On Mon, Jun 06, 2016 at 14:25:23 -0500, Roy Keene wrote: > Patch to libvirt master to avoid failing when a user ID is specified, > e.g. for <seclabel type='dac'>, that does not map to a user name. > > This is useful if you want to run each VM as a separate user and not > bother creating an /etc/passwd entry for each UID. For this use case you shall prefix the name with a +. Please refer to the documentation on seclabels. https://libvirt.org/formatdomain.html#seclabel > > It compiles but is as yet untested. > > --- > src/util/virutil.c | 69 > +++++++++++++++++++++++++++++++++++++++--------------- > 1 file changed, 50 insertions(+), 19 deletions(-) NACK to this patch Peter > > diff --git a/src/util/virutil.c b/src/util/virutil.c > index d80d994..ae95237 100644 > --- a/src/util/virutil.c > +++ b/src/util/virutil.c > @@ -790,26 +790,57 @@ virGetUserEnt(uid_t uid, char **name, gid_t > *group, char **dir) > if (VIR_RESIZE_N(strbuf, strbuflen, strbuflen, strbuflen) < 0) > goto cleanup; > } > - if (rc != 0) { > - virReportSystemError(rc, > - _("Failed to find user record for uid '%u'"), > - (unsigned int) uid); > - goto cleanup; > - } else if (pw == NULL) { > - virReportError(VIR_ERR_SYSTEM_ERROR, > - _("Failed to find user record for uid '%u'"), > - (unsigned int) uid); > - goto cleanup; > - } > > - if (name && VIR_STRDUP(*name, pw->pw_name) < 0) > - goto cleanup; > - if (group) > - *group = pw->pw_gid; > - if (dir && VIR_STRDUP(*dir, pw->pw_dir) < 0) { > - if (name) > - VIR_FREE(*name); > - goto cleanup; > + if (rc != 0 || pw == NULL) { > + /* > + * If the user does not exist or its data is not present, return > + * a created username. > + */ > + VIR_FREE(strbuf); > + > + strbuflen = 128; > + > + if (VIR_ALLOC_N(strbuf, strbuflen) < 0) { > + return(-1); > + } > + > + /* > + * Fake user home directory: / > + */ > + if (dir) { > + if (VIR_STRDUP(*dir, "/") < 0) { > + goto cleanup; > + } > + } Erm no. We should not do this. Not at this level. > + > + /* > + * Fake user GID: Same as UID > + */ > + if (group) { > + *group = (gid_t) uid; > + } > + > + /* > + * Fake user name: Same as UID (in string) > + */ > + snprintf(strbuf, strbuflen, "%llu", (unsigned long long) uid); > + > + if (name && VIR_STRDUP(*name, strbuf) < 0) { > + if (dir) { > + VIR_FREE(*dir); > + } > + goto cleanup; > + } > + } else { > + if (name && VIR_STRDUP(*name, pw->pw_name) < 0) > + goto cleanup; > + if (group) > + *group = pw->pw_gid; > + if (dir && VIR_STRDUP(*dir, pw->pw_dir) < 0) { > + if (name) > + VIR_FREE(*name); > + goto cleanup; > + } > } > > ret = 0; > -- > 2.7.4 > > -- > libvir-list mailing list > libvir-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list