src: rewrite ACL permissions checker in Python

As part of a goal to eliminate Perl from libvirt build tools, rewrite the check-aclperms.pl tool in Python. This was a straight conversion, manually going line-by-line to change the syntax from Perl to Python. Thus the overall structure of the file and approach is the same. Tested-by: N Cole Robinson <crobinso@redhat.com> Reviewed-by: N Ján Tomko <jtomko@redhat.com> Signed-off-by: N Daniel P. Berrangé <berrange@redhat.com>

src: rewrite ACL permissions checker in Python
As part of a goal to eliminate Perl from libvirt build tools, rewrite the check-aclperms.pl tool in Python. This was a straight conversion, manually going line-by-line to change the syntax from Perl to Python. Thus the overall structure of the file and approach is the same. Tested-by: N Cole Robinson <crobinso@redhat.com> Reviewed-by: N Ján Tomko <jtomko@redhat.com> Signed-off-by: N Daniel P. Berrangé <berrange@redhat.com>
312f232b · Daniel P. Berrangé · 2d6f543b · 312f232b · 312f232b · 312f232b
隐藏空白更改
内联并排

Showing with 78 addition and 2 deletion

Makefile.am Makefile.am +1 -0

scripts/check-aclperms.py scripts/check-aclperms.py +75 -0

src/Makefile.am src/Makefile.am +2 -2

未找到文件。
--- a/Makefile.am
+++ b/Makefile.am
@@ -47,6 +47,7 @@ EXTRA_DIST = \
  AUTHORS.in \
  scripts/augeas-gentest.py \
  build-aux/check-spacing.pl \
+  scripts/check-aclperms.py \
  scripts/header-ifdef.py \
  scripts/minimize-po.py \
  scripts/mock-noinline.py \

--- a/src/check-aclperms.pl
+++ b/src/check-aclperms.pl
-#!/usr/bin/env perl
+#!/usr/bin/env python
 #
-# Copyright (C) 2013 Red Hat, Inc.
+# Copyright (C) 2013-2019 Red Hat, Inc.
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -21,53 +21,55 @@
 # a lot of auto-generation of code, so when these don't match
 # problems occur, preventing auth from succeeding at all.

-my $hdr = shift;
-my $impl = shift;
+from __future__ import print_function

-my %perms;
+import re
+import sys

-my @perms;
+if len(sys.argv) != 3:
+    print("syntax: %s HEADER IMPL" % (sys.argv[0]), file=sys.stderr)
+    sys.exit(1)

-open HDR, $hdr or die "cannot read $hdr: $!";
+hdr = sys.argv[1]
+impl = sys.argv[2]

-while (<HDR>) {
-    if (/^\s+VIR_ACCESS_PERM_([_A-Z]+)(,?|\s|$)/) {
-        my $perm = $1;
+perms = {}

-        $perms{$perm} = 1 unless ($perm =~ /_LAST$/);
-    }
-}
+with open(hdr) as fh:
+    for line in fh:
+        symmatch = re.search(r"^\s+VIR_ACCESS_PERM_([_A-Z]+)(,?|\s|$)", line)
+        if symmatch is not None:
+            perm = symmatch.group(1)

-close HDR;
+            if not perm.endswith("_LAST"):
+                perms[perm] = 1

+warned = False

-open IMPL, $impl or die "cannot read $impl: $!";
+with open(impl) as fh:
+    group = None

-my $group;
-my $warned = 0;
+    for line in fh:
+        symlastmatch = re.search(r"VIR_ACCESS_PERM_([_A-Z]+)_LAST", line)
+        if symlastmatch is not None:
+            group = symlastmatch.group(1)
+        elif re.search(r'''"[_a-z]+"''', line) is not None:
+            bits = line.split(",")
+            for bit in bits:
+                m = re.search(r'''"([_a-z]+)"''', bit)
+                if m is not None:
+                    perm = (group + "_" + m.group(1)).upper()
+                    if perm not in perms:
+                        print("Unknown perm string %s for group %s" %
+                              (m.group(1), group), file=sys.stderr)
+                        warned = True

-while (defined (my $line = <IMPL>)) {
-    if ($line =~ /VIR_ACCESS_PERM_([_A-Z]+)_LAST/) {
-        $group = $1;
-    } elsif ($line =~ /"[_a-z]+"/) {
-        my @bits = split /,/, $line;
-        foreach my $bit (@bits) {
-            if ($bit =~ /"([_a-z]+)"/) {
-                my $perm = uc($group . "_" . $1);
-                if (!exists $perms{$perm}) {
-                    print STDERR "Unknown perm string $1 for group $group\n";
-                    $warned = 1;
-                }
-                delete $perms{$perm};
-            }
-        }
-    }
-}
-close IMPL;
+                    del perms[perm]

-foreach my $perm (keys %perms) {
-    print STDERR "Perm $perm had not string form\n";
-    $warned = 1;
-}
+for perm in perms.keys():
+    print("Perm %s had not string form" % perm, file=sys.stderr)
+    warned = True

-exit $warned;
+if warned:
+    sys.exit(1)
+sys.exit(0)
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -350,11 +350,11 @@ check-aclrules:
 		$(STATEFUL_DRIVER_SOURCE_FILES)

 check-aclperms:
-	$(AM_V_GEN)$(PERL) $(srcdir)/check-aclperms.pl \
+	$(AM_V_GEN)$(RUNUTF8) $(PYTHON) $(top_srcdir)/scripts/check-aclperms.py \
 		$(srcdir)/access/viraccessperm.h \
 		$(srcdir)/access/viraccessperm.c

-EXTRA_DIST += check-driverimpls.pl check-aclrules.pl check-aclperms.pl
+EXTRA_DIST += check-driverimpls.pl check-aclrules.pl

 check-local: check-protocol check-symfile check-symsorting \
 	check-drivername check-driverimpls check-aclrules \