Re: [PATCHv3 2/2] Iface: disallow network tuning in session mode globally

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 06.11.2014 12:38, Erik Skultety wrote:

Patch 43b67f2e disallowed network tuning only with qemu driver, however
this patch moved the check for root privileges into
virNetDevBandwidthSet function, so the call should now
fail in all possible cases. A mock function was created so that the test
suite doesn't fail because of unsufficient privileges.
---
  src/util/virnetdevbandwidth.c  |  8 ++++++++
  tests/Makefile.am              | 26 +++++++++++++++++++-------
  tests/virnetdevbandwidthmock.c | 28 ++++++++++++++++++++++++++++
  tests/virnetdevbandwidthtest.c |  2 +-
  4 files changed, 56 insertions(+), 8 deletions(-)
  create mode 100644 tests/virnetdevbandwidthmock.c

diff --git a/src/util/virnetdevbandwidth.c b/src/util/virnetdevbandwidth.c
index 5fa231a..9f2a159 100644
--- a/src/util/virnetdevbandwidth.c
+++ b/src/util/virnetdevbandwidth.c
@@ -21,6 +21,7 @@
   */

  #include <config.h>
+#include <unistd.h>

  #include "virnetdevbandwidth.h"
  #include "vircommand.h"
@@ -74,6 +75,13 @@ virNetDevBandwidthSet(const char *ifname,
          goto cleanup;
      }

+    if (geteuid() != 0) {
+        virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+                       _("Network bandwidth tuning is not available"
+                         " in session mode"));
+        return -1;
+    }
+
I wonder if we should have the same check in virNetDevBandwidthClear() since it's often used in pair with Set() and in fact it's called before the Set() function. 


      virNetDevBandwidthClear(ifname);

      if (bandwidth->in && bandwidth->in->average) {
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 7b22f90..a3e3ab3 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -167,7 +167,6 @@ test_programs = virshtest sockettest \
  	virstringtest \
  	virportallocatortest \
  	sysinfotest \
-	virnetdevbandwidthtest \
  	virkmodtest \
  	vircapstest \
  	domaincapstest \
@@ -318,7 +317,9 @@ test_programs += metadatatest
  test_programs += secretxml2xmltest

  if WITH_LINUX
-test_programs += virusbtest
+test_programs += virusbtest \
+	virnetdevbandwidthtest \
+	$(NULL)
  endif WITH_LINUX

  test_scripts = \
@@ -409,7 +410,9 @@ test_libraries += \
  endif WITH_DBUS

  if WITH_LINUX
-test_libraries += virusbmock.la
+test_libraries += virusbmock.la \
+		virnetdevbandwidthmock.la \
+		$(NULL)
  endif WITH_LINUX

  if WITH_TESTS
@@ -825,9 +828,6 @@ commandhelper_LDADD = \

  commandhelper_LDFLAGS = -static

-virnetdevbandwidthtest_SOURCES = \
-	virnetdevbandwidthtest.c testutils.h testutils.c
-virnetdevbandwidthtest_LDADD = $(LDADDS) $(LIBXML_LIBS)

  virkmodtest_SOURCES = \
  	virkmodtest.c testutils.h testutils.c
@@ -994,12 +994,24 @@ virusbtest_SOURCES = \
  	virusbtest.c testutils.h testutils.c
  virusbtest_LDADD = $(LDADDS)

+virnetdevbandwidthtest_SOURCES = \
+	virnetdevbandwidthtest.c testutils.h testutils.c
+virnetdevbandwidthtest_LDADD = $(LDADDS) $(LIBXML_LIBS)
+
  virusbmock_la_SOURCES = virusbmock.c
  virusbmock_la_CFLAGS = $(AM_CFLAGS)
  virusbmock_la_LDFLAGS = -module -avoid-version \
          -rpath /evil/libtool/hack/to/force/shared/lib/creation
+
+virnetdevbandwidthmock_la_SOURCES = \
+	virnetdevbandwidthmock.c
+virnetdevbandwidthmock_la_CFLAGS = $(AM_CFLAGS)
+virnetdevbandwidthmock_la_LDFLAGS = -module -avoid-version \
+        -rpath /evil/libtool/hack/to/force/shared/lib/creation
+
  else ! WITH_LINUX
-	EXTRA_DIST += virusbtest.c virusbmock.c
+	EXTRA_DIST += virusbtest.c virusbmock.c \
+		virnetdevbandwidthtest.c virnetdevbandwidthmock.c
  endif ! WITH_LINUX

  if WITH_DBUS
diff --git a/tests/virnetdevbandwidthmock.c b/tests/virnetdevbandwidthmock.c
new file mode 100644
index 0000000..e8edead
--- /dev/null
+++ b/tests/virnetdevbandwidthmock.c
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2013 Red Hat, Inc.


Looking at calendar reveals it 2014 :-P


+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library.  If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * Author: Erik Skultety <eskultet@xxxxxxxxxx>
+ */
+


Michal

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]