On Thu, Apr 24, 2008 at 03:04:56PM +0100, John Levon wrote:
On Thu, Apr 24, 2008 at 09:54:19AM -0400, Daniel Veillard wrote:
in general the idea of removing all those geteid() == 0 and replacing them like xenHavePrivilege() is a good one. The patch includes stuff which is not strictly related like the virsh console cleanup which should be separated.
Sure, at merge time everything will be split up appropriately. BTW, it is related very much: only xenconsole has privilege to connect to Xen consoles.
In that case we should definitel split the 'virsh console' impl out into a separate binary, so we can use the non-Xen specific codebase and stil maintain your privilege separation.
Also it seems you use some socket auth extensions to detect the uid of the other process, we do that already in qemud/qemud.c see function qemudGetSocketIdentity() , maybe we should abstract that in the util.c module and provide the _sun version there.
It's not about UID but privilege. The Identity stuff is only used under HAVE_POLKIT, so I'm not sure there's much commonality that can be abstracted. Can you describe further what you would expect it to look like?
Although we don't use the qemudGetSocketIdentity() anyway other than under the POLKIT code, this may change in the future, so it'd just be convenient to have a Solaris impl there. We can change the #if HAVE_POLKIT to be #ifdef HAVE_POLKIT || __sun, so the method is available to the privilege checking code too. Dan -- |: Red Hat, Engineering, Boston -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|