On 10/08/2018 05:28 PM, Anthony PERARD wrote:
> On Fri, Oct 05, 2018 at 05:57:01PM +0100, George Dunlap wrote:
>> +# TEST: Process / group id
>> +#
>> +# Read /proc/<qpid>/status, checking Uid and Gid lines
>> +#
>> +# Uid should be xen-qemuuser-range-base+$domid
>> +# Gid should be 65534 ("nobody")
>
> That is wrong. Gid doesn't have to be nobody. gid can be chosen when
> creating the base user id. (And I'm pretty sure "nobody" should be
> avoided.)
Oh, actually, 65534 is "nogroup", which is the default when you don't
add a specific group.
Should we recommend creating a separate group for the Xen qemus in our
feature doc? Or should we just mention the possibility, but leave the
actual example to the default (which will normally end up with the
`nogroup` group)?
>
>> +# FIXME: deal with other UID configurations?
>> +echo -n "Process UID: "
>> +tgt_uid=$(id -u xen-qemuuser-range-base)
>> +tgt_uid=$(( $tgt_uid + $domid ))
>> +
>> +# Example input:
>> +# Uid: 1193 1193 1193 1193
>> +input=$(grep ^Uid: /proc/$dmpid/status)
>> +if [[ "$input" =~
>> ^Uid:[[:space:]]+([0-9]+)[[:space:]]+([0-9]+)[[:space:]]+([0-9]+)[[:space:]]+([0-9]+)$
>> ]] ; then
>> + result="PASSED"
>> + for i in {1..4}; do
>> + if [[ "${BASH_REMATCH[$i]}" != "$tgt_uid" ]] ; then
>> + result="FAILED"
>> + failed="true"
>> + break
>> + fi
>> + done
>> +else
>> + result="FAILED"
>> + failed="true"
>> +fi
>> +echo $result
>> +
>> +# Example input:
>> +# Gid: 10020 10020 10020 10020
>> +echo -n "Process GID: "
>> +tgt_gid=$(id -g nobody)
>
> This should be `id -g xen-qemuuser-range-base`.
Got it
-George
_______________________________________________
Xen-devel mailing list
[email protected]
https://lists.xenproject.org/mailman/listinfo/xen-devel
