#!/usr/bin/python2.7
# Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import os
from subprocess import CalledProcessError, check_call
import sys
import smf_include
from neutron.agent.solaris import packetfilter
def start():
# verify paths are valid
for f in sys.argv[2:4]:
if not os.path.exists(f) or not os.access(f, os.R_OK):
print '%s does not exist or is not readable' % f
return smf_include.SMF_EXIT_ERR_CONFIG
# Cleanup any security groups related PF rules
pf = packetfilter.PacketFilter('_auto/neutron:ovs:agent')
pf.remove_anchor_recursively()
cmd = "/usr/bin/pfexec /usr/lib/neutron/neutron-openvswitch-agent " \
"--config-file %s --config-file %s" % tuple(sys.argv[2:4])
smf_include.smf_subprocess(cmd)
def stop():
try:
# first kill the SMF contract
check_call(["/usr/bin/pkill", "-c", sys.argv[2]])
except CalledProcessError as err:
print "failed to kill the SMF contract: %s" % err
return smf_include.SMF_EXIT_ERR_FATAL
# We need to remove the PF rules added under _auto/neutron:ovs:agent
# anchor.
pf = packetfilter.PacketFilter('_auto/neutron:ovs:agent')
pf.remove_anchor_recursively()
return smf_include.SMF_EXIT_OK
if __name__ == "__main__":
os.putenv("LC_ALL", "C")
smf_include.smf_main()