1 """vsys configurator. Maintains ACLs and script pipes inside vservers based on slice attributes."""
8 VSYSCONF="/etc/vsys.conf"
12 logger.log("vsys: plugin starting up...")
14 def GetSlivers(data, config=None, plc=None):
15 """For each sliver with the vsys attribute, set the script ACL, create the vsys directory in the slice, and restart vsys."""
17 if 'slivers' not in data:
18 logger.log_missing_data("vsys.GetSlivers",'slivers')
21 # Touch ACLs and create dict of available
23 for script in touchAcls(): scripts[script] = []
24 # slices that need to be written to the conf
27 # Parse attributes and update dict of scripts
28 if 'slivers' not in data:
29 logger.log_missing_data("vsys.GetSlivers",'slivers')
31 for sliver in data['slivers']:
32 for attribute in sliver['attributes']:
33 if attribute['tagname'] == 'vsys':
34 if sliver['name'] not in slices:
36 slices.append(sliver['name'])
37 _restart = createVsysDir(sliver['name']) or _restart
38 if attribute['value'] in scripts.keys():
39 scripts[attribute['value']].append(sliver['name'])
42 _restart = writeConf(slices, parseConf()) or _restart
44 if writeAcls(scripts, parseAcls()) or _restart:
47 # check for systemctl, use it if present
48 def restartService ():
49 if tools.has_systemctl():
50 logger.log("vsys: restarting vsys service through systemctl")
51 logger.log_call(["systemctl", "restart", "vsys"])
53 logger.log("vsys: restarting vsys service through /etc/init.d/vsys")
54 logger.log_call(["/etc/init.d/vsys", "restart", ])
56 def createVsysDir(sliver):
57 '''Create /vsys directory in slice. Update vsys conf file.'''
59 os.mkdir("/vservers/%s/vsys" % sliver)
66 '''Creates empty acl files for scripts.
67 To be ran in case of new scripts that appear in the backend.
68 Returns list of available scripts.'''
71 for (root, dirs, files) in os.walk(VSYSBKEND):
73 # ingore scripts that start with local_
74 if file.startswith("local_"): continue
75 if file.endswith(".acl"):
76 acls.append(file.replace(".acl", ""))
79 for new in (set(scripts) - set(acls)):
80 logger.log("vsys: Found new script %s. Writing empty acl." % new)
81 f = open("%s/%s.acl" %(VSYSBKEND, new), "w")
88 def writeAcls(currentscripts, oldscripts):
89 '''Creates .acl files for script in the script repo.'''
90 # Check each oldscript entry to see if we need to modify
92 # for iteritems along dict(oldscripts), if length of values
93 # not the same as length of values of new scripts,
94 # and length of non intersection along new scripts is not 0,
95 # then dicts are different.
96 for (acl, oldslivers) in oldscripts.iteritems():
98 if (len(oldslivers) != len(currentscripts[acl])) or \
99 (len(set(oldslivers) - set(currentscripts[acl])) != 0):
101 logger.log("vsys: Updating %s.acl w/ slices %s" % (acl, currentscripts[acl]))
102 f = open("%s/%s.acl" % (VSYSBKEND, acl), "w")
103 for slice in currentscripts[acl]: f.write("%s\n" % slice)
106 logger.log("vsys: #:)# Warning,Not a valid Vsys script,%s"%acl)
112 '''Parse the frontend script acls. Return {script: [slices]} in conf.'''
113 # make a dict of what slices are in what acls.
115 for (root, dirs, files) in os.walk(VSYSBKEND):
117 if file.endswith(".acl") and not file.startswith("local_"):
118 f = open(root+"/"+file,"r+")
119 scriptname = file.replace(".acl", "")
120 scriptacls[scriptname] = []
121 for slice in f.readlines():
122 scriptacls[scriptname].append(slice.rstrip())
124 # return what scripts are configured for which slices.
128 def writeConf(slivers, oldslivers):
129 # Check if this is needed
130 # The assumption here is if lengths are the same,
131 # and the non intersection of both arrays has length 0,
132 # then the arrays are identical.
133 if (len(slivers) != len(oldslivers)) or \
134 (len(set(oldslivers) - set(slivers)) != 0):
135 logger.log("vsys: Updating %s" % VSYSCONF)
136 f = open(VSYSCONF,"w")
137 for sliver in slivers:
138 f.write("/vservers/%(name)s/vsys %(name)s\n" % {"name": sliver})
147 '''Parse the vsys conf and return list of slices in conf.'''
152 for line in f.readlines():
153 (path, slice) = line.split()
154 slicesinconf.append(slice)
156 except: logger.log_exc("vsys: failed parseConf")
160 # before shutting down slivers, it is safe to first remove them from vsys's scope
161 # so that we are sure that no dangling open file remains
162 # this will also restart vsys if needed
163 def removeSliverFromVsys (sliver):
164 current_slivers=parseConf()
165 new_slivers= [ s for s in current_slivers if s != sliver ]
166 if writeConf (current_slivers, new_slivers):
168 trashVsysHandleInSliver (sliver)
170 logger.log("vsys.removeSliverFromConf: no need to remove %s"%sliver)
173 def trashVsysHandleInSliver (sliver):
174 slice_vsys_area = "/vservers/%s/vsys"%sliver
175 if not os.path.exists(slice_vsys_area):
176 logger.log("vsys.trashVsysHandleInSliver: no action needed, %s not found"%slice_vsys_area)
178 ret=subprocess.call([ 'rm', '-rf' , slice_vsys_area])
179 logger.log ("vsys.trashVsysHandleInSliver: Removed %s (retcod=%s)"%(slice_vsys_area,retcod))