cloud-init

Merge ~raharper/cloud-init:redhat-selinux-fixes into cloud-init:master

Proposed by Ryan Harper on 2017-06-09

Status:

Merged

Approved by:

Scott Moser on 2017-06-12

Approved revision:

dbbfd47f6af7a2cc3da93bb2b281467cec316f77

Merged at revision:

95fd5a2b5426f3420e05ac190eb9f286df630484

Proposed branch:

Merge into:

Diff against target:

2 files modified

cloudinit/netinfo.py (+4/-3)
cloudinit/util.py (+6/-1)

Medium

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Scott Moser		2017-06-09	Approve on 2017-06-09
Server Team CI bot	continuous-integration		Approve on 2017-06-09
Review via email: mp+325404@code.launchpad.net

Fix a few selinux issues found running cloud-init under Redhat

- netinfo package uses netstat which returns 1 when run under selinux
- allow restorecon to be non-fatal, work around python-libselinux issue

Server Team CI bot (server-team-bot) wrote on 2017-06-09:

review: Approve (continuous-integration)

Scott Moser (smoser) wrote on 2017-06-09:

Looks good. Please make the small changes I suggested.
Then I think it's fine. And you can push.

Curious, would using 'ip' help/avoid this?

review: Approve

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

People subscribed via source and target branches

to all changes:

1	diff --git a/cloudinit/netinfo.py b/cloudinit/netinfo.py
2	index ed374a3..39c79de 100644
3	--- a/cloudinit/netinfo.py
4	+++ b/cloudinit/netinfo.py
5	@@ -20,7 +20,7 @@ LOG = logging.getLogger()
6
7	def netdev_info(empty=""):
8	fields = ("hwaddr", "addr", "bcast", "mask")
9	- (ifcfg_out, _err) = util.subp(["ifconfig", "-a"])
10	+ (ifcfg_out, _err) = util.subp(["ifconfig", "-a"], rcs=[0, 1])
11	devs = {}
12	for line in str(ifcfg_out).splitlines():
13	if len(line) == 0:
14	@@ -85,7 +85,7 @@ def netdev_info(empty=""):
15
16
17	def route_info():
18	- (route_out, _err) = util.subp(["netstat", "-rn"])
19	+ (route_out, _err) = util.subp(["netstat", "-rn"], rcs=[0, 1])
20
21	routes = {}
22	routes['ipv4'] = []
23	@@ -125,7 +125,8 @@ def route_info():
24	routes['ipv4'].append(entry)
25
26	try:
27	- (route_out6, _err6) = util.subp(["netstat", "-A", "inet6", "-n"])
28	+ (route_out6, _err6) = util.subp(["netstat", "-A", "inet6", "-n"],
29	+ rcs=[0, 1])
30	except util.ProcessExecutionError:
31	pass
32	else:
33	diff --git a/cloudinit/util.py b/cloudinit/util.py
34	index b8c3e4e..0f17a6e 100644
35	--- a/cloudinit/util.py
36	+++ b/cloudinit/util.py
37	@@ -330,7 +330,12 @@ class SeLinuxGuard(object):
38
39	LOG.debug("Restoring selinux mode for %s (recursive=%s)",
40	path, self.recursive)
41	- self.selinux.restorecon(path, recursive=self.recursive)
42	+ try:
43	+ self.selinux.restorecon(path, recursive=self.recursive)
44	+ except OSError:
45	+ LOG.warning('restorecon failed on %s,%s maybe badness?',
46	+ path, self.recursive)
47	+ pass
48
49
50	class MountFailedError(Exception):