On 02/07/2013 02:37 PM, Laine Stump wrote: > --- > src/storage/storage_backend.c | 28 ++++++---------------------- > 1 file changed, 6 insertions(+), 22 deletions(-) > > @@ -576,7 +558,9 @@ static int virStorageBackendCreateExecCommand(virStoragePoolObjPtr pool, > } > } > > - data.skip = true; > + /* don't change uid/gid if we retry */ > + virCommandSetUID(cmd, 0); > + virCommandSetGID(cmd, 0); Hmm, so you are reusing an existing virCommand, but want to change it to no longer attempt uid/gid change (that is, inherit the uid/gid of the current libvirtd). If you refactor things in earlier patches to use -1 as the no-op, and allow an attempt to change to id 0, then this needs alteration to -1. And per the man page of setfsuid, there really are reasons why one would attempt to change uid to 0, even when already executing as uid 0 - it forces Linux to resync the fsuid back to 0. True, not much code plays with fsuid, and it is rare to have a program where fsuid differs from uid, but I'd rather our wrapper lets us expose full kernel/glibc rules on id setting, than to accidentally short-circuit away something that has important side-effects in odd corner cases. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list