remove /sbin/ from commands

80bde00a · Bach Dániel · 8ed2bc6f · 80bde00a · 80bde00a · 80bde00a
Commit 80bde00a authored Mar 27, 2014 by Bach Dániel
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 13 deletions

docs/install.rst
+2 -1

fw.py
+10 -6

ovs.py
+6 -6

No files found.
--- a/docs/install.rst
+++ b/docs/install.rst
@@ -33,7 +33,8 @@ Configure ISC-DHCP server::
 Configure sudo::
  $ sudo tee /etc/sudoers.d/firewall <<END
-  fw ALL= (ALL) NOPASSWD: /sbin/ip netns exec fw /sbin/ip addr *, /sbin/ip netns exec fw /sbin/ip ro *, /sbin/ip netns exec fw /sbin/ip link *, /sbin/ip netns exec fw /usr/sbin/ipset *, /usr/bin/ovs-vsctl, /sbin/ip netns exec fw /sbin/iptables-restore -c, /sbin/ip netns exec fw /sbin/ip6tables-restore -c, /etc/init.d/isc-dhcp-server restart, /sbin/ip link *
+  fw ALL= (ALL) NOPASSWD: /sbin/ip netns exec fw ip addr *, /sbin/ip netns exec fw ip ro *, /sbin/ip netns exec fw ip link *, /sbin/ip netns exec fw ipset *, /usr/bin/ovs-vsctl, /sbin/ip netns exec fw iptables-restore -c, /sbin/ip netns exec fw ip6tables-restore -c, /etc/init.d/isc-dhcp-server restart, /sbin/ip link *
  END
  $ sudo chmod 440 /etc/sudoers.d/firewall

--- a/fw.py
+++ b/fw.py
@@ -37,9 +37,9 @@ def reload_firewall(data4, data6, save_config=True):
    if isinstance(data6, dict):
        data6 = ('\n'.join(data6['filter']) + '\n')
-    ns_exec(NETNS, ('/sbin/ip6tables-restore', '-c'), data6)
+    ns_exec(NETNS, ('ip6tables-restore', '-c'), data6)
-    ns_exec(NETNS, ('/sbin/iptables-restore', '-c'), data4)
+    ns_exec(NETNS, ('iptables-restore', '-c'), data4)
    if save_config:
        with open(FIREWALL_CONF, 'w') as f:
@@ -54,6 +54,10 @@ def reload_firewall_vlan(data, save_config=True):
    for k, v in ADDRESSES.items():
        data[k]['addresses'] += v
+    uplink = getenv('UPLINK', None)
+    if uplink:
+        data[uplink] = {'interfaces': uplink}
    br = Switch('firewall')
    br.migrate(data)
@@ -62,7 +66,7 @@ def reload_firewall_vlan(data, save_config=True):
            json.dump(data, f)
    try:
-        ns_exec(NETNS, ('/sbin/ip', 'ro', 'add', 'default', 'via',
+        ns_exec(NETNS, ('ip', 'ro', 'add', 'default', 'via',
                        getenv('GATEWAY', '152.66.243.254')))
    except:
        pass
@@ -84,7 +88,7 @@ def ipset_save(data):
    data_new = [x['ipv4'] for x in data]
    data_old = []
-    lines = ns_exec(NETNS, ('/usr/sbin/ipset', 'save', 'blacklist'))
+    lines = ns_exec(NETNS, ('ipset', 'save', 'blacklist'))
    for line in lines.splitlines():
        x = r.match(line.rstrip())
        if x:
@@ -103,7 +107,7 @@ def ipset_restore(l_add, l_del):
    ipset += ['add blacklist %s' % x for x in l_add]
    ipset += ['del blacklist %s' % x for x in l_del]
-    ns_exec(NETNS, ('/usr/sbin/ipset', 'restore', '-exist'),
+    ns_exec(NETNS, ('ipset', 'restore', '-exist'),
            '\n'.join(ipset) + '\n')
@@ -139,7 +143,7 @@ def get_dhcp_clients():
 def start_firewall():
    try:
-        ns_exec(NETNS, ('/usr/sbin/ipset', 'create', 'blacklist',
+        ns_exec(NETNS, ('ipset', 'create', 'blacklist',
                        'hash:ip', 'family', 'inet', 'hashsize',
                        '4096', 'maxelem', '65536'))
    except:

--- a/ovs.py
+++ b/ovs.py
@@ -54,7 +54,7 @@ class Interface(object):
            return self.name
    def _run(self, *args):
-        args = ('/sbin/ip', 'addr', ) + args
+        args = ('ip', 'addr', ) + args
        return ns_exec(NETNS, args)
    def show(self):
@@ -79,8 +79,8 @@ class Interface(object):
    def up(self):
        if self.is_veth:
-            ns_exec(NETNS, ('/sbin/ip', 'link', 'set', 'up', self.name))
+            ns_exec(NETNS, ('ip', 'link', 'set', 'up', self.name))
-        sudo(('/sbin/ip', 'link', 'set', 'up', self.external_name))
+        sudo(('ip', 'link', 'set', 'up', self.external_name))
    def migrate(self):
        old_addresses = [str(x) for x in self.show()]
@@ -111,7 +111,7 @@ class Switch(object):
        return sudo(args)
    def _setns(self, dev):
-        args = ('/sbin/ip', 'link', 'set', dev, 'netns', NETNS)
+        args = ('ip', 'link', 'set', dev, 'netns', NETNS)
        return sudo(args)
    def list_ports(self):
@@ -152,7 +152,7 @@ class Switch(object):
        # move interface into namespace
        try:
            if interface.is_veth:
-                sudo(('/sbin/ip', 'link', 'add', interface.external_name,
+                sudo(('ip', 'link', 'add', interface.external_name,
                      'type', 'veth', 'peer', 'name', interface.name))
                self._setns(interface.name)
        except:
@@ -162,7 +162,7 @@ class Switch(object):
        self._run('del-port', self.brname, interface.external_name)
        if interface.is_veth:
            try:
-                sudo(('/sbin/ip', 'link', 'del', interface.external_name))
+                sudo(('ip', 'link', 'del', interface.external_name))
            except CalledProcessError:
                pass