On Thu, Feb 07, 2013 at 04:37:52PM -0500, Laine Stump wrote: > The qemu driver had been calling virSecurityManagerSetProcessLabel() > from a "pre-exec hook" function that is run after the child is forked, > but before exec'ing qemu. This is problematic because the uid and gid > of the child are set by the security driver, but capabilities are > dropped by virCommand - such separation doesn't work; the two > operations must be done together or the capabilities do not transfer > properly to the child process. > > This patch switches to using virSecurityManagerSetChildProcessLabel(), > which is called prior to virCommandRun() (rather than being called > *during* virCommandrun() by the hook function), and doesn't set the > UID/GID/security label directly, but instead merely informs virCommand > what it should set them all to when the time is appropriate. > > This lets virCommand choose to do the uid/gid and caps dropping all at > the same time if it wants (it does *want* to, but isn't doing so yet; > that's for an upcoming patch). > --- > src/qemu/qemu_process.c | 12 +++++++----- > 1 file changed, 7 insertions(+), 5 deletions(-) ACK Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list