| 1 | #============================================================================ |
|---|
| 2 | # This library is free software; you can redistribute it and/or |
|---|
| 3 | # modify it under the terms of version 2.1 of the GNU Lesser General Public |
|---|
| 4 | # License as published by the Free Software Foundation. |
|---|
| 5 | # |
|---|
| 6 | # This library is distributed in the hope that it will be useful, |
|---|
| 7 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|---|
| 8 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
|---|
| 9 | # Lesser General Public License for more details. |
|---|
| 10 | # |
|---|
| 11 | # You should have received a copy of the GNU Lesser General Public |
|---|
| 12 | # License along with this library; if not, write to the Free Software |
|---|
| 13 | # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
|---|
| 14 | #============================================================================ |
|---|
| 15 | # Copyright (C) 2006 International Business Machines Corp. |
|---|
| 16 | # Author: Bryan D. Payne <bdpayne@us.ibm.com> |
|---|
| 17 | #============================================================================ |
|---|
| 18 | |
|---|
| 19 | """Tests the security settings for a domain and its resources. |
|---|
| 20 | """ |
|---|
| 21 | import sys |
|---|
| 22 | from xen.util import security |
|---|
| 23 | from xen.xm import create |
|---|
| 24 | from xen.xend import sxp |
|---|
| 25 | from xen.xm.opts import OptionError |
|---|
| 26 | |
|---|
| 27 | def help(): |
|---|
| 28 | return """ |
|---|
| 29 | This program checks each resource listed in the configfile |
|---|
| 30 | to see if the domain created by the configfile can access |
|---|
| 31 | the resources. The status of each resource is listed |
|---|
| 32 | individually along with the final security decision.""" |
|---|
| 33 | |
|---|
| 34 | def main (argv): |
|---|
| 35 | if len(argv) != 2: |
|---|
| 36 | raise OptionError('Invalid number of arguments') |
|---|
| 37 | |
|---|
| 38 | passed = 0 |
|---|
| 39 | (opts, config) = create.parseCommandLine(argv) |
|---|
| 40 | if create.check_domain_label(config, verbose=1): |
|---|
| 41 | if create.config_security_check(config, verbose=1): |
|---|
| 42 | passed = 1 |
|---|
| 43 | else: |
|---|
| 44 | print "Checking resources: (skipped)" |
|---|
| 45 | |
|---|
| 46 | if passed: |
|---|
| 47 | print "Dry Run: PASSED" |
|---|
| 48 | else: |
|---|
| 49 | print "Dry Run: FAILED" |
|---|
| 50 | sys.exit(-1) |
|---|
| 51 | |
|---|
| 52 | if __name__ == '__main__': |
|---|
| 53 | try: |
|---|
| 54 | main(sys.argv) |
|---|
| 55 | except Exception, e: |
|---|
| 56 | sys.stderr.write('Error: %s\n' % str(e)) |
|---|
| 57 | sys.exit(-1) |
|---|
