8:12 a.m.
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Most of the usage of getuid()/getgid() is in cases where we are
considering what privileges we have. As such the code should be
using the effective IDs, not real IDs.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/libvirt.c | 2 +-
src/locking/lock_daemon.c | 2 +-
src/locking/lock_driver_lockd.c | 4 ++--
src/lxc/lxc_controller.c | 2 +-
src/qemu/qemu_driver.c | 6 +++---
src/remote/remote_driver.c | 4 ++--
src/storage/storage_backend.c | 4 ++--
src/storage/storage_backend_fs.c | 4 ++--
src/storage/storage_backend_logical.c | 2 +-
src/util/virfile.c | 16 ++++++++--------
src/util/viridentity.c | 8 ++++----
src/util/virstoragefile.c | 2 +-
src/vbox/vbox_driver.c | 2 +-
src/vbox/vbox_tmpl.c | 2 +-
tests/qemumonitortestutils.c | 2 +-
tests/virnetsockettest.c | 4 ++--
16 files changed, 33 insertions(+), 33 deletions(-)
diff --git a/src/libvirt.c b/src/libvirt.c
index aec5d80..96d8fdc 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -133,7 +133,7 @@ static int virConnectAuthGainPolkit(const char *privilege) {
int status;
int ret = -1;
- if (getuid() == 0)
+ if (geteuid() == 0)
return 0;
cmd = virCommandNewArgList(POLKIT_AUTH, "--obtain", privilege, NULL);
diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c
index cef5bd6..35ccb4e 100644
--- a/src/locking/lock_daemon.c
+++ b/src/locking/lock_daemon.c
@@ -1167,7 +1167,7 @@ int main(int argc, char **argv) {
{0, 0, 0, 0}
};
- privileged = getuid() == 0;
+ privileged = geteuid() == 0;
if (setlocale(LC_ALL, "") == NULL ||
bindtextdomain(PACKAGE, LOCALEDIR) == NULL ||
diff --git a/src/locking/lock_driver_lockd.c b/src/locking/lock_driver_lockd.c
index 86ce2d8..f3b9467 100644
--- a/src/locking/lock_driver_lockd.c
+++ b/src/locking/lock_driver_lockd.c
@@ -302,7 +302,7 @@ virLockManagerLockDaemonConnect(virLockManagerPtr lock,
{
virNetClientPtr client;
- if (!(client = virLockManagerLockDaemonConnectionNew(getuid() == 0, program)))
+ if (!(client = virLockManagerLockDaemonConnectionNew(geteuid() == 0, program)))
return NULL;
if (virLockManagerLockDaemonConnectionRegister(lock,
@@ -331,7 +331,7 @@ static int virLockManagerLockDaemonSetupLockspace(const char *path)
memset(&args, 0, sizeof(args));
args.path = (char*)path;
- if (!(client = virLockManagerLockDaemonConnectionNew(getuid() == 0, &program)))
+ if (!(client = virLockManagerLockDaemonConnectionNew(geteuid() == 0, &program)))
return -1;
if (virNetClientProgramCall(program,
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index aa30d8e..c8f68c0 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -2362,7 +2362,7 @@ int main(int argc, char *argv[])
goto cleanup;
}
- if (getuid() != 0) {
+ if (geteuid() != 0) {
fprintf(stderr, "%s: must be run as the 'root' user\n",
argv[0]);
goto cleanup;
}
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 4977b12..c613967 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -2793,8 +2793,8 @@ qemuOpenFileAs(uid_t fallback_uid, gid_t fallback_gid,
unsigned int vfoflags = 0;
int fd = -1;
int path_shared = virStorageFileIsSharedFS(path);
- uid_t uid = getuid();
- gid_t gid = getgid();
+ uid_t uid = geteuid();
+ gid_t gid = getegid();
/* path might be a pre-existing block dev, in which case
* we need to skip the create step, and also avoid unlink
@@ -2834,7 +2834,7 @@ qemuOpenFileAs(uid_t fallback_uid, gid_t fallback_gid,
qemu user is non-root, just set a flag to
bypass security driver shenanigans, and retry the operation
after doing setuid to qemu user */
- if ((fd != -EACCES && fd != -EPERM) || fallback_uid == getuid())
+ if ((fd != -EACCES && fd != -EPERM) || fallback_uid == geteuid())
goto error;
