Quoting Daniel P. Berrange (berrange@xxxxxxxxxx): > This patch is preparing the way for future work on allowing the libvirtd > daemon to run as a less-privileged user ID. The idea is that we will > switch from 'root' to 'libvirtd', but use Linux capabilties to keep the > handful of higher privileges we need for our work. Thus any code which > does a check of 'getuid() == 0' is guarenteed to break [1]. > > The way this patch approaches this problem, is to change the driver > initialization function virStateInitialize() to have it be passed in a > 'int privileged' flag from the libvirtd daemon. Each driver is updated > to record this flag, and use it for checks where needed. The only real > exception is the Xen driver, where we simply check access(2) against > the file we need to open. Hi Daniel, just a few questions: ... > diff -r 5e3b5d1f91c2 qemud/qemud.c ... > @@ -2871,7 +2870,7 @@ int main(int argc, char **argv) { > sigaction(SIGPIPE, &sig_action, NULL); > > /* Ensure the rundir exists (on tmpfs on some systems) */ > - if (geteuid () == 0) { > + if (getuid() == 0) { Why this change? ... > diff -r 5e3b5d1f91c2 src/qemu_driver.c > --- a/src/qemu_driver.c Thu May 21 16:21:20 2009 +0100 > +++ b/src/qemu_driver.c Thu May 21 16:27:16 2009 +0100 > @@ -130,24 +130,26 @@ static struct qemud_driver *qemu_driver > > > static int > -qemudLogFD(virConnectPtr conn, const char* logDir, const char* name) > +qemudLogFD(virConnectPtr conn, struct qemud_driver *driver, const char* name) > { > char logfile[PATH_MAX]; > mode_t logmode; > - uid_t uid = geteuid(); > int ret, fd = -1; > > - if ((ret = snprintf(logfile, sizeof(logfile), "%s/%s.log", logDir, name)) > + if ((ret = snprintf(logfile, sizeof(logfile), "%s/%s.log", > + driver->logDir, name)) > < 0 || ret >= sizeof(logfile)) { > virReportOOMError(conn); > return -1; > } > > logmode = O_CREAT | O_WRONLY; > - if (uid != 0) > + /* Only logrotate files in /var/log, so only append if running privileged */ > + if (driver->privileged) > + logmode |= O_APPEND; > + else > logmode |= O_TRUNC; > - else > - logmode |= O_APPEND; Hmm, so if I run as unpriv user my logfiles will always be truncated? thanks, -serge -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list