Update KillFilter to stop at '\0' for readlink() function.

Python's readlink() implementation doesn't stop at '\0' when reading
file path. Thus after dnsmasq upgrade, it may return something like
'/usr/sbin/dnsmasq\03453 (deleted)', while C's or Shell's readlink()
return '/usr/sbin/dnsmasq'. This patch fixes this problem by cutting
the readlink() results with '\0', so that KillFilter could get correct
path.

Bug 1179793

Change-Id: I7354941e0508e019c8c9b63b87ad39f52ccb51ca

openstack/common/rootwrap/filters.py

@@ -194,6 +194,10 @@ def match(self, userargs):
                 return False
         try:
             command = os.readlink("/proc/%d/exe" % int(args[1]))
+            # NOTE(yufang521247): /proc/PID/exe may have '\0' on the
+            # end, because python doen't stop at '\0' when read the
+            # target path.
+            command = command.split('\0')[0]
             # NOTE(dprince): /proc/PID/exe may have ' (deleted)' on
             # the end if an executable is updated or deleted
             if command.endswith(" (deleted)"):

tests/unit/test_rootwrap.py

@@ -134,6 +134,18 @@ def fake_readlink(blah):
         self.stubs.Set(os, 'readlink', fake_readlink)
         self.assertTrue(f.match(usercmd))
 
+    def test_KillFilter_upgraded_exe(self):
+        """Makes sure upgraded exe's are killed correctly"""
+        # See bug #1179793.
+        def fake_readlink(blah):
+            return '/bin/commandddddd\0\05190bfb2 (deleted)'
+
+        f = filters.KillFilter("root", "/bin/commandddddd")
+        usercmd = ['kill', 1234]
+
+        self.stubs.Set(os, 'readlink', fake_readlink)
+        self.assertTrue(f.match(usercmd))
+
     def test_ReadFileFilter(self):
         goodfn = '/good/file.name'
         f = filters.ReadFileFilter(goodfn)