On 02/07/14 21:47, Eric Blake wrote:
> On 02/07/2014 10:53 AM, Peter Krempa wrote:
>> The code took into account only the global permissions. The domains now
>> support per-vm DAC lables and per-image DAC labels. Use the most
>
> s/lables/labels/
>
>> specific label available.
>> ---
>> src/qemu/qemu_domain.c | 35 +++++++++++++++++++++++++++++++++--
>> src/qemu/qemu_domain.h | 1 +
>> src/qemu/qemu_driver.c | 8 ++++----
>> src/qemu/qemu_hotplug.c | 2 +-
>> src/qemu/qemu_process.c | 2 +-
>> 5 files changed, 40 insertions(+), 8 deletions(-)
>
>> +static void
>> +qemuDomainGetImageIds(virQEMUDriverConfigPtr cfg,
>> + virDomainObjPtr vm,
>> + virDomainDiskDefPtr disk,
>> + uid_t *uid, gid_t *gid)
>> +{
>> + virSecurityLabelDefPtr vmlabel;
>> + virSecurityDeviceLabelDefPtr disklabel;
>
> Here, I'd add:
>
> if (uid)
> *uid = -1;
> if (gid)
> *gid = -1;
Right, I actually had that in one of the work versions but I've
refactored it and forgot to initialize the variable.
>
>> +
>> + if (cfg) {
>> + if (uid)
>> + *uid = cfg->user;
>> +
>> + if (gid)
>> + *gid = cfg->group;
>> + }
>> +
>> + if (vm && (vmlabel = virDomainDefGetSecurityLabelDef(vm->def, "dac")))
>> + virParseOwnershipIds(vmlabel->label, uid, gid);
>> +
>> + if ((disklabel = virDomainDiskDefGetSecurityLabelDef(disk, "dac")))
>> + virParseOwnershipIds(disklabel->label, uid, gid);
>
> since all three of these more-specific overrides could all be missing,
> but ideally, you want to guarantee that we picked the best-possible
> uid/gid by the end of this method.
>
> ACK with that fixed - it means that all disks are now being opened by
> the same credentials as what we tell qemu to open with.
>
Fixed && pushed; Thanks.
Peter
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list