On 12/14/2012 11:06 AM, Roman Bogorodskiy wrote:
This adds an implementation of virNetSocketGetUNIXIdentity() using LOCAL_PEERCRED socket option and xucred struct, defined in <sys/ucred.h> on systems that have it. --- configure.ac | 3 ++- src/rpc/virnetsocket.c | 30 +++++++++++++++++++++++++++++- 2 files changed, 31 insertions(+), 2 deletions(-)
Purely additive, and since <sys/ucred.h> does not exist on Linux, it looks low enough risk to take prior to the release. ACK and pushed.
diff --git a/configure.ac b/configure.ac index bf32f95..1cb9e91 100644 --- a/configure.ac +++ b/configure.ac @@ -187,7 +187,8 @@ LIBS=$old_libs dnl Availability of various common headers (non-fatal if missing). AC_CHECK_HEADERS([pwd.h paths.h regex.h sys/un.h \ sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h \ - sys/un.h sys/syscall.h netinet/tcp.h ifaddrs.h libtasn1.h]) + sys/un.h sys/syscall.h netinet/tcp.h ifaddrs.h libtasn1.h \ + sys/ucred.h]) dnl Check whether endian provides handy macros. AC_CHECK_DECLS([htole64], [], [], [[#include <endian.h>]])
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index a1b64d7..70c621f 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -35,6 +35,10 @@ # include <netinet/tcp.h> #endif
+#ifdef HAVE_SYS_UCRED_H +# include <sys/ucred.h> +#endif + #include "c-ctype.h" #include "virnetsocket.h" #include "util.h" @@ -1091,7 +1095,7 @@ int virNetSocketGetPort(virNetSocketPtr sock) }
-#ifdef SO_PEERCRED +#if defined(SO_PEERCRED)
This hunk is not necessary...
int virNetSocketGetUNIXIdentity(virNetSocketPtr sock, uid_t *uid, gid_t *gid, @@ -1115,6 +1119,30 @@ int virNetSocketGetUNIXIdentity(virNetSocketPtr sock, virMutexUnlock(&sock->lock); return 0; } +#elif defined(LOCAL_PEERCRED)
...but I see why you did it for consistency, so I didn't change it.
+int virNetSocketGetUNIXIdentity(virNetSocketPtr sock, + uid_t *uid, + gid_t *gid, + pid_t *pid) +{ + struct xucred cr; + socklen_t cr_len = sizeof(cr); + virMutexLock(&sock->lock); + + if (getsockopt(sock->fd, SOL_SOCKET, LOCAL_PEERCRED, &cr, &cr_len) < 0) { + virReportSystemError(errno, "%s", + _("Failed to get client socket identity")); + virMutexUnlock(&sock->lock); + return -1; + } + + *pid = -1; + *uid = cr.cr_uid; + *gid = cr.cr_gid; + + virMutexUnlock(&sock->lock); + return 0; +} #else int virNetSocketGetUNIXIdentity(virNetSocketPtr sock ATTRIBUTE_UNUSED, uid_t *uid ATTRIBUTE_UNUSED,
-- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org