Namely, virFileGetACLs, virFileSetACLs, virFileFreeACLs and
virFileCopyACLs. These functions are going to be required when we
are creating /dev for qemu. We have copy anything that's in
host's /dev exactly as is. Including ACLs.
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
config-post.h | 2 ++
configure.ac | 10 +++++-
src/Makefile.am | 4 +--
src/libvirt_private.syms | 4 +++
src/util/virfile.c | 81 ++++++++++++++++++++++++++++++++++++++++++++++++
src/util/virfile.h | 11 +++++++
6 files changed, 109 insertions(+), 3 deletions(-)
diff --git a/config-post.h b/config-post.h
index 090cc2831..6a91ff66b 100644
--- a/config-post.h
+++ b/config-post.h
@@ -30,6 +30,7 @@
# undef HAVE_LIBNL
# undef HAVE_LIBNL3
# undef HAVE_LIBSASL2
+# undef HAVE_SYS_ACL_H
# undef WITH_CAPNG
# undef WITH_CURL
# undef WITH_DBUS
@@ -56,6 +57,7 @@
# undef HAVE_LIBNL
# undef HAVE_LIBNL3
# undef HAVE_LIBSASL2
+# undef HAVE_SYS_ACL_H
# undef WITH_CAPNG
# undef WITH_CURL
# undef WITH_DTRACE_PROBES
diff --git a/configure.ac b/configure.ac
index da3388e7c..4614b3687 100644
--- a/configure.ac
+++ b/configure.ac
@@ -332,11 +332,19 @@ dnl Availability of various common headers (non-fatal if missing).
AC_CHECK_HEADERS([pwd.h regex.h sys/un.h \
sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h \
sys/un.h sys/syscall.h sys/sysctl.h netinet/tcp.h ifaddrs.h \
- libtasn1.h sys/ucred.h sys/mount.h])
+ libtasn1.h sys/ucred.h sys/mount.h sys/acl.h])
dnl Check whether endian provides handy macros.
AC_CHECK_DECLS([htole64], [], [], [[#include <endian.h>]])
AC_CHECK_FUNCS([stat stat64 __xstat __xstat64 lstat lstat64 __lxstat __lxstat64])
+ACL_CFLAGS=""
+ACL_LIBS=""
+if test "x$ac_cv_header_sys_acl_h" = "xyes" ; then
+ ACL_LIBS="-lacl"
+fi
+AC_SUBST([ACL_CFLAGS])
+AC_SUBST([ACL_LIBS])
+
dnl We need to decide at configure time if libvirt will use real atomic
dnl operations ("lock free") or emulated ones with a mutex.
diff --git a/src/Makefile.am b/src/Makefile.am
index 8c620d5e0..07a28335a 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1127,12 +1127,12 @@ libvirt_util_la_SOURCES = \
libvirt_util_la_CFLAGS = $(CAPNG_CFLAGS) $(YAJL_CFLAGS) $(LIBNL_CFLAGS) \
$(AM_CFLAGS) $(AUDIT_CFLAGS) $(DEVMAPPER_CFLAGS) \
$(DBUS_CFLAGS) $(LDEXP_LIBM) $(NUMACTL_CFLAGS) \
- $(POLKIT_CFLAGS) $(GNUTLS_CFLAGS) \
+ $(POLKIT_CFLAGS) $(GNUTLS_CFLAGS) $(ACL_CFLAGS) \
-I$(srcdir)/conf
libvirt_util_la_LIBADD = $(CAPNG_LIBS) $(YAJL_LIBS) $(LIBNL_LIBS) \
$(THREAD_LIBS) $(AUDIT_LIBS) $(DEVMAPPER_LIBS) \
$(LIB_CLOCK_GETTIME) $(DBUS_LIBS) $(MSCOM_LIBS) $(LIBXML_LIBS) \
- $(SECDRIVER_LIBS) $(NUMACTL_LIBS) \
+ $(SECDRIVER_LIBS) $(NUMACTL_LIBS) $(ACL_LIBS) \
