9:03 a.m.
This is a code repetition that I crossed a few times, then
I noticed that Cole Robinson suggested a solution for it
in the wiki. Here it is.
Daniel Henrique Barboza (10):
src/driver.c: add virConnectValidateURIPath()
interface_backend_netcf.c: use virConnectValidateURIPath()
interface_backend_udev.c: use virConnectValidateURIPath()
bridge_driver.c: virConnectValidateURIPath()
node_device_driver.c: use virConnectValidateURIPath()
secret_driver.c: use virConnectValidateURIPath()
storage_driver.c: use virConnectValidateURIPath()
qemu_driver.c: use virConnectValidateURIPath()
vbox_common.c: use virConnectValidateURIPath()
vbox_driver.c: use virConnectValidateURIPath()
src/driver.c | 25 +++++++++++++++++++++++++
src/driver.h | 4 ++++
src/interface/interface_backend_netcf.c | 17 ++---------------
src/interface/interface_backend_udev.c | 17 ++---------------
src/libvirt_private.syms | 1 +
src/network/bridge_driver.c | 19 ++++---------------
src/node_device/node_device_driver.c | 17 ++---------------
src/qemu/qemu_driver.c | 20 ++++----------------
src/secret/secret_driver.c | 17 ++---------------
src/storage/storage_driver.c | 17 ++---------------
src/vbox/vbox_common.c | 16 ++--------------
src/vbox/vbox_driver.c | 16 ++--------------
12 files changed, 52 insertions(+), 134 deletions(-)
--
2.21.0
9:03 a.m.
New subject: [libvirt] [PATCH 01/10] src/driver.c: add virConnectValidateURIPath()
The code to validate the URI path is repeated across several
files. This patch creates a common validation code to be
used across all of them.
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/driver.c | 24 ++++++++++++++++++++++++
src/driver.h | 4 ++++
src/libvirt_private.syms | 1 +
3 files changed, 29 insertions(+)
diff --git a/src/driver.c b/src/driver.c
index 5e8f68f6df..e627b0c1d7 100644
--- a/src/driver.c
+++ b/src/driver.c
@@ -269,3 +269,27 @@ virSetConnectStorage(virConnectPtr conn)
VIR_DEBUG("Override storage connection with %p", conn);
return virThreadLocalSet(&connectStorage, conn);
}
+
+bool
+virConnectValidateURIPath(const char *uriPath,
+ const char *entityName,
+ bool privileged)
+{
+ if (privileged) {
+ if (STRNEQ(uriPath, "/system")) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("unexpected %s URI path '%s', try
%s:///system"),
+ entityName, uriPath, entityName);
+ return false;
+ }
+ } else {
+ if (STRNEQ(uriPath, "/session")) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("unexpected %s URI path '%s', try
%s:///session"),
+ entityName, uriPath, entityName);
+ return false;
+ }
+ }
+
+ return true;
+}
diff --git a/src/driver.h b/src/driver.h
index f7d667a03c..68c0004d86 100644
--- a/src/driver.h
+++ b/src/driver.h
@@ -127,3 +127,7 @@ int virSetConnectNWFilter(virConnectPtr conn);
int virSetConnectNodeDev(virConnectPtr conn);
int virSetConnectSecret(virConnectPtr conn);
int virSetConnectStorage(virConnectPtr conn);
+
+bool virConnectValidateURIPath(const char *uriPath,
+ const char *entityName,
+ bool privileged);
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 39812227aa..eb9c5c22ee 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1343,6 +1343,7 @@ virStreamClass;
# driver.h
+virConnectValidateURIPath;
virGetConnectInterface;
virGetConnectNetwork;
virGetConnectNodeDev;
--
2.21.0
9:03 a.m.
