On 5/7/21 6:24 PM, Daniel P. Berrangé wrote:
When fetching the value of a private secret, we need to use an elevated identity otherwise the secret driver will deny access.
When using the modular daemons, the elevated identity needs to be active before the secret driver connection is opened, and it will apply to all APIs calls made on that conncetion.
When using the monolithic daemon, the identity at time of opening the connection is ignored, and the elevated identity needs to be active precisely at the time the virSecretGetValue API call is made.
After acquiring the secret value, the elevated identity should be cleared.
This sounds complex, but is fairly straightfoward with the automatic cleanup callbacks.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/libxl/libxl_conf.c | 5 +++++ src/qemu/qemu_domain.c | 11 ++++++++++- src/qemu/qemu_tpm.c | 5 +++++ src/storage/storage_backend_iscsi.c | 5 +++++ src/storage/storage_backend_iscsi_direct.c | 5 +++++ src/storage/storage_backend_rbd.c | 5 +++++ src/storage/storage_util.c | 5 +++++ 7 files changed, 40 insertions(+), 1 deletion(-)
After this, I see qemuxml2argv test crash (because of NULL passed to open() in the area I'm raising in 03/10). With the fix I'm suggesting I see a different error: internal error: No current identity to elevate That's because we failed to initialize identity. Unfortunately, I will have to leave this up to you. Michal