On Mon, Jan 30, 2012 at 06:09:44PM +0900, Taku Izumi wrote: > > This patch introduces virKeepCapabilities() function and implements > virCommandAllowCap() function. > > Existing virClearCapabilities() is function to clear all capabilities. > Instead virKeepCapabilities() is function to keep arbitrary capabilities. > > > Signed-off-by: Taku Izumi <izumi.taku@xxxxxxxxxxxxxx> > Signed-off-by: Shota Hirae <m11g1401@xxxxxxxxxxxxxx> > --- > src/util/command.c | 45 ++++++++++++++++++++++++++++++++++++++------- > src/util/command.h | 4 +--- > 2 files changed, 39 insertions(+), 10 deletions(-) > > Index: libvirt/src/util/command.c > =================================================================== > --- libvirt.orig/src/util/command.c > +++ libvirt/src/util/command.c > @@ -103,6 +103,8 @@ struct _virCommand { > pid_t pid; > char *pidfile; > bool reap; > + > + unsigned long long capabilities; > }; > > /* > @@ -182,6 +184,33 @@ static int virClearCapabilities(void) > > return 0; > } > + > +/** > + * virKeepCapabilities: > + * @capabilities - capability flag to keep. > + * In case of 0, this function is identical to > + * virClearCapabilities() > + * > + */ > +static int virKeepCapabilities(unsigned long long capabilities) > +{ > + int ret, i; > + > + capng_clear(CAPNG_SELECT_BOTH); > + > + for (i = 0; i <= CAP_LAST_CAP; i++) { > + if (capabilities & (1ULL << i)) > + capng_update(CAPNG_ADD, CAPNG_BOUNDING_SET, i); > + } > + > + if (ret = capng_apply(CAPNG_SELECT_BOTH) < 0) { > + virCommandError(VIR_ERR_INTERNAL_ERROR, > + _("cannot apply process capabilities %d"), ret); > + return -1; > + } > + > + return 0; > +} > # else > static int virClearCapabilities(void) > { > @@ -189,6 +218,11 @@ static int virClearCapabilities(void) > // "capabilities"); > return 0; > } > + > +static int virKeepCapabilities(unsigned long long capabilities) > +{ > + return 0; > +} > # endif I suggest calling this 'virSetCapabilities' instead, since it is possible this is called with no capabilities to be kept. > > /** > @@ -883,26 +917,23 @@ virCommandClearCaps(virCommandPtr cmd) > cmd->flags |= VIR_EXEC_CLEAR_CAPS; > } > > -#if 0 /* XXX Enable if we have a need for capability management. */ > - > /** > * virCommandAllowCap: > * @cmd: the command to modify > - * @capability: what to allow > + * @capabilities: what to allow > * > - * Re-allow a specific capability > + * Allow specific capabilities > */ > void > virCommandAllowCap(virCommandPtr cmd, > - int capability ATTRIBUTE_UNUSED) > + unsigned long long capabilities) IMHO this shouldn't be changed. > { > if (!cmd || cmd->has_error) > return; > > - /* XXX ? */ > + cmd->capabilities = capabilities; I'd prefer to see cmd->capabilities |= capability; Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list