New subject: [libvirt] [PATCH 02/10] interface_backend_netcf.c: use virConnectValidateURIPath()
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/interface/interface_backend_netcf.c | 17 ++---------------
1 file changed, 2 insertions(+), 15 deletions(-)
diff --git a/src/interface/interface_backend_netcf.c
b/src/interface/interface_backend_netcf.c
index 9659e9fcf1..7fe8f230b6 100644
--- a/src/interface/interface_backend_netcf.c
+++ b/src/interface/interface_backend_netcf.c
@@ -200,21 +200,8 @@ netcfConnectOpen(virConnectPtr conn,
return VIR_DRV_OPEN_ERROR;
}
- if (driver->privileged) {
- if (STRNEQ(conn->uri->path, "/system")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected interface URI path '%s', try
interface:///system"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected interface URI path '%s', try
interface:///session"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path, "interface",
driver->privileged))
+ return VIR_DRV_OPEN_ERROR;
if (virConnectOpenEnsureACL(conn) < 0)
return VIR_DRV_OPEN_ERROR;
--
2.21.0
9:03 a.m.
New subject: [libvirt] [PATCH 03/10] interface_backend_udev.c: use virConnectValidateURIPath()
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/interface/interface_backend_udev.c | 17 ++---------------
1 file changed, 2 insertions(+), 15 deletions(-)
diff --git a/src/interface/interface_backend_udev.c
b/src/interface/interface_backend_udev.c
index ddc3de5347..d870e3d1b1 100644
--- a/src/interface/interface_backend_udev.c
+++ b/src/interface/interface_backend_udev.c
@@ -1250,21 +1250,8 @@ udevConnectOpen(virConnectPtr conn,
return VIR_DRV_OPEN_ERROR;
}
- if (driver->privileged) {
- if (STRNEQ(conn->uri->path, "/system")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected interface URI path '%s', try
interface:///system"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected interface URI path '%s', try
interface:///session"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path, "interface",
driver->privileged))
+ return VIR_DRV_OPEN_ERROR;
if (virConnectOpenEnsureACL(conn) < 0)
return VIR_DRV_OPEN_ERROR;
--
2.21.0
9:03 a.m.
New subject: [libvirt] [PATCH 04/10] bridge_driver.c: virConnectValidateURIPath()
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/network/bridge_driver.c | 19 ++++---------------
1 file changed, 4 insertions(+), 15 deletions(-)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index c54be96407..c617bbb58f 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -938,21 +938,10 @@ networkConnectOpen(virConnectPtr conn,
return VIR_DRV_OPEN_ERROR;
}
- if (network_driver->privileged) {
- if (STRNEQ(conn->uri->path, "/system")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected network URI path '%s', try
network:///system"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected network URI path '%s', try
network:///session"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path,
+ "network",
+ network_driver->privileged))
+ return VIR_DRV_OPEN_ERROR;
if (virConnectOpenEnsureACL(conn) < 0)
return VIR_DRV_OPEN_ERROR;
--
2.21.0
9:03 a.m.
New subject: [libvirt] [PATCH 05/10] node_device_driver.c: use virConnectValidateURIPath()
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/node_device/node_device_driver.c | 17 ++---------------
1 file changed, 2 insertions(+), 15 deletions(-)
diff --git a/src/node_device/node_device_driver.c b/src/node_device/node_device_driver.c
index 8fb00d0c86..06febacd96 100644
--- a/src/node_device/node_device_driver.c
+++ b/src/node_device/node_device_driver.c
@@ -58,21 +58,8 @@ nodeConnectOpen(virConnectPtr conn,
return VIR_DRV_OPEN_ERROR;
}
- if (driver->privileged) {
- if (STRNEQ(conn->uri->path, "/system")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected nodedev URI path '%s', try
nodedev:///system"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected nodedev URI path '%s', try
nodedev:///session"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path, "nodedev",
driver->privileged))
+ return VIR_DRV_OPEN_ERROR;
if (virConnectOpenEnsureACL(conn) < 0)
return VIR_DRV_OPEN_ERROR;
--
2.21.0
9:03 a.m.
New subject: [libvirt] [PATCH 06/10] secret_driver.c: use virConnectValidateURIPath()
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/secret/secret_driver.c | 17 ++---------------
1 file changed, 2 insertions(+), 15 deletions(-)
diff --git a/src/secret/secret_driver.c b/src/secret/secret_driver.c
index 7512a51c74..07ba679541 100644
--- a/src/secret/secret_driver.c
+++ b/src/secret/secret_driver.c
@@ -552,21 +552,8 @@ secretConnectOpen(virConnectPtr conn,
return VIR_DRV_OPEN_ERROR;
}
- if (driver->privileged) {
- if (STRNEQ(conn->uri->path, "/system")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected secret URI path '%s', try
secret:///system"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected secret URI path '%s', try
secret:///session"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path, "secret",
driver->privileged))
+ return VIR_DRV_OPEN_ERROR;
if (virConnectOpenEnsureACL(conn) < 0)
return VIR_DRV_OPEN_ERROR;
--
2.21.0
9:03 a.m.
