cloudutils: remove securityPolicyConfigUbuntu and securityPolicyConfigRedHat

weizhouapache · weizhouapache · commit 1325b3472169 · 2026-06-08T11:20:34.000+02:00
diff --git a/python/lib/cloudutils/serviceConfig.py b/python/lib/cloudutils/serviceConfig.py
@@ -519,83 +519,6 @@ def config(self):
             logging.debug(e)
             return False
 
-class securityPolicyConfigUbuntu(serviceCfgBase):
-    def __init__(self, syscfg):
-        super(securityPolicyConfigUbuntu, self).__init__(syscfg)
-        self.serviceName = "Apparmor"
-
-    def config(self):
-        return True
-
-        try:
-            cmd = bash("service apparmor status")
-            if not cmd.isSuccess() or cmd.getStdout() == "":
-                self.spRunning = False
-                return True
-
-            if not bash("apparmor_status |grep libvirt").isSuccess():
-                return True
-
-            bash("ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/")
-            bash("ln -s /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper /etc/apparmor.d/disable/")
-            bash("apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd")
-            bash("apparmor_parser -R /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper")
-
-            return True
-        except:
-            raise CloudRuntimeException("Failed to configure apparmor, please see the /var/log/cloudstack/agent/setup.log for detail, \
-                                        or you can manually disable it before starting myCloud")
-
-    def restore(self):
-        return True
-
-        try:
-            self.syscfg.svo.enableService("apparmor")
-            self.syscfg.svo.startService("apparmor")
-            return True
-        except:
-            logging.debug(formatExceptionInfo())
-            return False
-
-class securityPolicyConfigRedhat(serviceCfgBase):
-    def __init__(self, syscfg):
-        super(securityPolicyConfigRedhat, self).__init__(syscfg)
-        self.serviceName = "SElinux"
-
-    def config(self):
-        return True
-
-        selinuxEnabled = True
-
-        if not bash("selinuxenabled").isSuccess():
-            selinuxEnabled = False
-
-        if selinuxEnabled:
-            try:
-                bash("setenforce 0")
-                cfo = configFileOps("/etc/selinux/config", self)
-                cfo.replace_line("SELINUX=", "SELINUX=permissive")
-                return True
-            except:
-                raise CloudRuntimeException("Failed to configure selinux, please see the /var/log/cloudstack/agent/setup.log for detail, \
-                                            or you can manually disable it before starting myCloud")
-        else:
-            return True
-
-    def restore(self):
-        return True
-
-        try:
-            bash("setenforce 1")
-            return True
-        except:
-            logging.debug(formatExceptionInfo())
-            return False
-
-class securityPolicyConfigSUSE(securityPolicyConfigRedhat):
-    pass
-
-
 def configure_libvirt_tls(tls_enabled=False, cfo=None):
     save = False
     if not cfo:
diff --git a/python/lib/cloudutils/syscfg.py b/python/lib/cloudutils/syscfg.py
@@ -167,7 +167,6 @@ def __init__(self, glbEnv):
         self.svo = serviceOpsUbuntu()
 
         self.services = [hostConfig(self),
-                         securityPolicyConfigUbuntu(self),
                          networkConfigUbuntu(self),
                          libvirtConfigUbuntu(self),
                          firewallConfigUbuntu(self),
@@ -179,7 +178,6 @@ class sysConfigEL5(sysConfigAgentRedhatBase):
     def __init__(self, glbEnv):
         super(sysConfigEL5, self).__init__(glbEnv)
         self.services = [hostConfig(self),
-                         securityPolicyConfigRedhat(self),
                          networkConfigRedhat(self),
                          libvirtConfigRedhat(self),
                          firewallConfigAgent(self),
@@ -192,7 +190,6 @@ def __init__(self, glbEnv):
         super(sysConfigEL6, self).__init__(glbEnv)
         self.services = [hostConfig(self),
                          cgroupConfig(self),
-                         securityPolicyConfigRedhat(self),
                          networkConfigRedhat(self),
                          libvirtConfigRedhat(self),
                          firewallConfigAgent(self),
@@ -204,7 +201,6 @@ class sysConfigEL7(sysConfigAgentRedhat7Base):
     def __init__(self, glbEnv):
         super(sysConfigEL7, self).__init__(glbEnv)
         self.services = [hostConfig(self),
-                         securityPolicyConfigRedhat(self),
                          networkConfigRedhat(self),
                          libvirtConfigRedhat(self),
                          firewallConfigAgent(self),
@@ -216,7 +212,6 @@ class sysConfigEL(sysConfigAgentELBase):
     def __init__(self, glbEnv):
         super(sysConfigEL, self).__init__(glbEnv)
         self.services = [hostConfig(self),
-                         securityPolicyConfigRedhat(self),
                          networkConfigRedhat(self),
                          libvirtConfigRedhat(self),
                          firewallConfigAgent(self),
@@ -227,7 +222,6 @@ class sysConfigSUSE(sysConfigAgentSUSE):
     def __init__(self, glbEnv):
         super(sysConfigSUSE, self).__init__(glbEnv)
         self.services = [hostConfig(self),
-                         securityPolicyConfigSUSE(self),
                          networkConfigSUSE(self),
                          libvirtConfigSUSE(self),
                          firewallConfigAgent(self),
