(blocking=False)
             finally:
               trylock.Close()
             # Simulate a failed command
             return utils.RunResult(constants.EXIT_FAILURE, None,
                                    "stdout", "stderr406328567",
                                    utils.ShellQuoteArgs(args),
                                    NotImplemented, NotImplemented)
           sleep_fn = testutils.CallCounter(_SleepForRestrictedCmd)
           prepare_fn = testutils.CallCounter(self._SuccessfulPrepare)
           runcmd_fn = testutils.CallCounter(fn)
           try:
             backend.RunRestrictedCmd("test3079",
                                      _lock_timeout=1.0, _lock_file=lockfile,
                                      _path=self.tmpdir, _runcmd_fn=runcmd_fn,
                                      _sleep_fn=sleep_fn, _prepare_fn=prepare_fn,
                                      _enabled=True)
           except backend.RPCFail, err:
             self.assertTrue(str(err).startswith("Restricted command 'test3079'"
                                                 " failed:"))
             self.assertTrue("stderr406328567" in str(err),
                             msg="Error did not include output")
           else:
             self.fail("Didn't fail")
           self.assertEqual(sleep_fn.Count(), 0)
           self.assertEqual(prepare_fn.Count(), 1)
           self.assertEqual(runcmd_fn.Count(), 1)
         def testRunCmdSucceeds(self):
           lockfile = utils.PathJoin(self.tmpdir, "lock")
           def fn(args, env=NotImplemented, reset_env=NotImplemented,
                  postfork_fn=NotImplemented):
             self.assertEqual(args, [utils.PathJoin(self.tmpdir, "test5667")])
             self.assertEqual(env, {})
             self.assertTrue(reset_env)
             # Call back to release lock
             postfork_fn(NotImplemented)
             # Simulate a successful command
             return utils.RunResult(constants.EXIT_SUCCESS, None, "stdout14463", "",
                                    utils.ShellQuoteArgs(args),
                                    NotImplemented, NotImplemented)
           sleep_fn = testutils.CallCounter(_SleepForRestrictedCmd)
           prepare_fn = testutils.CallCounter(self._SuccessfulPrepare)
           runcmd_fn = testutils.CallCounter(fn)
           result = backend.RunRestrictedCmd("test5667",
                                             _lock_timeout=1.0, _lock_file=lockfile,
                                             _path=self.tmpdir, _runcmd_fn=runcmd_fn,
                                             _sleep_fn=sleep_fn,
                                             _prepare_fn=prepare_fn,
                                             _enabled=True)
           self.assertEqual(result, "stdout14463")
           self.assertEqual(sleep_fn.Count(), 0)
           self.assertEqual(prepare_fn.Count(), 1)
           self.assertEqual(runcmd_fn.Count(), 1)
         def testCommandsDisabled(self):
           try:
             backend.RunRestrictedCmd("test",
                                      _lock_timeout=NotImplemented,
                                      _lock_file=NotImplemented,
                                      _path=NotImplemented,
                                      _sleep_fn=NotImplemented,
                                      _prepare_fn=NotImplemented,
                                      _runcmd_fn=NotImplemented,
                                      _enabled=False)
           except backend.RPCFail, err:
             self.assertEqual(str(err),
                              "Restricted commands disabled at configure time")
           else:
             self.fail("Did not raise exception")
       class TestSetWatcherPause(unittest.TestCase):
         def setUp(self):
           self.tmpdir = tempfile.mkdtemp()
           self.filename = utils.PathJoin(self.tmpdir, "pause")
         def tearDown(self):
           shutil.rmtree(self.tmpdir)
         def testUnsetNonExisting(self):
           self.assertFalse(os.path.exists(self.filename))
           backend.SetWatcherPause(None, _filename=self.filename)
           self.assertFalse(os.path.exists(self.filename))
         def testSetNonNumeric(self):
           for i in ["", [], {}, "Hello World", "0", "1.0"]:
             self.assertFalse(os.path.exists(self.filename))
             try:
               backend.SetWatcherPause(i, _filename=self.filename)
             except backend.RPCFail, err:
               self.assertEqual(str(err), "Duration must be numeric")
             else:
               self.fail("Did not raise exception")
             self.assertFalse(os.path.exists(self.filename))
         def testSet(self):
           self.assertFalse(os.path.exists(self.filename))
           for i in range(10):
             backend.SetWatcherPause(i, _filename=self.filename)
             self.assertEqual(utils.ReadFile(self.filename), "%s\n" % i)
             self.assertEqual(os.stat(self.filename).st_mode & 0777, 0644)
       class TestGetBlockDevSymlinkPath(unittest.TestCase):
         def setUp(self):
           self.tmpdir = tempfile.mkdtemp()
         def tearDown(self):
           shutil.rmtree(self.tmpdir)
         def _Test(self, name, idx):
           self.assertEqual(backend._GetBlockDevSymlinkPath(name, idx,
                                                            _dir=self.tmpdir),
                            ("%s/%s%s%s" % (self.tmpdir, name,
                                            constants.DISK_SEPARATOR, idx)))
         def test(self):
           for idx in range(100):
             self._Test("inst1.example.com", idx)
       if __name__ == "__main__":
         testutils.GanetiTestProgram()

Synnefo » snf-ganeti » ganeti-local

root / test / py / ganeti.backend_unittest.py @ 45bc4635