This patch extends virExecWithHook() to receive
capability information.
Signed-off-by: Taku Izumi <izumi.taku(a)jp.fujitsu.com>
Signed-off-by: Shota Hirae <m11g1401(a)hibikino.ne.jp>
---
src/util/command.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
Index: libvirt/src/util/command.c
===================================================================
--- libvirt.orig/src/util/command.c
+++ libvirt/src/util/command.c
@@ -393,6 +393,7 @@ prepareStdFd(int fd, int std)
* @hook optional virExecHook function to call prior to exec
* @data data to pass to the hook function
* @pidfile path to use as pidfile for daemonized process (needs DAEMON flag)
+ * @capabilities capabilities to keep
*/
static int
virExecWithHook(const char *const*argv,
@@ -404,7 +405,8 @@ virExecWithHook(const char *const*argv,
unsigned int flags,
virExecHook hook,
void *data,
- char *pidfile)
+ char *pidfile,
+ unsigned long long capabilities)
{
pid_t pid;
int null = -1, i, openmax;
@@ -633,9 +635,9 @@ virExecWithHook(const char *const*argv,
/* The steps above may need todo something privileged, so
* we delay clearing capabilities until the last minute */
- if ((flags & VIR_EXEC_CLEAR_CAPS) &&
- virClearCapabilities() < 0)
- goto fork_error;
+ if (capabilities || (flags & VIR_EXEC_CLEAR_CAPS))
+ if (virSetCapabilities(capabilities) < 0)
+ goto fork_error;
/* Close logging again to ensure no FDs leak to child */
virLogReset();
@@ -723,7 +725,8 @@ virExecWithHook(const char *const*argv A
int flags_unused ATTRIBUTE_UNUSED,
virExecHook hook ATTRIBUTE_UNUSED,
void *data ATTRIBUTE_UNUSED,
- char *pidfile ATTRIBUTE_UNUSED)
+ char *pidfile ATTRIBUTE_UNUSED,
+ unsigned long long capabilities ATTRIBUTE_UNUSED)
{
/* XXX: Some day we can implement pieces of virCommand/virExec on
* top of _spawn() or CreateProcess(), but we can't implement
@@ -2171,7 +2174,8 @@ virCommandRunAsync(virCommandPtr cmd, pi
cmd->flags,
virCommandHook,
cmd,
- cmd->pidfile);
+ cmd->pidfile,
+ cmd->capabilities);
VIR_DEBUG("Command result %d, with PID %d",
ret, (int)cmd->pid);