On Thu, Apr 24, 2008 at 03:04:56PM +0100, John Levon wrote: > On Thu, Apr 24, 2008 at 09:54:19AM -0400, Daniel Veillard wrote: > > > in general the idea of removing all those geteid() == 0 and replacing > > them like xenHavePrivilege() is a good one. The patch includes stuff which > > is not strictly related like the virsh console cleanup which should be > > separated. > > Sure, at merge time everything will be split up appropriately. BTW, it > is related very much: only xenconsole has privilege to connect to Xen > consoles. In that case we should definitel split the 'virsh console' impl out into a separate binary, so we can use the non-Xen specific codebase and stil maintain your privilege separation. > > Also it seems you use some socket auth extensions to detect the > > uid of the other process, we do that already in qemud/qemud.c see > > function qemudGetSocketIdentity() , maybe we should abstract that in the > > util.c module and provide the _sun version there. > > It's not about UID but privilege. The Identity stuff is only used under > HAVE_POLKIT, so I'm not sure there's much commonality that can be > abstracted. Can you describe further what you would expect it to look > like? Although we don't use the qemudGetSocketIdentity() anyway other than under the POLKIT code, this may change in the future, so it'd just be convenient to have a Solaris impl there. We can change the #if HAVE_POLKIT to be #ifdef HAVE_POLKIT || __sun, so the method is available to the privilege checking code too. Dan -- |: Red Hat, Engineering, Boston -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list