Re: [libvirt] [PATCH] Solaris least privilege support
On Thu, Jan 15, 2009 at 09:19:39AM -0800, john.levon(a)sun.com wrote:
# HG changeset patch
# User john.levon(a)sun.com
# Date 1232039546 28800
# Node ID b9d4d60bca87633897cb133461e1415d1223c823
# Parent 25a0c46588d5de1653b16dfed6bc357abf11db77
Solaris least privilege support
On Solaris dom0, virtd runs as a privilege barrier: all libvirt
connections are routed through it, and it performs the relevant
privilege checks for any clients.
This looks fine to me except that chunk:
@@ -2417,6 +2493,20 @@ int main(int argc, char **argv) {
sig_action.sa_handler = SIG_IGN;
sigaction(SIGPIPE, &sig_action, NULL);
+ /* Change the group ownership of /var/run/libvirt to unix_sock_gid */
+ if (geteuid () == 0) {
+ const char *rundir = LOCAL_STATE_DIR "/run/libvirt";
+
+ if (mkdir (rundir, 0755)) {
+ if (errno != EEXIST) {
+ VIR_ERROR0 (_("unable to create rundir"));
+ return (-1);
+ }
+ }
+ }
+
+ qemudSetupPrivs(server);
+
The comment and the code don't seems to match, and it seems to me
that this code would fail except in the first time the daemon is
launched because mkdir /var/run/libvirt will return -1 and errno EEXIST
in all following cases. I'm worried about this,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/