As part of an goal to eliminate Perl from libvirt build tools,
rewrite the genpolkit.pl tool in Python.
This was a straight conversion, manually going line-by-line to
change the syntax from Perl to Python. Thus the overall structure
of the file and approach is the same.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
Makefile.am | 1 +
scripts/genpolkit.py | 122 +++++++++++++++++++++++++++++++++++++
src/access/Makefile.inc.am | 6 +-
src/access/genpolkit.pl | 119 ------------------------------------
4 files changed, 126 insertions(+), 122 deletions(-)
create mode 100755 scripts/genpolkit.py
delete mode 100755 src/access/genpolkit.pl
diff --git a/Makefile.am b/Makefile.am
index f28b07d814..e7ebe7281a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -54,6 +54,7 @@ EXTRA_DIST = \
scripts/check-symfile.py \
scripts/check-symsorting.py \
scripts/dtrace2systemtap.py \
+ scripts/genpolkit.py \
scripts/gensystemtap.py \
scripts/header-ifdef.py \
scripts/minimize-po.py \
diff --git a/scripts/genpolkit.py b/scripts/genpolkit.py
new file mode 100755
index 0000000000..0cdba2bd3c
--- /dev/null
+++ b/scripts/genpolkit.py
@@ -0,0 +1,122 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2012-2019 Red Hat, Inc.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library. If not, see
+# <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import print_function
+
+import re
+import sys
+
+objects = [
+ "CONNECT", "DOMAIN", "INTERFACE", "NETWORK_PORT",
+ "NETWORK", "NODE_DEVICE", "NWFILTER_BINDING",
+ "NWFILTER", "SECRET", "STORAGE_POOL", "STORAGE_VOL",
+]
+
+objectstr = "|".join(objects)
+
+# Data we're going to be generating looks like this
+#
+# <policyconfig>
+# <action id="org.libvirt.unix.monitor">
+# <description>Monitor local virtualized systems</description>
+# <message>System policy prevents monitoring of
+# local virtualized systems</message>
+# <defaults>
+# <allow_any>yes</allow_any>
+# <allow_inactive>yes</allow_inactive>
+# <allow_active>yes</allow_active>
+# </defaults>
+# </action>
+# ...more <action> rules...
+# </policyconfig>
+
+opts = {}
+in_opts = False
+
+perms = {}
+
+aclfile = sys.argv[1]
+with open(aclfile, "r") as fh:
+ for line in fh:
+ if in_opts:
+ if line.find("*/") != -1:
+ in_opts = False
+ else:
+ m = re.search(r'''\*\s*\@(\w+):\s*(.*?)\s*$''', line)
+ if m is not None:
+ opts[m.group(1)] = m.group(2)
+ elif line.find("**") != -1:
+ in_opts = True
+ else:
+ m = re.search(r'''VIR_ACCESS_PERM_(%s)_((?:\w|_)+),''' %
+ objectstr, line)
+ if m is not None:
+ obj = m.group(1).lower()
+ perm = m.group(2).lower()
+ if perm == "last":
+ continue
+
+ obj = obj.replace("_", "-")
+ perm = perm.replace("_", "-")
+
+ if obj not in perms:
+ perms[obj] = {}
+ perms[obj][perm] = {
+ "desc": opts.get("desc", None),
+ "message": opts.get("message", None),
+ "anonymous": opts.get("anonymous", None),
+ }
+ opts = {}
+
+print('<?xml version="1.0" encoding="UTF-8"?>')
+print('<!DOCTYPE policyconfig PUBLIC ' +
+ '"-//freedesktop//DTD polkit Policy Configuration 1.0//EN"')
+print(' "http://www.freedesktop.org/software/polkit/policyconfig-1.dtd">')
+print('<policyconfig>')
+print(' <vendor>Libvirt Project</vendor>')
+print(' <vendor_url>https://libvirt.org</vendor_url>')
+
+for obj in sorted(perms.keys()):
+ for perm in sorted(perms[obj].keys()):
+ description = perms[obj][perm]["desc"]
+ message = perms[obj][perm]["message"]
+ anonymous = perms[obj][perm]["anonymous"]
+
+ if description is None:
+ raise Exception("missing description for %s.%s" % (obj, perm))
+ if message is None:
+ raise Exception("missing message for %s.%s" % (obj, perm))
+
+ allow_any = "no"
+ if anonymous:
+ allow_any = "yes"
+ allow_inactive = allow_any
+ allow_active = allow_any
+
+ print(' <action id="org.libvirt.api.%s.%s">' % (obj, perm))
+ print(' <description>%s</description>' % description)
+ print(' <message>%s</message>' % message)
+ print(' <defaults>')
+ print(' <allow_any>%s</allow_any>' % allow_any)
