diff options
| author | Scott Moser <smoser@brickies.net> | 2017-06-29 13:32:15 -0400 |
|---|---|---|
| committer | Scott Moser <smoser@brickies.net> | 2017-06-29 17:33:33 -0400 |
| commit | 4d9f24f5c385cb7fa21d87a097ccd9a297613a75 (patch) | |
| tree | bd40b67fddf420cac5631e18dc7b85420b73f225 | |
| parent | 17bad421b79c3e18978f942321e9865379b09321 (diff) | |
| download | vyos-cloud-init-4d9f24f5c385cb7fa21d87a097ccd9a297613a75.tar.gz vyos-cloud-init-4d9f24f5c385cb7fa21d87a097ccd9a297613a75.zip | |
read_dmi_data: always return None when inside a container.
This fixes stacktrace and warning message that would be printed
to the log if running inside a container and read_dmi_data tried
to access a key that was not present.
In a container, the /sys/class/dmi/id data is not relevant to the
but to the host. Additionally an unpriviledged container might see
strange behavior:
# cd /sys/class/dmi/id/
# id -u
0
# ls -l chassis_serial
-r-------- 1 nobody nogroup 4096 Jun 29 16:49 chassis_serial
# cat chassis_serial
cat: /sys/class/dmi/id/chassis_serial: Permission denied
The solution here is to just always return None when running in a
container.
LP: #1701325
| -rw-r--r-- | cloudinit/util.py | 7 | ||||
| -rw-r--r-- | tests/unittests/test_util.py | 23 |
2 files changed, 30 insertions, 0 deletions
diff --git a/cloudinit/util.py b/cloudinit/util.py index c93b6d7e..b486e182 100644 --- a/cloudinit/util.py +++ b/cloudinit/util.py @@ -2397,6 +2397,10 @@ def read_dmi_data(key): """ Wrapper for reading DMI data. + If running in a container return None. This is because DMI data is + assumed to be not useful in a container as it does not represent the + container but rather the host. + This will do the following (returning the first that produces a result): 1) Use a mapping to translate `key` from dmidecode naming to @@ -2407,6 +2411,9 @@ def read_dmi_data(key): If all of the above fail to find a value, None will be returned. """ + if is_container(): + return None + syspath_value = _read_dmi_syspath(key) if syspath_value is not None: return syspath_value diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py index a73fd26a..65035be2 100644 --- a/tests/unittests/test_util.py +++ b/tests/unittests/test_util.py @@ -365,6 +365,9 @@ class TestReadDMIData(helpers.FilesystemMockingTestCase): self.addCleanup(shutil.rmtree, self.new_root) self.patchOS(self.new_root) self.patchUtils(self.new_root) + p = mock.patch("cloudinit.util.is_container", return_value=False) + self.addCleanup(p.stop) + self._m_is_container = p.start() def _create_sysfs_parent_directory(self): util.ensure_dir(os.path.join('sys', 'class', 'dmi', 'id')) @@ -453,6 +456,26 @@ class TestReadDMIData(helpers.FilesystemMockingTestCase): self._create_sysfs_file(sysfs_key, dmi_value) self.assertEqual(expected, util.read_dmi_data(dmi_key)) + def test_container_returns_none(self): + """In a container read_dmi_data should always return None.""" + + # first verify we get the value if not in container + self._m_is_container.return_value = False + key, val = ("system-product-name", "my_product") + self._create_sysfs_file('product_name', val) + self.assertEqual(val, util.read_dmi_data(key)) + + # then verify in container returns None + self._m_is_container.return_value = True + self.assertIsNone(util.read_dmi_data(key)) + + def test_container_returns_none_on_unknown(self): + """In a container even bogus keys return None.""" + self._m_is_container.return_value = True + self._create_sysfs_file('product_name', "should-be-ignored") + self.assertIsNone(util.read_dmi_data("bogus")) + self.assertIsNone(util.read_dmi_data("system-product-name")) + class TestMultiLog(helpers.FilesystemMockingTestCase): |