/* On Linux we can also verify the FS-type of the directory. */
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index b3ab3e6..7181949 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -995,7 +995,7 @@ remoteConnectOpen(virConnectPtr conn,
(strstr(conn->uri->scheme, "+unix") != NULL)) &&
(STREQ(conn->uri->path, "/session") ||
STRPREFIX(conn->uri->scheme, "test+")) &&
- getuid() > 0) {
+ geteuid() > 0) {
VIR_DEBUG("Auto-spawn user daemon instance");
rflags |= VIR_DRV_OPEN_REMOTE_USER;
if (!virIsSUID() &&
@@ -1013,7 +1013,7 @@ remoteConnectOpen(virConnectPtr conn,
if (!conn->uri) {
VIR_DEBUG("Auto-probe remote URI");
#ifndef __sun
- if (getuid() > 0) {
+ if (geteuid() > 0) {
VIR_DEBUG("Auto-spawn user daemon instance");
rflags |= VIR_DRV_OPEN_REMOTE_USER;
if (!virIsSUID() &&
diff --git a/src/storage/storage_backend.c b/src/storage/storage_backend.c
index c21e6ea..aa2ed28 100644
--- a/src/storage/storage_backend.c
+++ b/src/storage/storage_backend.c
@@ -556,11 +556,11 @@ virStorageBackendCreateExecCommand(virStoragePoolObjPtr pool,
bool filecreated = false;
if ((pool->def->type == VIR_STORAGE_POOL_NETFS)
- && (((getuid() == 0)
+ && (((geteuid() == 0)
&& (vol->target.perms.uid != (uid_t) -1)
&& (vol->target.perms.uid != 0))
|| ((vol->target.perms.gid != (gid_t) -1)
- && (vol->target.perms.gid != getgid())))) {
+ && (vol->target.perms.gid != getegid())))) {
virCommandSetUID(cmd, vol->target.perms.uid);
virCommandSetGID(cmd, vol->target.perms.gid);
diff --git a/src/storage/storage_backend_fs.c b/src/storage/storage_backend_fs.c
index f9b0326..7ff950b 100644
--- a/src/storage/storage_backend_fs.c
+++ b/src/storage/storage_backend_fs.c
@@ -785,9 +785,9 @@ virStorageBackendFileSystemBuild(virConnectPtr conn ATTRIBUTE_UNUSED,
/* Reflect the actual uid and gid to the config. */
if (pool->def->target.perms.uid == (uid_t) -1)
- pool->def->target.perms.uid = getuid();
+ pool->def->target.perms.uid = geteuid();
if (pool->def->target.perms.gid == (gid_t) -1)
- pool->def->target.perms.gid = getgid();
+ pool->def->target.perms.gid = getegid();
if (flags != 0) {
ret = virStorageBackendMakeFileSystem(pool, flags);
diff --git a/src/storage/storage_backend_logical.c
b/src/storage/storage_backend_logical.c
index 81ee4a4..10966cc 100644
--- a/src/storage/storage_backend_logical.c
+++ b/src/storage/storage_backend_logical.c
@@ -726,7 +726,7 @@ virStorageBackendLogicalCreateVol(virConnectPtr conn,
goto error;
/* We can only chown/grp if root */
- if (getuid() == 0) {
+ if (geteuid() == 0) {
if (fchown(fd, vol->target.perms.uid, vol->target.perms.gid) < 0) {
virReportSystemError(errno,
_("cannot set file owner '%s'"),
diff --git a/src/util/virfile.c b/src/util/virfile.c
index bc607a5..3a9980c 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -1535,8 +1535,8 @@ virFileAccessibleAs(const char *path, int mode,
gid_t *groups;
int ngroups;
- if (uid == getuid() &&
- gid == getgid())
+ if (uid == geteuid() &&
+ gid == getegid())
return access(path, mode);
ngroups = virGetGroupList(uid, gid, &groups);
@@ -1828,9 +1828,9 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
/* allow using -1 to mean "current value" */
if (uid == (uid_t) -1)
- uid = getuid();
+ uid = geteuid();
if (gid == (gid_t) -1)
- gid = getgid();
+ gid = getegid();
/* treat absence of both flags as presence of both for simpler
* calling. */
@@ -1838,7 +1838,7 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
flags |= VIR_FILE_OPEN_NOFORK|VIR_FILE_OPEN_FORK;
if ((flags & VIR_FILE_OPEN_NOFORK)
- || (getuid() != 0)
+ || (geteuid() != 0)
|| ((uid == 0) && (gid == 0))) {
if ((fd = open(path, openflags, mode)) < 0) {
@@ -1949,12 +1949,12 @@ virDirCreate(const char *path,
