Re: [libvirt] [PATCH] chown kernel/initrd before spawning qemu

"Daniel P. Berrange" <berrange@xxxxxxxxxx> · Thu, 6 Aug 2009 16:02:07 +0100



On Thu, Aug 06, 2009 at 03:48:44PM +0100, Mark McLoughlin wrote:
> If we're running qemu unprivileged, we need to chown any supplied kernel
> or initrd before spawning it.
> 
> * src/qemu_driver.c: rename qemuDomainSetDiskOwnership() to
>   qemuDomainSetFileOwnership(), pass it a path string instead of a disk
>   definition and use it for chowning the kernel/initrd in
>   qemuDomainSetAllDeviceOwnership()
> ---
>  src/qemu_driver.c |   20 ++++++++++++--------
>  1 files changed, 12 insertions(+), 8 deletions(-)
> 
> diff --git a/src/qemu_driver.c b/src/qemu_driver.c
> index 412b68d..bd58435 100644
> --- a/src/qemu_driver.c
> +++ b/src/qemu_driver.c
> @@ -1684,18 +1684,18 @@ static int qemuDomainSetHostdevOwnership(virConnectPtr conn,
>  
>  }
>  
> -static int qemuDomainSetDiskOwnership(virConnectPtr conn,
> -                                      virDomainDiskDefPtr def,
> +static int qemuDomainSetFileOwnership(virConnectPtr conn,
> +                                      const char *path,
>                                        uid_t uid, gid_t gid)
>  {
>  
> -    if (!def->src)
> +    if (!path)
>          return 0;
>  
> -    VIR_DEBUG("Setting ownership on %s to %d:%d", def->src, uid, gid);
> -    if (chown(def->src, uid, gid) < 0) {
> +    VIR_DEBUG("Setting ownership on %s to %d:%d", path, uid, gid);
> +    if (chown(path, uid, gid) < 0) {
>          virReportSystemError(conn, errno, _("cannot set ownership on %s"),
> -                             def->src);
> +                             path);
>          return -1;
>      }
>      return 0;
> @@ -1725,7 +1725,7 @@ static int qemuDomainSetDeviceOwnership(virConnectPtr conn,
>              (def->data.disk->readonly || def->data.disk->shared))
>              return 0;
>  
> -        return qemuDomainSetDiskOwnership(conn, def->data.disk, uid, gid);
> +        return qemuDomainSetFileOwnership(conn, def->data.disk->src, uid, gid);
>  
>      case VIR_DOMAIN_DEVICE_HOSTDEV:
>          return qemuDomainSetHostdevOwnership(conn, def->data.hostdev, uid, gid);
> @@ -1753,12 +1753,16 @@ static int qemuDomainSetAllDeviceOwnership(virConnectPtr conn,
>      uid = restore ? 0 : driver->user;
>      gid = restore ? 0 : driver->group;
>  
> +    if (qemuDomainSetFileOwnership(conn, def->os.kernel, uid, gid) < 0 ||
> +        qemuDomainSetFileOwnership(conn, def->os.initrd, uid, gid) < 0)
> +        return -1;
> +
>      for (i = 0 ; i < def->ndisks ; i++) {
>          if (restore &&
>              (def->disks[i]->readonly || def->disks[i]->shared))
>              continue;
>  
> -        if (qemuDomainSetDiskOwnership(conn, def->disks[i], uid, gid) < 0)
> +        if (qemuDomainSetFileOwnership(conn, def->disks[i]->src, uid, gid) < 0)
>              return -1;
>      }

ACK

Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list