Re: [libvirt] [PATCHv2 04/15] util: add virCommandSetUID and virCommandSetGID

If a uid and/or gid is specified for a command, it will be set just after the user-supplied post-fork "hook" function is called. The intent is that this can replace user hook functions that set uid/gid. This moves the setting of uid/gid and dropping of capabilities closer to each other, which is important since the two should really be done at the same time (libcapng provides a single function that does both, which we will be unable to use, but want to mimic as closely as possible). --- Change from V1: * only bypass uid/gid setting if they are -1 * cast -1 to ([gu]id_t) when comparing to a [gu]id_t * cast uid and gid to (int) for printing src/libvirt_private.syms | 2 ++ src/util/vircommand.c | 29 +++++++++++++++++++++++++++++ src/util/vircommand.h | 6 +++++- 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index b9d45a2..511a686 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -158,12 +158,14 @@ virCommandRun; virCommandRunAsync; virCommandSetErrorBuffer; virCommandSetErrorFD; +virCommandSetGID; virCommandSetInputBuffer; virCommandSetInputFD; virCommandSetOutputBuffer; virCommandSetOutputFD; virCommandSetPidFile; virCommandSetPreExecHook; +virCommandSetUID;

@@ -605,6 +607,13 @@ virExec(virCommandPtr cmd) goto fork_error; } + if (cmd->uid != (uid_t)-1 || cmd->gid != (gid_t)-1) { + VIR_DEBUG("Setting child uid:gid to %d:%d", + (int)cmd->uid, (int)cmd->gid); + if (virSetUIDGID(cmd->uid, cmd->gid) < 0)