New subject: [libvirt] [PATCH 07/10] storage_driver.c: use virConnectValidateURIPath()
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/storage/storage_driver.c | 17 ++---------------
1 file changed, 2 insertions(+), 15 deletions(-)
diff --git a/src/storage/storage_driver.c b/src/storage/storage_driver.c
index ce10b55ed0..1bec2d964f 100644
--- a/src/storage/storage_driver.c
+++ b/src/storage/storage_driver.c
@@ -411,21 +411,8 @@ storageConnectOpen(virConnectPtr conn,
return VIR_DRV_OPEN_ERROR;
}
- if (driver->privileged) {
- if (STRNEQ(conn->uri->path, "/system")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected storage URI path '%s', try
storage:///system"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected storage URI path '%s', try
storage:///session"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path, "storage",
driver->privileged))
+ return VIR_DRV_OPEN_ERROR;
if (virConnectOpenEnsureACL(conn) < 0)
return VIR_DRV_OPEN_ERROR;
--
2.21.0
9:03 a.m.
New subject: [libvirt] [PATCH 08/10] qemu_driver.c: use virConnectValidateURIPath()
The existing QEMU URI path validation considers that a
privileged user can use a "/session" URI as well. Let's update
virConnectValidateURIPath() to consider this usage, allowing us
to use the function inside qemu_driver.c.
Although the existing callers of virConnectValidateURIPath()
didn't consider that a privileged user could connect with
"/session", it is sensible to consider that this should be
the case. thus no serious harm is done.
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/driver.c | 3 ++-
src/qemu/qemu_driver.c | 20 ++++----------------
2 files changed, 6 insertions(+), 17 deletions(-)
diff --git a/src/driver.c b/src/driver.c
index e627b0c1d7..f9c41383dc 100644
--- a/src/driver.c
+++ b/src/driver.c
@@ -276,7 +276,8 @@ virConnectValidateURIPath(const char *uriPath,
bool privileged)
{
if (privileged) {
- if (STRNEQ(uriPath, "/system")) {
+ if (STRNEQ(uriPath, "/system") &&
+ STRNEQ(uriPath, "/session")) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("unexpected %s URI path '%s', try
%s:///system"),
entityName, uriPath, entityName);
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 0753904472..05025e7251 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -1295,22 +1295,10 @@ static virDrvOpenStatus qemuConnectOpen(virConnectPtr conn,
return VIR_DRV_OPEN_ERROR;
}
- if (virQEMUDriverIsPrivileged(qemu_driver)) {
- if (STRNEQ(conn->uri->path, "/system") &&
- STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected QEMU URI path '%s', try
qemu:///system"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected QEMU URI path '%s', try
qemu:///session"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path,
+ "QEMU",
+ virQEMUDriverIsPrivileged(qemu_driver)))
+ return VIR_DRV_OPEN_ERROR;
if (virConnectOpenEnsureACL(conn) < 0)
return VIR_DRV_OPEN_ERROR;
--
2.21.0
9:51 a.m.
New subject: [libvirt] [PATCH 08/10] qemu_driver.c: use virConnectValidateURIPath()
On Mon, Sep 23, 2019 at 11:03:41AM -0300, Daniel Henrique Barboza wrote:
The existing QEMU URI path validation considers that a
privileged user can use a "/session" URI as well. Let's update
virConnectValidateURIPath() to consider this usage, allowing us
to use the function inside qemu_driver.c.
Although the existing callers of virConnectValidateURIPath()
didn't consider that a privileged user could connect with
"/session", it is sensible to consider that this should be
the case. thus no serious harm is done.
