[PATCH 0/3] qemu: Fix how files are being opened

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



There were some places in the code, where files were being opened with
uid:gid of the daemon instead of the qemu process related to the file.

First patch exposes the parseIds() function in order for it to be used
somewhere else in the code than in the DAC security driver.  The next
patch fixes how the files are opened and the last one fixes occurences
of open() that should use different uid:gid for opening files.

There maybe should be a check for whether the file being opened is an
image and whether the label used to open the file should be imagelabel
or not.  But, the QEMU process opening the file is running as the
label (not imagelabel) and accessing the files as such.

Martin Kletzander (3):
  Expose ownership ID parsing
  Make qemuOpenFile aware of per-VM DAC seclabel.
  Use qemuOpenFile in qemu_driver.c

 src/libvirt_private.syms    |  1 +
 src/qemu/qemu_driver.c      | 87 +++++++++++++++++++++++++++++++--------------
 src/security/security_dac.c | 51 ++------------------------
 src/util/virutil.c          | 56 +++++++++++++++++++++++++++++
 src/util/virutil.h          |  2 ++
 5 files changed, 122 insertions(+), 75 deletions(-)

--
1.8.2.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]