On 12/23/2010 11:39 AM, Laine Stump wrote: > This patch fixes https://bugzilla.redhat.com/show_bug.cgi?id=664406 > > If qemu is run as a different uid, it has been unable to access mode > 0660 files that are owned by a different user, but with a group that > the qemu is a member of (aside from the one group listed in the passwd > file), because initgroups() is not being called prior to the > exec. initgroups will change the group membership of the process (and > its children) to match the new uid. > > To make this happen, the setregid()/setreuid() code in > qemuSecurityDACSetProcessLabel has been replaced with a call to > virSetUIDGID(), which does both of those, plus calls initgroups. > > Similar, but not identical, code in qemudOpenAsUID() has been replaced > with virSetUIDGID(). This not only consolidates the functionality to a > single location, but also potentially fixes some as-yet unreported > bugs. > --- > src/qemu/qemu_driver.c | 44 +++++++++++++---------------------------- > src/qemu/qemu_security_dac.c | 18 +--------------- > 2 files changed, 16 insertions(+), 46 deletions(-)
> + if (virSetUIDGID(uid, gid) < 0) {
> + exit_code = errno;
> + goto child_cleanup;
Ah, I see why you needed patch 1 - patch two calls virReportSystemError
in between the setting of errno and the return.
However, one glitch - VIR_FREE(x) does not (yet) guarantee that errno is
preserved (some poorly-written free() implementations can modify errno;
glibc is nicer in trying to avoid that). You'll need to modify 1/3
accordingly.
Which means ACK to this patch as perfect, but the prerequisites aren't
there yet :)
--
Eric Blake [email protected] +1-801-349-2682
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