That we allowed use of '/session' while connecting as root is a bug
IMHO. Ideally we're kill that off entirely, so there's potential for
us to allow a genuine session instance daemon as root at a later date.
I'm just concerned about whether there might be apps relying on this
bug.
I certainly don't want to see the bug spread across all drivers
though.
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/driver.c | 3 ++-
src/qemu/qemu_driver.c | 20 ++++----------------
2 files changed, 6 insertions(+), 17 deletions(-)
diff --git a/src/driver.c b/src/driver.c
index e627b0c1d7..f9c41383dc 100644
--- a/src/driver.c
+++ b/src/driver.c
@@ -276,7 +276,8 @@ virConnectValidateURIPath(const char *uriPath,
bool privileged)
{
if (privileged) {
- if (STRNEQ(uriPath, "/system")) {
+ if (STRNEQ(uriPath, "/system") &&
+ STRNEQ(uriPath, "/session")) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("unexpected %s URI path '%s', try
%s:///system"),
entityName, uriPath, entityName);
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 0753904472..05025e7251 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -1295,22 +1295,10 @@ static virDrvOpenStatus qemuConnectOpen(virConnectPtr conn,
return VIR_DRV_OPEN_ERROR;
}
- if (virQEMUDriverIsPrivileged(qemu_driver)) {
- if (STRNEQ(conn->uri->path, "/system") &&
- STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected QEMU URI path '%s', try
qemu:///system"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unexpected QEMU URI path '%s', try
qemu:///session"),
- conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path,
+ "QEMU",
+ virQEMUDriverIsPrivileged(qemu_driver)))
+ return VIR_DRV_OPEN_ERROR;
if (virConnectOpenEnsureACL(conn) < 0)
return VIR_DRV_OPEN_ERROR;
--
2.21.0
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
10:14 a.m.
New subject: [libvirt] [PATCH 08/10] qemu_driver.c: use virConnectValidateURIPath()
On 9/23/19 11:51 AM, Daniel P. Berrangé wrote:
On Mon, Sep 23, 2019 at 11:03:41AM -0300, Daniel Henrique Barboza
wrote:
> The existing QEMU URI path validation considers that a
> privileged user can use a "/session" URI as well. Let's update
> virConnectValidateURIPath() to consider this usage, allowing us
> to use the function inside qemu_driver.c.
>
> Although the existing callers of virConnectValidateURIPath()
> didn't consider that a privileged user could connect with
> "/session", it is sensible to consider that this should be
> the case. thus no serious harm is done.
That we allowed use of '/session' while connecting as root is a bug
IMHO. Ideally we're kill that off entirely, so there's potential for
us to allow a genuine session instance daemon as root at a later date.
I'm just concerned about whether there might be apps relying on this
bug.
In QEMU I believe this would be considered a sort of "API break",
then it would be put in a deprecation cycle and, after the cycle (last
time I checked it was about 2 years, but I might be wrong) it would be
permanently changed.
Perhaps a similar approach can be taken here in Libvirt. I mean, in
theory we could simply change it, claiming that it is a bug fix and every
other driver is forbidding root with 'session' already. In reality,
people will get mad about it ...
I certainly don't want to see the bug spread across all drivers
though.
I'll resubmit the patch series, creating a new function to emulate
the current behavior of qemu_driver, vbox_common and vbox_driver,
without changing the behavior of everyone else. I'll put a comment
in it to document the problem you mentioned above. At least
we have this issue documented in the code (perhaps a TODO/FIXME
tag is warranted?) and it's centralized in one place.