+ print(' <allow_inactive>%s</allow_inactive>' % allow_inactive)
+ print(' <allow_active>%s</allow_active>' % allow_active)
+ print(' </defaults>')
+ print(' </action>')
+
+print('</policyconfig>')
diff --git a/src/access/Makefile.inc.am b/src/access/Makefile.inc.am
index fd0a5d8098..11f87c6aa7 100644
--- a/src/access/Makefile.inc.am
+++ b/src/access/Makefile.inc.am
@@ -43,7 +43,6 @@ ACCESS_DRIVER_POLKIT_POLICY = access/org.libvirt.api.policy
GENERATED_SYM_FILES += $(ACCESS_DRIVER_SYM_FILES)
EXTRA_DIST += \
- access/genpolkit.pl \
$(NULL)
@@ -66,8 +65,9 @@ libvirt_driver_access_la_LIBADD = \
$(ACCESS_DRIVER_POLKIT_POLICY): $(srcdir)/access/viraccessperm.h \
- $(srcdir)/access/genpolkit.pl Makefile.am
- $(AM_V_GEN)$(PERL) $(srcdir)/access/genpolkit.pl < $< > $@ || rm -f $@
+ $(top_srcdir)/scripts/genpolkit.py Makefile.am
+ $(AM_V_GEN)$(RUNUTF8) $(PYTHON) \
+ $(top_srcdir)/scripts/genpolkit.py $< > $@ || rm -f $@
if WITH_POLKIT
libvirt_driver_access_la_SOURCES += $(ACCESS_DRIVER_POLKIT_SOURCES)
diff --git a/src/access/genpolkit.pl b/src/access/genpolkit.pl
deleted file mode 100755
index f8f20caf65..0000000000
--- a/src/access/genpolkit.pl
+++ /dev/null
@@ -1,119 +0,0 @@
-#!/usr/bin/env perl
-#
-# Copyright (C) 2012-2013 Red Hat, Inc.
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library. If not, see
-# <http://www.gnu.org/licenses/>.
-#
-
-use strict;
-use warnings;
-
-my @objects = (
- "CONNECT", "DOMAIN", "INTERFACE", "NETWORK_PORT",
- "NETWORK","NODE_DEVICE", "NWFILTER_BINDING", "NWFILTER",
- "SECRET", "STORAGE_POOL", "STORAGE_VOL",
- );
-
-my $objects = join ("|", @objects);
-
-# Data we're going to be generating looks like this
-#
-# <policyconfig>
-# <action id="org.libvirt.unix.monitor">
-# <description>Monitor local virtualized systems</description>
-# <message>System policy prevents monitoring of local virtualized systems</message>
-# <defaults>
-# <allow_any>yes</allow_any>
-# <allow_inactive>yes</allow_inactive>
-# <allow_active>yes</allow_active>
-# </defaults>
-# </action>
-# ...more <action> rules...
-# </policyconfig>
-
-my %opts;
-my $in_opts = 0;
-
-my %perms;
-
-while (<>) {
- if ($in_opts) {
- if (m,\*/,) {
- $in_opts = 0;
- } elsif (/\*\s*\@(\w+):\s*(.*?)\s*$/) {
- $opts{$1} = $2;
- }
- } elsif (m,/\*\*,) {
- $in_opts = 1;
- } elsif (/VIR_ACCESS_PERM_($objects)_((?:\w|_)+),/) {
- my $object = lc $1;
- my $perm = lc $2;
- next if $perm eq "last";
-
- $object =~ s/_/-/g;
- $perm =~ s/_/-/g;
-
- $perms{$object} = {} unless exists $perms{$object};
- $perms{$object}->{$perm} = {
- desc => $opts{desc},
- message => $opts{message},
- anonymous => $opts{anonymous}
- };
- %opts = ();
- }
-}
-
-print <<EOF;
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD polkit Policy Configuration 1.0//EN"
- "http://www.freedesktop.org/software/polkit/policyconfig-1.dtd">
-<policyconfig>
- <vendor>Libvirt Project</vendor>
- <vendor_url>https://libvirt.org</vendor_url>
-EOF
-
-foreach my $object (sort { $a cmp $b } keys %perms) {
- foreach my $perm (sort { $a cmp $b } keys %{$perms{$object}}) {
- my $description = $perms{$object}->{$perm}->{desc};
- my $message = $perms{$object}->{$perm}->{message};
- my $anonymous = $perms{$object}->{$perm}->{anonymous};
-
- die "missing description for $object.$perm" unless
- defined $description;
- die "missing message for $object.$perm" unless
- defined $message;
-
- my $allow_any = $anonymous ? "yes" : "no";
- my $allow_inactive = $allow_any;
- my $allow_active = $allow_any;
-
- print <<EOF;
- <action id="org.libvirt.api.$object.$perm">
- <description>$description</description>
- <message>$message</message>
- <defaults>
- <allow_any>$allow_any</allow_any>
- <allow_inactive>$allow_inactive</allow_inactive>
- <allow_active>$allow_active</allow_active>
- </defaults>
- </action>
-EOF
-
- }
-}
-
-print <<EOF;
-</policyconfig>
-EOF
--
2.21.0
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list