This is an interim measure to make sure everything still works in this
order. The next step will be to perform capabilities drop and
setuid/gid as a single operation (which is the only way to keep any
capabilities when switching to a non-root uid).
---
src/util/vircommand.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/util/vircommand.c b/src/util/vircommand.c
index 3eb8465..2eb11f5 100644
--- a/src/util/vircommand.c
+++ b/src/util/vircommand.c
@@ -643,6 +643,12 @@ virExec(virCommandPtr cmd)
goto fork_error;
}
+ /* The steps above may need todo something privileged, so
+ * we delay clearing capabilities until the last minute */
+ if (cmd->capabilities || (cmd->flags & VIR_EXEC_CLEAR_CAPS))
+ if (virSetCapabilities(cmd->capabilities) < 0)
+ goto fork_error;
+
if (cmd->pwd) {
VIR_DEBUG("Running child in %s", cmd->pwd);
if (chdir(cmd->pwd) < 0) {
@@ -661,12 +667,6 @@ virExec(virCommandPtr cmd)
goto fork_error;
}
- /* The steps above may need todo something privileged, so
- * we delay clearing capabilities until the last minute */
- if (cmd->capabilities || (cmd->flags & VIR_EXEC_CLEAR_CAPS))
- if (virSetCapabilities(cmd->capabilities) < 0)
- goto fork_error;
-
/* Close logging again to ensure no FDs leak to child */
virLogReset();
--
1.8.1
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list