]> review.fuel-infra Code Review - openstack-build/neutron-build.git/commitdiff
Code Review / openstack-build / neutron-build.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: a5c1c89)
Call iptables without absolute path.
authorAkihiro MOTOKI <motoki@da.jp.nec.com>
Wed, 24 Oct 2012 13:14:06 +0000 (22:14 +0900)
committerAkihiro MOTOKI <motoki@da.jp.nec.com>
Wed, 24 Oct 2012 14:27:20 +0000 (23:27 +0900)
Fixes bug 1069966

rootwrap expects the command name is not absolute. We need to call
the command without path to make rootwrap work well.

Change-Id: I6120103908d10ca257d177a320294de06a89c646

quantum/agent/linux/iptables_manager.py patch | blob | history
quantum/tests/unit/test_iptables_manager.py patch | blob | history

diff --git a/quantum/agent/linux/iptables_manager.py b/quantum/agent/linux/iptables_manager.py
index dd2e2fe515eb83c70c48a720d560cd700e4f6007..83b4d8af2d63949f9c744050619a92989fe103f4 100755 (executable)
--- a/quantum/agent/linux/iptables_manager.py
+++ b/quantum/agent/linux/iptables_manager.py
@@ -269,7 +269,7 @@ class IptablesManager(object):
         rules. This happens atomically, thanks to iptables-restore.
 
         """
-        s = [('/sbin/iptables', self.ipv4)]
+        s = [('iptables', self.ipv4)]
         if self.use_ipv6:
             s += [('ip6tables', self.ipv6)]
 
diff --git a/quantum/tests/unit/test_iptables_manager.py b/quantum/tests/unit/test_iptables_manager.py
index 6f81fea09cee9b3f9c1d0997d73ddeece0ed1f31..2d3e0b166cef55946844426b15ba455967a6cf5a 100644 (file)
--- a/quantum/tests/unit/test_iptables_manager.py
+++ b/quantum/tests/unit/test_iptables_manager.py
@@ -44,7 +44,7 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
 
     def test_add_and_remove_chain(self):
         bn = iptables_manager.binary_name
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'filter'],
+        self.iptables.execute(['iptables-save', '-t', 'filter'],
                               root_helper=self.root_helper).AndReturn('')
 
         nat_dump = (':%s-OUTPUT - [0:0]\n:%s-snat - [0:0]\n:%s-PREROUTING -'
@@ -56,7 +56,7 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
                     '%s-snat -j %s-float-snat\n' % (bn, bn, bn, bn, bn, bn,
                     bn, bn, bn, bn, bn))
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=(':%s-FORWARD - [0:0]\n:%s-INPUT'
                               ' - [0:0]\n:%s-local - [0:0]\n:%s-filter - [0:'
                               '0]\n:%s-OUTPUT - [0:0]\n:quantum-filter-top -'
@@ -67,17 +67,17 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
                               '\n' % (bn, bn, bn, bn, bn, bn, bn, bn, bn)
                               ), root_helper=self.root_helper).AndReturn(None)
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'nat'],
+        self.iptables.execute(['iptables-save', '-t', 'nat'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=nat_dump,
                               root_helper=self.root_helper).AndReturn(None)
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'filter'],
+        self.iptables.execute(['iptables-save', '-t', 'filter'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=(':%s-FORWARD - [0:0]\n:%s-INPUT'
                               ' - [0:0]\n:%s-local - [0:0]\n:%s-OUTPUT - [0:'
                               '0]\n:quantum-filter-top - [0:0]\n-A FORWARD -'
@@ -88,10 +88,10 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
                               bn, bn, bn, bn)), root_helper=self.root_helper
                               ).AndReturn(None)
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'nat'],
+        self.iptables.execute(['iptables-save', '-t', 'nat'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=nat_dump,
                               root_helper=self.root_helper).AndReturn(None)
 
@@ -107,7 +107,7 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
 
     def test_add_filter_rule(self):
         bn = iptables_manager.binary_name
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'filter'],
+        self.iptables.execute(['iptables-save', '-t', 'filter'],
                               root_helper=self.root_helper).AndReturn('')
 
         nat_dump = (':%s-OUTPUT - [0:0]\n:%s-snat - [0:0]\n:%s-PREROUTING -'
@@ -119,7 +119,7 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
                     '%s-snat -j %s-float-snat\n' % (bn, bn, bn, bn, bn, bn,
                     bn, bn, bn, bn, bn))
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=(':%s-FORWARD - [0:0]\n:%s-INPUT'
                               ' - [0:0]\n:%s-local - [0:0]\n:%s-filter - [0:'
                               '0]\n:%s-OUTPUT - [0:0]\n:quantum-filter-top -'
@@ -132,17 +132,17 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
                               bn, bn, bn, bn, bn, bn, bn, bn)),
                               root_helper=self.root_helper).AndReturn(None)
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'nat'],
+        self.iptables.execute(['iptables-save', '-t', 'nat'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=nat_dump,
                               root_helper=self.root_helper).AndReturn(None)
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'filter'],
+        self.iptables.execute(['iptables-save', '-t', 'filter'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=(':%s-FORWARD - [0:0]\n:%s-INPUT -'
                               ' [0:0]\n:%s-local - [0:0]\n:%s-OUTPUT - [0:0]\n'
                               ':quantum-filter-top - [0:0]\n-A FORWARD -j quan'
@@ -153,10 +153,10 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
                               bn)), root_helper=self.root_helper
                               ).AndReturn(None)
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'nat'],
+        self.iptables.execute(['iptables-save', '-t', 'nat'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=nat_dump,
                               root_helper=self.root_helper).AndReturn(None)
 
@@ -192,17 +192,17 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
                        'ORWARD -j %s-FORWARD\n' % (bn, bn, bn, bn, bn,
                        bn, bn, bn))
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'filter'],
+        self.iptables.execute(['iptables-save', '-t', 'filter'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=filter_dump,
                               root_helper=self.root_helper).AndReturn(None)
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'nat'],
+        self.iptables.execute(['iptables-save', '-t', 'nat'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=(':%s-float-snat - [0:0]\n:%s-POS'
                               'TROUTING - [0:0]\n:%s-PREROUTING - [0:0]\n:%s-'
                               'nat - [0:0]\n:%s-OUTPUT - [0:0]\n:%s-snat - [0'
@@ -217,17 +217,17 @@ class IptablesManagerStateFulTestCase(unittest.TestCase):
                               bn, bn, bn, bn, bn, bn, bn, bn, bn, bn, bn)),
                               root_helper=self.root_helper).AndReturn(None)
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'filter'],
+        self.iptables.execute(['iptables-save', '-t', 'filter'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=filter_dump,
                               root_helper=self.root_helper).AndReturn(None)
 
-        self.iptables.execute(['/sbin/iptables-save', '-t', 'nat'],
+        self.iptables.execute(['iptables-save', '-t', 'nat'],
                               root_helper=self.root_helper).AndReturn('')
 
-        self.iptables.execute(['/sbin/iptables-restore'],
+        self.iptables.execute(['iptables-restore'],
                               process_input=(':%s-float-snat - [0:0]\n:%s-POST'
                               'ROUTING - [0:0]\n:%s-PREROUTING - [0:0]\n:%s-OU'
                               'TPUT - [0:0]\n:%s-snat - [0:0]\n:quantum-postro'