$(POLKIT_LIBS)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 94eea50fd..c1ed2c598 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1559,6 +1559,7 @@ virFileActivateDirOverride;
virFileBindMountDevice;
virFileBuildPath;
virFileClose;
+virFileCopyACLs;
virFileDeleteTree;
virFileDirectFdFlag;
virFileExists;
@@ -1568,6 +1569,8 @@ virFileFindHugeTLBFS;
virFileFindMountPoint;
virFileFindResource;
virFileFindResourceFull;
+virFileFreeACLs;
+virFileGetACLs;
virFileGetHugepageSize;
virFileGetMountReverseSubtree;
virFileGetMountSubtree;
@@ -1604,6 +1607,7 @@ virFileResolveLink;
virFileRewrite;
virFileRewriteStr;
virFileSanitizePath;
+virFileSetACLs;
virFileSetupDev;
virFileSkipRoot;
virFileStripSuffix;
diff --git a/src/util/virfile.c b/src/util/virfile.c
index cc585c1e1..7c1e4357d 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -48,6 +48,9 @@
#if HAVE_SYS_SYSCALL_H
# include <sys/syscall.h>
#endif
+#if HAVE_SYS_ACL_H
+# include <sys/acl.h>
+#endif
#ifdef __linux__
# if HAVE_LINUX_MAGIC_H
@@ -3629,3 +3632,81 @@ virFileBindMountDevice(const char *src ATTRIBUTE_UNUSED,
return -1;
}
#endif /* !defined(HAVE_SYS_MOUNT_H) */
+
+
+#if defined(HAVE_SYS_ACL_H)
+int
+virFileGetACLs(const char *file,
+ void **acl)
+{
+ if (!(*acl = acl_get_file(file, ACL_TYPE_ACCESS)))
+ return -1;
+
+ return 0;
+}
+
+
+int
+virFileSetACLs(const char *file,
+ void *acl)
+{
+ if (acl_set_file(file, ACL_TYPE_ACCESS, acl) < 0)
+ return -1;
+
+ return 0;
+}
+
+
+void
+virFileFreeACLs(void **acl)
+{
+ acl_free(*acl);
+ *acl = NULL;
+}
+
+#else /* !defined(HAVE_SYS_ACL_H) */
+
+int
+virFileGetACLs(const char *file ATTRIBUTE_UNUSED,
+ void **acl ATTRIBUTE_UNUSED)
+{
+ errno = ENOTSUP;
+ return -1;
+}
+
+
+int
+virFileSetACLs(const char *file ATTRIBUTE_UNUSED,
+ void *acl ATTRIBUTE_UNUSED)
+{
+ errno = ENOTSUP;
+ return -1;
+}
+
+
+void
+virFileFreeACLs(void **acl)
+{
+ *acl = NULL;
+}
+
+#endif /* !defined(HAVE_SYS_ACL_H) */
+
+int
+virFileCopyACLs(const char *src,
+ const char *dst)
+{
+ void *acl = NULL;
+ int ret = -1;
+
+ if (virFileGetACLs(src, &acl) < 0)
+ return ret;
+
+ if (virFileSetACLs(dst, acl) < 0)
+ goto cleanup;
+
+ ret = 0;
+ cleanup:
+ virFileFreeACLs(&acl);
+ return ret;
+}
diff --git a/src/util/virfile.h b/src/util/virfile.h
index 5e3bfc00c..571e5bdc8 100644
--- a/src/util/virfile.h
+++ b/src/util/virfile.h
@@ -317,4 +317,15 @@ int virFileSetupDev(const char *path,
int virFileBindMountDevice(const char *src,
const char *dst);
+
+int virFileGetACLs(const char *file,
+ void **acl);
+
+int virFileSetACLs(const char *file,
+ void *acl);
+
+void virFileFreeACLs(void **acl);
+
+int virFileCopyACLs(const char *src,
+ const char *dst);
#endif /* __VIR_FILE_H */
--
2.11.0
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
