Change in vdsm[master]: Move validate_libvirt_certs to vdsm-tool

Thu, 26 Jul 2012 13:57:07 -0700 

Dan Kenigsberg has posted comments on this change.

Change subject: Move validate_libvirt_certs to vdsm-tool
......................................................................


Patch Set 3: I would prefer that you didn't submit this

(7 inline comments)

....................................................
File vdsm/constants.py.in
Line 117: EXT_OPENSSL = '@OPENSSL_PATH@'
since EXT_OPENSSL is unused outside your new function, please define it only 
there.

....................................................
File vdsm-tool/validate_libvirt_certs.py
Line 26: sys.path.append("%s" % constants.P_VDSM)
playing with sys.path within a module is a pretty bad practice. why is it 
needed here?

Line 40: @expose('validate-libvirt-certs')
there is nothing libvirt-related in this this function or this module. please 
find another name, that actually explains what it does.

Line 48:     uid = pwd.getpwnam('vdsm')[2]
something like

 pwd.getpwnam('vdsm')[2:4]

can give you both values with one function call.

Line 50:     out = utils.execCmd([EX_OPENSSL, 'verify', '-CAfile', PATH_CACERT,
this code is used again  later - it begs to be put in a helper function 
isOurCAFile()

Line 60:                 utils.execCmd([EX_UNPERSIST, PATH_CERT + f, '1'])
using ovirtnode.ovirtfunctions.ovirt_safe_delete_config would be prettier than 
calling an external command.

Line 64:                 os.chmod(PATH_CACERT, 0600)
for security, we must set umask to 0600 before copying (and then, this chmod is 
probably redundant)

--
To view, visit http://gerrit.ovirt.org/5961
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I5b6504ae2e3c8ffa0c33d7ba22a7c16597a51945
Gerrit-PatchSet: 3
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Wenyi Gao <[email protected]>
Gerrit-Reviewer: Adam Litke <[email protected]>
Gerrit-Reviewer: Dan Kenigsberg <[email protected]>
Gerrit-Reviewer: Federico Simoncelli <[email protected]>
Gerrit-Reviewer: Wenyi Gao <[email protected]>
_______________________________________________
vdsm-patches mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches

Reply via email to