Hello tech@, I noticed that vmd(8) only allows VM owners to start/stop their VMs, but does not let them to pause/unpause those VMs.
I was just wondering if there are reasons behind that. If not, the patch below enables pause/unpause commands for VM owners. Regards, Aslan
Index: control.c =================================================================== RCS file: /cvs/src/usr.sbin/vmd/control.c,v retrieving revision 1.22 diff -u -p -r1.22 control.c --- control.c 8 Sep 2017 06:24:31 -0000 1.22 +++ control.c 16 Apr 2018 04:40:24 -0000 @@ -340,6 +340,8 @@ control_dispatch_imsg(int fd, short even case IMSG_VMDOP_GET_INFO_VM_REQUEST: case IMSG_VMDOP_TERMINATE_VM_REQUEST: case IMSG_VMDOP_START_VM_REQUEST: + case IMSG_VMDOP_PAUSE_VM: + case IMSG_VMDOP_UNPAUSE_VM: break; default: if (c->peercred.uid != 0) { @@ -373,8 +375,6 @@ control_dispatch_imsg(int fd, short even /* FALLTHROUGH */ case IMSG_VMDOP_RECEIVE_VM_REQUEST: case IMSG_VMDOP_SEND_VM_REQUEST: - case IMSG_VMDOP_PAUSE_VM: - case IMSG_VMDOP_UNPAUSE_VM: case IMSG_VMDOP_LOAD: case IMSG_VMDOP_RELOAD: case IMSG_CTL_RESET: @@ -421,6 +421,21 @@ control_dispatch_imsg(int fd, short even control_close(fd, cs); return; } + break; + case IMSG_VMDOP_PAUSE_VM: + case IMSG_VMDOP_UNPAUSE_VM: + if (IMSG_DATA_SIZE(&imsg) < sizeof(vid)) + goto fail; + memcpy(&vid, imsg.data, sizeof(vid)); + vid.vid_uid = c->peercred.uid; + log_debug("%s id: %d, name: %s, uid: %d", + __func__, vid.vid_id, vid.vid_name, + vid.vid_uid); + + if (proc_compose_imsg(ps, PROC_PARENT, -1, + imsg.hdr.type, fd, imsg.fd, + &vid, sizeof(vid)) == -1) + goto fail; break; default: log_debug("%s: error handling imsg %d", Index: vm.conf.5 =================================================================== RCS file: /cvs/src/usr.sbin/vmd/vm.conf.5,v retrieving revision 1.27 diff -u -p -r1.27 vm.conf.5 --- vm.conf.5 3 Jan 2018 05:39:56 -0000 1.27 +++ vm.conf.5 16 Apr 2018 04:40:24 -0000 @@ -206,7 +206,8 @@ Memory size of the VM, in bytes, rounded The default is 512M. .It Cm owner Ar user Ns Op : Ns Ar group Set the owner of the VM to the specified user or group. -The owner will be allowed to start or stop the VM and open the VM's console. +The owner will be allowed to start or stop the VM, pause or unpause the VM, +and open the VM's console. .It Cm owner Pf : Ar group Set the owner to the specified group. .El Index: vmd.c =================================================================== RCS file: /cvs/src/usr.sbin/vmd/vmd.c,v retrieving revision 1.82 diff -u -p -r1.82 vmd.c --- vmd.c 29 Mar 2018 18:29:24 -0000 1.82 +++ vmd.c 16 Apr 2018 04:40:25 -0000 @@ -186,8 +186,13 @@ vmd_dispatch_control(int fd, struct priv } else { vid.vid_id = vm->vm_vmid; } - } else if (vm_getbyid(vid.vid_id) == NULL) { + } else if ((vm = vm_getbyid(vid.vid_id)) == NULL) { res = ENOENT; + cmd = IMSG_VMDOP_PAUSE_VM_RESPONSE; + break; + } + if (vm_checkperm(vm, vid.vid_uid) != 0) { + res = EPERM; cmd = IMSG_VMDOP_PAUSE_VM_RESPONSE; break; }