On Tue, 2015-06-16 at 12:25 +0100, Daniel P. Berrange wrote:
> While the sandbox API is designed to be hypervisor agnostic,
> the internal implementation needs work for each hypervisor
> target. To avoid user errors at runtime, do an upfront check
> to see if the URI they supply is suitable. Since we don't
> support remote executions, we do a straight string comparison
> on the URI, instead of just a protocol check
> ---
> .../libvirt-sandbox-context-interactive.c | 27 ++++++++++++++++++++++
> po/POTFILES.in | 1 +
> 2 files changed, 28 insertions(+)
>
> diff --git a/libvirt-sandbox/libvirt-sandbox-context-interactive.c b/libvirt-sandbox/libvirt-sandbox-context-interactive.c
> index 78b2fbd..3ab63ec 100644
> --- a/libvirt-sandbox/libvirt-sandbox-context-interactive.c
> +++ b/libvirt-sandbox/libvirt-sandbox-context-interactive.c
> @@ -24,6 +24,8 @@
> #include <string.h>
> #include <errno.h>
>
> +#include <glib/gi18n.h>
> +
> #include "libvirt-sandbox/libvirt-sandbox.h"
>
> /**
> @@ -60,6 +62,13 @@ enum {
>
> //static gint signals[LAST_SIGNAL];
>
> +#define GVIR_SANDBOX_CONTEXT_INTERACTIVE_ERROR gvir_sandbox_context_interactive_error_quark()
> +
> +static GQuark
> +gvir_sandbox_context_interactive_error_quark(void)
> +{
> + return g_quark_from_static_string("gvir-sandbox-context-interactive");
> +}
>
> static void gvir_sandbox_context_interactive_get_property(GObject *object,
> guint prop_id,
> @@ -198,6 +207,7 @@ static gboolean gvir_sandbox_context_interactive_start(GVirSandboxContext *ctxt,
> gchar *emptydir;
> gchar *configfile;
> gboolean ret = FALSE;
> + const gchar *uri;
>
> if (!GVIR_SANDBOX_CONTEXT_CLASS(gvir_sandbox_context_interactive_parent_class)->start(ctxt, error))
> return FALSE;
> @@ -213,6 +223,23 @@ static gboolean gvir_sandbox_context_interactive_start(GVirSandboxContext *ctxt,
> configfile = g_build_filename(configdir, "sandbox.cfg", NULL);
> emptydir = g_build_filename(configdir, "empty", NULL);
>
> + uri = gvir_connection_get_uri(connection);
> +
> + if (geteuid() == 0) {
> + if (!g_str_equal(uri, "lxc:///") &&
> + !g_str_equal(uri, "qemu:///system")) {
> + g_set_error(error, GVIR_SANDBOX_CONTEXT_INTERACTIVE_ERROR, 0,
> + _("Only 'lxc:///' or 'qemu:///system' URIs supported when running as root"));
> + goto cleanup;
> + }
> + } else {
> + if (!g_str_equal(uri, "qemu:///session")) {
> + g_set_error(error, GVIR_SANDBOX_CONTEXT_INTERACTIVE_ERROR, 0,
> + _("Only 'qemu:///session' URIs supported when running as non-root"));
> + goto cleanup;
> + }
> + }
> +
> if (!(builder = gvir_sandbox_builder_for_connection(connection,
> error)))
> goto cleanup;
> diff --git a/po/POTFILES.in b/po/POTFILES.in
> index 653abc5..11bd5e7 100644
> --- a/po/POTFILES.in
> +++ b/po/POTFILES.in
> @@ -7,5 +7,6 @@ libvirt-sandbox/libvirt-sandbox-console.c
> libvirt-sandbox/libvirt-sandbox-console-raw.c
> libvirt-sandbox/libvirt-sandbox-console-rpc.c
> libvirt-sandbox/libvirt-sandbox-context.c
> +libvirt-sandbox/libvirt-sandbox-context-interactive.c
> libvirt-sandbox/libvirt-sandbox-init-common.c
> libvirt-sandbox/libvirt-sandbox-rpcpacket.c
ACK
--
Cedric
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list