On 18.09.2015 20:20, John Ferlan wrote: > A followup of sorts to recently pushed patches regarding NFS root-squash. > During libvirt-security list review it was pointed out that the new code > was essentially open coding what virProcessWait does. However, since the > model being used also was open coded and there was a time element, the > change was allowed as is with the expectation that a cleanup patch would > follow. Which is what leads into this series.... > > The series started out purely as removing the open code and replacing > with the call to virProcessWait, but during that exercise I also realized > that it was possible to create a 'netdir' in a NFS root-squash environment > (eg, virDirCreate); however, the corrollary to remove the directory using > a fork/exec didn't exist - in fact all that was called was rmdir, which > failed to delete in the NFS root-squash environment. Rather than having > a whole new interface, the first patch reworks virFileUnlink to check > whether the target is a directory or a file and either call rmdir or > unlink appropriately. > > The one common thread amongst the 3 API's changed here is they each looked > to return an errno value, while typically virProcessWait consumers only > return -1 and errno. Determining which failure in virProcessWait returns > -1 is possible because one exit path uses virReportSystemError to report > the error that caused the waitpid() to fail, while the other error path > either receives the errno from the child process or if not present had > already "assumed" EACCES, so these changes follow that model, except that > if it's determined the waitpid failed, EINTR is returned similar to how > virFileAccessibleAs sets errno and returns -1. > > John Ferlan (4): > storage: Use virFileUnlink instead of rmdir > virfile: Use virProcessWait in virFileOpenForked > virfile: Use virProcessWait in virFileUnlink > virfile: Use virProcessWait in virDirCreate > > src/storage/storage_backend_fs.c | 20 +++-- > src/util/virfile.c | 153 ++++++++++++++++----------------------- > 2 files changed, 71 insertions(+), 102 deletions(-) > ACK series. Looking forward to the follow up patch. Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list