The term "permitted list" is a better choice for the filtering
logic applied.
Reviewed-by: NPeter Krempa <pkrempa@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

As part of a goal to eliminate Perl from libvirt build tools,
rewrite the check-file-access.pl tool in Python.

This was a straight conversion, manually going line-by-line to
change the syntax from Perl to Python. Thus the overall structure
of the file and approach is the same.
Reviewed-by: NCole Robinson <crobinso@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The check-file-access.pl script is used to match access list
generated by virtestmock against whitelisted rules stored in
file_access_whitelist.txt. So far the rules are in form:

  $path: $progname: $testname

This is not sufficient because the rule does not take into
account 'action' that caused $path to appear in the list of
accessed files. After this commit the rule can be in new form:

  $path: $action: $progname: $testname

where $action is one from ("open", "fopen", "access", "stat",
"lstat", "connect"). This way the white list can be fine tuned to
allow say access() but not connect().
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

This script will check output generated by virtestmock against a
white list. All non matching records found are printed out. So
far, the white list is rather sparse at the moment.
This test should be ran only after all other tests finished, and
should cleanup the temporary file before their execution. Because
I'm unable to reflect these requirements in Makefile.am
correctly, I've introduced new target 'check-access' under which
this test is available.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>