/* allow using -1 to mean "current value" */
if (uid == (uid_t) -1)
- uid = getuid();
+ uid = geteuid();
if (gid == (gid_t) -1)
- gid = getgid();
+ gid = getegid();
if ((!(flags & VIR_DIR_CREATE_AS_UID))
- || (getuid() != 0)
+ || (geteuid() != 0)
|| ((uid == 0) && (gid == 0))
|| ((flags & VIR_DIR_CREATE_ALLOW_EXIST) && (stat(path, &st)
>= 0))) {
return virDirCreateNoFork(path, mode, uid, gid, flags);
diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index f681f85..4f5127c 100644
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -157,14 +157,14 @@ virIdentityPtr virIdentityGetSystem(void)
virAsprintf(&processtime, "%llu", timestamp) < 0)
goto cleanup;
- if (!(username = virGetUserName(getuid())))
+ if (!(username = virGetUserName(geteuid())))
goto cleanup;
- if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
+ if (virAsprintf(&userid, "%d", (int)geteuid()) < 0)
goto cleanup;
- if (!(groupname = virGetGroupName(getgid())))
+ if (!(groupname = virGetGroupName(getegid())))
goto cleanup;
- if (virAsprintf(&groupid, "%d", (int)getgid()) < 0)
+ if (virAsprintf(&groupid, "%d", (int)getegid()) < 0)
goto cleanup;
#if WITH_SELINUX
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index 48d5fbb..1b4d4cf 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -572,7 +572,7 @@ virFindBackingFile(const char *start, bool start_is_dir, const char
*path,
goto cleanup;
}
- if (virFileAccessibleAs(combined, F_OK, getuid(), getgid()) < 0) {
+ if (virFileAccessibleAs(combined, F_OK, geteuid(), getegid()) < 0) {
virReportSystemError(errno,
_("Cannot access backing file '%s'"),
combined);
diff --git a/src/vbox/vbox_driver.c b/src/vbox/vbox_driver.c
index 9d07574..4978913 100644
--- a/src/vbox/vbox_driver.c
+++ b/src/vbox/vbox_driver.c
@@ -153,7 +153,7 @@ static virDrvOpenStatus vboxConnectOpen(virConnectPtr conn,
virConnectAuthPtr auth ATTRIBUTE_UNUSED,
unsigned int flags)
{
- uid_t uid = getuid();
+ uid_t uid = geteuid();
virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
diff --git a/src/vbox/vbox_tmpl.c b/src/vbox/vbox_tmpl.c
index c994067..37ca651 100644
--- a/src/vbox/vbox_tmpl.c
+++ b/src/vbox/vbox_tmpl.c
@@ -999,7 +999,7 @@ static virDrvOpenStatus vboxConnectOpen(virConnectPtr conn,
unsigned int flags)
{
vboxGlobalData *data = NULL;
- uid_t uid = getuid();
+ uid_t uid = geteuid();
virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
diff --git a/tests/qemumonitortestutils.c b/tests/qemumonitortestutils.c
index 2aefabc..60ffe90 100644
--- a/tests/qemumonitortestutils.c
+++ b/tests/qemumonitortestutils.c
@@ -789,7 +789,7 @@ qemuMonitorCommonTestNew(virDomainXMLOptionPtr xmlopt,
goto error;
}
- if (virNetSocketNewListenUNIX(path, 0700, getuid(), getgid(),
+ if (virNetSocketNewListenUNIX(path, 0700, geteuid(), getegid(),
&test->server) < 0)
goto error;
diff --git a/tests/virnetsockettest.c b/tests/virnetsockettest.c
index b3e12f9..eda95bc 100644
--- a/tests/virnetsockettest.c
+++ b/tests/virnetsockettest.c
@@ -220,7 +220,7 @@ static int testSocketUNIXAccept(const void *data ATTRIBUTE_UNUSED)
if (virAsprintf(&path, "%s/test.sock", tmpdir) < 0)
goto cleanup;
- if (virNetSocketNewListenUNIX(path, 0700, -1, getgid(), &lsock) < 0)
+ if (virNetSocketNewListenUNIX(path, 0700, -1, getegid(), &lsock) < 0)
goto cleanup;
if (virNetSocketListen(lsock, 0) < 0)
@@ -270,7 +270,7 @@ static int testSocketUNIXAddrs(const void *data ATTRIBUTE_UNUSED)
if (virAsprintf(&path, "%s/test.sock", tmpdir) < 0)
goto cleanup;
- if (virNetSocketNewListenUNIX(path, 0700, -1, getgid(), &lsock) < 0)
+ if (virNetSocketNewListenUNIX(path, 0700, -1, getegid(), &lsock) < 0)
goto cleanup;
if (STRNEQ(virNetSocketLocalAddrString(lsock), "127.0.0.1;0")) {
--
1.8.3.1