On Mon, May 10, 2021 at 01:32:20PM +0200, Michal Prívozník wrote: > On 5/7/21 6:24 PM, Daniel P. Berrangé wrote: > > When fetching the value of a private secret, we need to use an elevated > > identity otherwise the secret driver will deny access. > > > > When using the modular daemons, the elevated identity needs to be active > > before the secret driver connection is opened, and it will apply to all > > APIs calls made on that conncetion. > > > > When using the monolithic daemon, the identity at time of opening the > > connection is ignored, and the elevated identity needs to be active > > precisely at the time the virSecretGetValue API call is made. > > > > After acquiring the secret value, the elevated identity should be > > cleared. > > > > This sounds complex, but is fairly straightfoward with the automatic > > cleanup callbacks. > > > > Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> > > --- > > src/libxl/libxl_conf.c | 5 +++++ > > src/qemu/qemu_domain.c | 11 ++++++++++- > > src/qemu/qemu_tpm.c | 5 +++++ > > src/storage/storage_backend_iscsi.c | 5 +++++ > > src/storage/storage_backend_iscsi_direct.c | 5 +++++ > > src/storage/storage_backend_rbd.c | 5 +++++ > > src/storage/storage_util.c | 5 +++++ > > 7 files changed, 40 insertions(+), 1 deletion(-) > > > > > After this, I see qemuxml2argv test crash (because of NULL passed to > open() in the area I'm raising in 03/10). With the fix I'm suggesting I > see a different error: > > internal error: No current identity to elevate > > That's because we failed to initialize identity. Unfortunately, I will > have to leave this up to you. Yep, the test suite needs to call virIdentitySetCurrent now we have a dependancy on the identity APIs for internal secret access. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