Thanks,
DHB
> Suggested-by: Cole Robinson <crobinso(a)redhat.com>
> Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
> ---
> src/driver.c | 3 ++-
> src/qemu/qemu_driver.c | 20 ++++----------------
> 2 files changed, 6 insertions(+), 17 deletions(-)
>
> diff --git a/src/driver.c b/src/driver.c
> index e627b0c1d7..f9c41383dc 100644
> --- a/src/driver.c
> +++ b/src/driver.c
> @@ -276,7 +276,8 @@ virConnectValidateURIPath(const char *uriPath,
> bool privileged)
> {
> if (privileged) {
> - if (STRNEQ(uriPath, "/system")) {
> + if (STRNEQ(uriPath, "/system") &&
> + STRNEQ(uriPath, "/session")) {
> virReportError(VIR_ERR_INTERNAL_ERROR,
> _("unexpected %s URI path '%s', try
%s:///system"),
> entityName, uriPath, entityName);
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 0753904472..05025e7251 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -1295,22 +1295,10 @@ static virDrvOpenStatus qemuConnectOpen(virConnectPtr conn,
> return VIR_DRV_OPEN_ERROR;
> }
>
> - if (virQEMUDriverIsPrivileged(qemu_driver)) {
> - if (STRNEQ(conn->uri->path, "/system") &&
> - STRNEQ(conn->uri->path, "/session")) {
> - virReportError(VIR_ERR_INTERNAL_ERROR,
> - _("unexpected QEMU URI path '%s', try
qemu:///system"),
> - conn->uri->path);
> - return VIR_DRV_OPEN_ERROR;
> - }
> - } else {
> - if (STRNEQ(conn->uri->path, "/session")) {
> - virReportError(VIR_ERR_INTERNAL_ERROR,
> - _("unexpected QEMU URI path '%s', try
qemu:///session"),
> - conn->uri->path);
> - return VIR_DRV_OPEN_ERROR;
> - }
> - }
> + if (!virConnectValidateURIPath(conn->uri->path,
> + "QEMU",
> + virQEMUDriverIsPrivileged(qemu_driver)))
> + return VIR_DRV_OPEN_ERROR;
>
> if (virConnectOpenEnsureACL(conn) < 0)
> return VIR_DRV_OPEN_ERROR;
> --
> 2.21.0
>
> --
> libvir-list mailing list
> libvir-list(a)redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
Regards,
Daniel
9:03 a.m.
New subject: [libvirt] [PATCH 09/10] vbox_common.c: use virConnectValidateURIPath()
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/vbox/vbox_common.c | 16 ++--------------
1 file changed, 2 insertions(+), 14 deletions(-)
diff --git a/src/vbox/vbox_common.c b/src/vbox/vbox_common.c
index ddabcb80ca..d3b8fb625f 100644
--- a/src/vbox/vbox_common.c
+++ b/src/vbox/vbox_common.c
@@ -517,20 +517,8 @@ vboxConnectOpen(virConnectPtr conn,
virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
- if (uid != 0) {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unknown driver path '%s' specified (try
vbox:///session)"), conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else { /* root */
- if (STRNEQ(conn->uri->path, "/system") &&
- STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unknown driver path '%s' specified (try
vbox:///system)"), conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path, "vbox", uid == 0))
+ return VIR_DRV_OPEN_ERROR;
if (!(driver = vboxGetDriverConnection()))
return VIR_DRV_OPEN_ERROR;
--
2.21.0
9:03 a.m.
New subject: [libvirt] [PATCH 10/10] vbox_driver.c: use virConnectValidateURIPath()
Suggested-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413(a)gmail.com>
---
src/vbox/vbox_driver.c | 16 ++--------------
1 file changed, 2 insertions(+), 14 deletions(-)
diff --git a/src/vbox/vbox_driver.c b/src/vbox/vbox_driver.c
index 1f31fa28df..d7e80828ab 100644
--- a/src/vbox/vbox_driver.c
+++ b/src/vbox/vbox_driver.c
@@ -58,20 +58,8 @@ static virDrvOpenStatus dummyConnectOpen(virConnectPtr conn,
virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
- if (uid != 0) {
- if (STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unknown driver path '%s' specified (try
vbox:///session)"), conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- } else { /* root */
- if (STRNEQ(conn->uri->path, "/system") &&
- STRNEQ(conn->uri->path, "/session")) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("unknown driver path '%s' specified (try
vbox:///system)"), conn->uri->path);
- return VIR_DRV_OPEN_ERROR;
- }
- }
+ if (!virConnectValidateURIPath(conn->uri->path, "vbox", uid == 0))
+ return VIR_DRV_OPEN_ERROR;
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("unable to initialize VirtualBox driver API"));
--
2.21.0
1887
days inactive
1887
days old
12 comments
2 participants
participants (2)
-
Daniel Henrique Barboza -
Daniel P. Berrangé