Re: [libvirt] [PATCH v2 3/4] util: extend virExecWithHook()
On Tue, Jan 31, 2012 at 01:51:22PM +0900, Taku Izumi wrote: This patch extends virExecWithHook() to receive capability information. Signed-off-by: Taku Izumi izumi.t...@jp.fujitsu.com Signed-off-by: Shota Hirae m11g1...@hibikino.ne.jp --- src/util/command.c | 16 ++-- 1 file changed, 10 insertions(+), 6 deletions(-) Index: libvirt/src/util/command.c === --- libvirt.orig/src/util/command.c +++ libvirt/src/util/command.c @@ -393,6 +393,7 @@ prepareStdFd(int fd, int std) * @hook optional virExecHook function to call prior to exec * @data data to pass to the hook function * @pidfile path to use as pidfile for daemonized process (needs DAEMON flag) + * @capabilities capabilities to keep */ static int virExecWithHook(const char *const*argv, @@ -404,7 +405,8 @@ virExecWithHook(const char *const*argv, unsigned int flags, virExecHook hook, void *data, -char *pidfile) +char *pidfile, +unsigned long long capabilities) { pid_t pid; int null = -1, i, openmax; @@ -633,9 +635,9 @@ virExecWithHook(const char *const*argv, /* The steps above may need todo something privileged, so * we delay clearing capabilities until the last minute */ -if ((flags VIR_EXEC_CLEAR_CAPS) -virClearCapabilities() 0) -goto fork_error; +if (capabilities || (flags VIR_EXEC_CLEAR_CAPS)) +if (virSetCapabilities(capabilities) 0) +goto fork_error; /* Close logging again to ensure no FDs leak to child */ virLogReset(); @@ -723,7 +725,8 @@ virExecWithHook(const char *const*argv A int flags_unused ATTRIBUTE_UNUSED, virExecHook hook ATTRIBUTE_UNUSED, void *data ATTRIBUTE_UNUSED, -char *pidfile ATTRIBUTE_UNUSED) +char *pidfile ATTRIBUTE_UNUSED, +unsigned long long capabilities ATTRIBUTE_UNUSED) { /* XXX: Some day we can implement pieces of virCommand/virExec on * top of _spawn() or CreateProcess(), but we can't implement @@ -2171,7 +2174,8 @@ virCommandRunAsync(virCommandPtr cmd, pi cmd-flags, virCommandHook, cmd, - cmd-pidfile); + cmd-pidfile, + cmd-capabilities); VIR_DEBUG(Command result %d, with PID %d, ret, (int)cmd-pid); ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 3/4] util: extend virExecWithHook()
On 01/31/2012 07:04 AM, Daniel P. Berrange wrote: On Tue, Jan 31, 2012 at 01:51:22PM +0900, Taku Izumi wrote: This patch extends virExecWithHook() to receive capability information. ACK Pushed. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v2 3/4] util: extend virExecWithHook()
This patch extends virExecWithHook() to receive capability information. Signed-off-by: Taku Izumi izumi.t...@jp.fujitsu.com Signed-off-by: Shota Hirae m11g1...@hibikino.ne.jp --- src/util/command.c | 16 ++-- 1 file changed, 10 insertions(+), 6 deletions(-) Index: libvirt/src/util/command.c === --- libvirt.orig/src/util/command.c +++ libvirt/src/util/command.c @@ -393,6 +393,7 @@ prepareStdFd(int fd, int std) * @hook optional virExecHook function to call prior to exec * @data data to pass to the hook function * @pidfile path to use as pidfile for daemonized process (needs DAEMON flag) + * @capabilities capabilities to keep */ static int virExecWithHook(const char *const*argv, @@ -404,7 +405,8 @@ virExecWithHook(const char *const*argv, unsigned int flags, virExecHook hook, void *data, -char *pidfile) +char *pidfile, +unsigned long long capabilities) { pid_t pid; int null = -1, i, openmax; @@ -633,9 +635,9 @@ virExecWithHook(const char *const*argv, /* The steps above may need todo something privileged, so * we delay clearing capabilities until the last minute */ -if ((flags VIR_EXEC_CLEAR_CAPS) -virClearCapabilities() 0) -goto fork_error; +if (capabilities || (flags VIR_EXEC_CLEAR_CAPS)) +if (virSetCapabilities(capabilities) 0) +goto fork_error; /* Close logging again to ensure no FDs leak to child */ virLogReset(); @@ -723,7 +725,8 @@ virExecWithHook(const char *const*argv A int flags_unused ATTRIBUTE_UNUSED, virExecHook hook ATTRIBUTE_UNUSED, void *data ATTRIBUTE_UNUSED, -char *pidfile ATTRIBUTE_UNUSED) +char *pidfile ATTRIBUTE_UNUSED, +unsigned long long capabilities ATTRIBUTE_UNUSED) { /* XXX: Some day we can implement pieces of virCommand/virExec on * top of _spawn() or CreateProcess(), but we can't implement @@ -2171,7 +2174,8 @@ virCommandRunAsync(virCommandPtr cmd, pi cmd-flags, virCommandHook, cmd, - cmd-pidfile); + cmd-pidfile, + cmd-capabilities); VIR_DEBUG(Command result %d, with PID %d, ret, (int)cmd-pid); -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list