On 06.11.2014 12:38, Erik Skultety wrote:
Patch 43b67f2e disallowed network tuning only with qemu driver, however this patch moved the check for root privileges into virNetDevBandwidthSet function, so the call should now fail in all possible cases. A mock function was created so that the test suite doesn't fail because of unsufficient privileges. --- src/util/virnetdevbandwidth.c | 8 ++++++++ tests/Makefile.am | 26 +++++++++++++++++++------- tests/virnetdevbandwidthmock.c | 28 ++++++++++++++++++++++++++++ tests/virnetdevbandwidthtest.c | 2 +- 4 files changed, 56 insertions(+), 8 deletions(-) create mode 100644 tests/virnetdevbandwidthmock.c diff --git a/src/util/virnetdevbandwidth.c b/src/util/virnetdevbandwidth.c index 5fa231a..9f2a159 100644 --- a/src/util/virnetdevbandwidth.c +++ b/src/util/virnetdevbandwidth.c @@ -21,6 +21,7 @@ */ #include <config.h> +#include <unistd.h> #include "virnetdevbandwidth.h" #include "vircommand.h" @@ -74,6 +75,13 @@ virNetDevBandwidthSet(const char *ifname, goto cleanup; } + if (geteuid() != 0) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("Network bandwidth tuning is not available" + " in session mode")); + return -1; + } +
I wonder if we should have the same check in virNetDevBandwidthClear() since it's often used in pair with Set() and in fact it's called before the Set() function.
virNetDevBandwidthClear(ifname); if (bandwidth->in && bandwidth->in->average) { diff --git a/tests/Makefile.am b/tests/Makefile.am index 7b22f90..a3e3ab3 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -167,7 +167,6 @@ test_programs = virshtest sockettest \ virstringtest \ virportallocatortest \ sysinfotest \ - virnetdevbandwidthtest \ virkmodtest \ vircapstest \ domaincapstest \ @@ -318,7 +317,9 @@ test_programs += metadatatest test_programs += secretxml2xmltest if WITH_LINUX -test_programs += virusbtest +test_programs += virusbtest \ + virnetdevbandwidthtest \ + $(NULL) endif WITH_LINUX test_scripts = \ @@ -409,7 +410,9 @@ test_libraries += \ endif WITH_DBUS if WITH_LINUX -test_libraries += virusbmock.la +test_libraries += virusbmock.la \ + virnetdevbandwidthmock.la \ + $(NULL) endif WITH_LINUX if WITH_TESTS @@ -825,9 +828,6 @@ commandhelper_LDADD = \ commandhelper_LDFLAGS = -static -virnetdevbandwidthtest_SOURCES = \ - virnetdevbandwidthtest.c testutils.h testutils.c -virnetdevbandwidthtest_LDADD = $(LDADDS) $(LIBXML_LIBS) virkmodtest_SOURCES = \ virkmodtest.c testutils.h testutils.c @@ -994,12 +994,24 @@ virusbtest_SOURCES = \ virusbtest.c testutils.h testutils.c virusbtest_LDADD = $(LDADDS) +virnetdevbandwidthtest_SOURCES = \ + virnetdevbandwidthtest.c testutils.h testutils.c +virnetdevbandwidthtest_LDADD = $(LDADDS) $(LIBXML_LIBS) + virusbmock_la_SOURCES = virusbmock.c virusbmock_la_CFLAGS = $(AM_CFLAGS) virusbmock_la_LDFLAGS = -module -avoid-version \ -rpath /evil/libtool/hack/to/force/shared/lib/creation + +virnetdevbandwidthmock_la_SOURCES = \ + virnetdevbandwidthmock.c +virnetdevbandwidthmock_la_CFLAGS = $(AM_CFLAGS) +virnetdevbandwidthmock_la_LDFLAGS = -module -avoid-version \ + -rpath /evil/libtool/hack/to/force/shared/lib/creation + else ! WITH_LINUX - EXTRA_DIST += virusbtest.c virusbmock.c + EXTRA_DIST += virusbtest.c virusbmock.c \ + virnetdevbandwidthtest.c virnetdevbandwidthmock.c endif ! WITH_LINUX if WITH_DBUS diff --git a/tests/virnetdevbandwidthmock.c b/tests/virnetdevbandwidthmock.c new file mode 100644 index 0000000..e8edead --- /dev/null +++ b/tests/virnetdevbandwidthmock.c @@ -0,0 +1,28 @@ +/* + * Copyright (C) 2013 Red Hat, Inc.
Looking at calendar reveals it 2014 :-P
+ * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + * + * Author: Erik Skultety <eskultet@xxxxxxxxxx> + */ +
Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list