On 08/05/2013 04:09 AM, Guido Günther wrote:
The change from initgroups to virGetGroupList/setgroups in
cab36cfe71ba83b71e536ba5c98e596f02b697b0 dropped the primary group from
processes group list iff the passed in group to virGetGroupList differs
from the user's primary group.
So always include the primary group to bring back the old behaviour.
Debian has the kvm group as primary group but uses
libvirt-qemu:libvirt-qemu as user:group to run the kvm process so
without this change the /dev/kvm is inaccesible.
s/inaccesible/inaccessible/
---
src/util/virutil.c | 30 +++++++++++++++++++++---------
1 file changed, 21 insertions(+), 9 deletions(-)
+
+ if (gid != (gid_t)-1) {
+ if (VIR_REALLOC_N(*list, ++ret) < 0) {
+ VIR_FREE(*list);
+ goto cleanup;
+ }
+ (*list)[ret-1] = gid;
+ }
This may allow gid to appear in the list more than once - I'd feel a bit
more comfortable if you expanded the list only if you already validated
that gid is not in the list. Also, using VIR_APPEND_ELEMENT would be
nicer than VIR_REALLOC_N and manual list size manipulation.
Looking forward to v2.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library
http://libvirt.org