We currently have logic in the remote driver so that it handles the local
QEMU driver URIs, so they get re-directed to the daemon. It also handles
networking APIs for Xen driver. For normal APIs, Xen has the auto-spawned
setuid proxy daemon. This was very useful at the time we wrote it, but it
only supports a handful of operations, and only in read-only mode. One other
factor is that SUSE, for example, do not ship it because it is setuid. I
don't know whether this is just a general policy, or just because they've
not had time to audit it, but that's not very good for their users.
With the development of the remote driver & the flexible UNIX socket perms
& group ownership, or with policykit support it is possible to replace the
proxy with calls straight to the remote daemon. So this patch is the first
step by allowing the remote driver to handle any hypervisor connection URI.
If it doesn't have a hostname or transport specified, then it automatically
tries to connect to the local libvirt daemon over UNIX sockets.
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
diff -r bc9c1ba80870 src/remote_internal.c
--- a/src/remote_internal.c Tue Sep 18 14:13:29 2007 -0400
+++ b/src/remote_internal.c Tue Sep 18 14:23:22 2007 -0400
@@ -232,9 +232,8 @@ remoteForkDaemon(virConnectPtr conn)
/* Must not overlap with virDrvOpenFlags */
enum virDrvOpenRemoteFlags {
VIR_DRV_OPEN_REMOTE_RO = (1 << 0),
- VIR_DRV_OPEN_REMOTE_UNIX = (1 << 1),
- VIR_DRV_OPEN_REMOTE_USER = (1 << 2),
- VIR_DRV_OPEN_REMOTE_AUTOSTART = (1 << 3),
+ VIR_DRV_OPEN_REMOTE_USER = (1 << 1),
+ VIR_DRV_OPEN_REMOTE_AUTOSTART = (1 << 2),
};
static int
@@ -279,10 +278,7 @@ doRemoteOpen (virConnectPtr conn, struct
}
if (!uri->server && !transport_str) {
- if (flags & VIR_DRV_OPEN_REMOTE_UNIX)
- transport = trans_unix;
- else
- return VIR_DRV_OPEN_DECLINED; /* Decline - not a remote URL. */
+ transport = trans_unix;
}
/* Local variables which we will initialise. These can
@@ -682,16 +678,9 @@ remoteOpen (virConnectPtr conn, const ch
if (flags & VIR_DRV_OPEN_RO)
rflags |= VIR_DRV_OPEN_REMOTE_RO;
- if (uri_str) {
- if (!strcmp(uri_str, "qemu:///system")) {
- rflags |= VIR_DRV_OPEN_REMOTE_UNIX;
- } else if (!strcmp(uri_str, "qemu:///session")) {
- rflags |= VIR_DRV_OPEN_REMOTE_UNIX;
- if (getuid() > 0) {
- rflags |= VIR_DRV_OPEN_REMOTE_USER;
- rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART;
- }
- }
+ if (uri_str && STREQ(uri_str, "qemu:///session") && getuid() > 0) {
+ rflags |= VIR_DRV_OPEN_REMOTE_USER;
+ rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART;
}
memset(priv, 0, sizeof(struct private_data));
@@ -2351,7 +2340,6 @@ remoteNetworkOpen (virConnectPtr conn,
}
if (flags & VIR_DRV_OPEN_RO)
rflags |= VIR_DRV_OPEN_REMOTE_RO;
- rflags |= VIR_DRV_OPEN_REMOTE_UNIX;
memset(priv, 0, sizeof(struct private_data));
priv->magic = DEAD;
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list