[PATCH 3/4] util: extend virExecWithHook()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch extends virExecWithHook() to receive
capability information.


Signed-off-by: Taku Izumi <izumi.taku@xxxxxxxxxxxxxx>
Signed-off-by: Shota Hirae <m11g1401@xxxxxxxxxxxxxx>
---
 src/util/command.c |   16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

Index: libvirt/src/util/command.c
===================================================================
--- libvirt.orig/src/util/command.c
+++ libvirt/src/util/command.c
@@ -393,6 +393,7 @@ prepareStdFd(int fd, int std)
  * @hook optional virExecHook function to call prior to exec
  * @data data to pass to the hook function
  * @pidfile path to use as pidfile for daemonized process (needs DAEMON flag)
+ * @capabilities capabilities to keep
  */
 static int
 virExecWithHook(const char *const*argv,
@@ -404,7 +405,8 @@ virExecWithHook(const char *const*argv,
                 unsigned int flags,
                 virExecHook hook,
                 void *data,
-                char *pidfile)
+                char *pidfile,
+                unsigned long long capabilities)
 {
     pid_t pid;
     int null = -1, i, openmax;
@@ -633,9 +635,9 @@ virExecWithHook(const char *const*argv,
 
     /* The steps above may need todo something privileged, so
      * we delay clearing capabilities until the last minute */
-    if ((flags & VIR_EXEC_CLEAR_CAPS) &&
-        virClearCapabilities() < 0)
-        goto fork_error;
+    if (capabilities || (flags & VIR_EXEC_CLEAR_CAPS))
+        if (virKeepCapabilities(capabilities) < 0)
+            goto fork_error;
 
     /* Close logging again to ensure no FDs leak to child */
     virLogReset();
@@ -723,7 +725,8 @@ virExecWithHook(const char *const*argv A
                 int flags_unused ATTRIBUTE_UNUSED,
                 virExecHook hook ATTRIBUTE_UNUSED,
                 void *data ATTRIBUTE_UNUSED,
-                char *pidfile ATTRIBUTE_UNUSED)
+                char *pidfile ATTRIBUTE_UNUSED,
+                unsigned long long capabilities ATTRIBUTE_UNUSED)
 {
     /* XXX: Some day we can implement pieces of virCommand/virExec on
      * top of _spawn() or CreateProcess(), but we can't implement
@@ -2171,7 +2174,8 @@ virCommandRunAsync(virCommandPtr cmd, pi
                           cmd->flags,
                           virCommandHook,
                           cmd,
-                          cmd->pidfile);
+                          cmd->pidfile,
+                          cmd->capabilities);
 
     VIR_DEBUG("Command result %d, with PID %d",
               ret, (int)cmd->pid);

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]