On 24.05.2013 22:25, Martin Kletzander wrote:
Parsing 'user:group' is useful even outside the DAC security
driver,
so expose the most abstract function which has no DAC security driver
bits in itself.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/libvirt_private.syms | 1 +
src/security/security_dac.c | 51 +++--------------------------------------
src/util/virutil.c | 56 +++++++++++++++++++++++++++++++++++++++++++++
src/util/virutil.h | 2 ++
4 files changed, 62 insertions(+), 48 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 9d5f74b..1927451 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1951,6 +1951,7 @@ virIsCapableVport;
virIsDevMapperDevice;
virManageVport;
virParseNumber;
+virParseOwnershipIds;
virParseVersionString;
virPipeReadUntilEOF;
virReadFCHost;
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index b8d1a92..0264c28 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -33,6 +33,7 @@
#include "virscsi.h"
#include "virstoragefile.h"
#include "virstring.h"
+#include "virutil.h"
#define VIR_FROM_THIS VIR_FROM_SECURITY
#define SECURITY_DAC_NAME "dac"
@@ -70,52 +71,6 @@ virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr,
priv->dynamicOwnership = dynamicOwnership;
}
-static int
-parseIds(const char *label, uid_t *uidPtr, gid_t *gidPtr)
-{
- int rc = -1;
- uid_t theuid;
- gid_t thegid;
- char *tmp_label = NULL;
- char *sep = NULL;
- char *owner = NULL;
- char *group = NULL;
-
- if (VIR_STRDUP(tmp_label, label) < 0)
- goto cleanup;
-
- /* Split label */
- sep = strchr(tmp_label, ':');
- if (sep == NULL) {
- virReportError(VIR_ERR_INVALID_ARG,
- _("Missing separator ':' in DAC label
\"%s\""),
- label);
- goto cleanup;
- }
- *sep = '\0';
- owner = tmp_label;
- group = sep + 1;
-
- /* Parse owner and group, error message is defined by
- * virGetUserID or virGetGroupID.
- */
- if (virGetUserID(owner, &theuid) < 0 ||
- virGetGroupID(group, &thegid) < 0)
- goto cleanup;
-
- if (uidPtr)
- *uidPtr = theuid;
- if (gidPtr)
- *gidPtr = thegid;
-
- rc = 0;
-
-cleanup:
- VIR_FREE(tmp_label);
-
- return rc;
-}
-
/* returns 1 if label isn't found, 0 on success, -1 on error */
static int
virSecurityDACParseIds(virDomainDefPtr def, uid_t *uidPtr, gid_t *gidPtr)
@@ -133,7 +88,7 @@ virSecurityDACParseIds(virDomainDefPtr def, uid_t *uidPtr, gid_t
*gidPtr)
return 1;
}
- if (parseIds(seclabel->label, &uid, &gid) < 0)
+ if (virParseOwnershipIds(seclabel->label, &uid, &gid) < 0)
return -1;
if (uidPtr)
@@ -194,7 +149,7 @@ virSecurityDACParseImageIds(virDomainDefPtr def,
return 1;
}
- if (parseIds(seclabel->imagelabel, &uid, &gid) < 0)
+ if (virParseOwnershipIds(seclabel->imagelabel, &uid, &gid) < 0)
return -1;
if (uidPtr)
diff --git a/src/util/virutil.c b/src/util/virutil.c
index 028f1d1..450e5e3 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -2071,3 +2071,59 @@ virCompareLimitUlong(unsigned long long a, unsigned long b)
return -1;
}
+
+/**
+ * virParseOwnershipIds:
+ *
+ * Parse the usual "uid:gid" ownership specification into uid_t and
+ * gid_t passed as parameters. NULL value for those parameters mean
+ * the information is not needed. Also, none of those values are
+ * changed in case of any error.
+ *
+ * Returns -1 on error, 0 otherwise.
+ */
+int
+virParseOwnershipIds(const char *label, uid_t *uidPtr, gid_t *gidPtr)
+{
+ int rc = -1;
+ uid_t theuid;
+ gid_t thegid;
+ char *tmp_label = NULL;
+ char *sep = NULL;
+ char *owner = NULL;
+ char *group = NULL;
+
+ if (VIR_STRDUP(tmp_label, label) < 0)
+ goto cleanup;
+
+ /* Split label */
+ sep = strchr(tmp_label, ':');
+ if (sep == NULL) {
+ virReportError(VIR_ERR_INVALID_ARG,
+ _("Failed to parse uid and gid from '%s'"),
This is the only change to the original impl.
+ label);
+ goto cleanup;
+ }
+ *sep = '\0';
+ owner = tmp_label;
+ group = sep + 1;
+
+ /* Parse owner and group, error message is defined by
+ * virGetUserID or virGetGroupID.
+ */
+ if (virGetUserID(owner, &theuid) < 0 ||
+ virGetGroupID(group, &thegid) < 0)
+ goto cleanup;
+
+ if (uidPtr)
+ *uidPtr = theuid;
+ if (gidPtr)
+ *gidPtr = thegid;
+
+ rc = 0;
+
+cleanup:
+ VIR_FREE(tmp_label);
+
+ return rc;
+}
diff --git a/src/util/virutil.h b/src/util/virutil.h
index 280a18d..0f6bcc1 100644
--- a/src/util/virutil.h
+++ b/src/util/virutil.h
@@ -166,4 +166,6 @@ char *virFindFCHostCapableVport(const char *sysfs_prefix);
int virCompareLimitUlong(unsigned long long a, unsigned long b);
+int virParseOwnershipIds(const char *label, uid_t *uidPtr, gid_t *gidPtr);
+
#endif /* __VIR_UTIL_H__ */
Michal