On 02/07/14 21:47, Eric Blake wrote:
On 02/07/2014 10:53 AM, Peter Krempa wrote:
The code took into account only the global permissions. The domains now support per-vm DAC lables and per-image DAC labels. Use the most
s/lables/labels/
specific label available. --- src/qemu/qemu_domain.c | 35 +++++++++++++++++++++++++++++++++-- src/qemu/qemu_domain.h | 1 + src/qemu/qemu_driver.c | 8 ++++---- src/qemu/qemu_hotplug.c | 2 +- src/qemu/qemu_process.c | 2 +- 5 files changed, 40 insertions(+), 8 deletions(-)
+static void +qemuDomainGetImageIds(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + virDomainDiskDefPtr disk, + uid_t *uid, gid_t *gid) +{ + virSecurityLabelDefPtr vmlabel; + virSecurityDeviceLabelDefPtr disklabel;
Here, I'd add:
if (uid) *uid = -1; if (gid) *gid = -1;
Right, I actually had that in one of the work versions but I've refactored it and forgot to initialize the variable.
+ + if (cfg) { + if (uid) + *uid = cfg->user; + + if (gid) + *gid = cfg->group; + } + + if (vm && (vmlabel = virDomainDefGetSecurityLabelDef(vm->def, "dac"))) + virParseOwnershipIds(vmlabel->label, uid, gid); + + if ((disklabel = virDomainDiskDefGetSecurityLabelDef(disk, "dac"))) + virParseOwnershipIds(disklabel->label, uid, gid);
since all three of these more-specific overrides could all be missing, but ideally, you want to guarantee that we picked the best-possible uid/gid by the end of this method.
ACK with that fixed - it means that all disks are now being opened by the same credentials as what we tell qemu to open with.
Fixed && pushed; Thanks. Peter