[libvirt] [PATCH v2 0/3] Define XDG variables for hypervisor domains
v1 here: https://www.redhat.com/archives/libvir-list/2019-March/msg00323.html since v1: As per conversation with Dan P.B: - dropped XDG setting (apart from XDG_CACHE_HOME - we need that) for session QEMU - dropped setting HOME for session mode (HOME is passed from the session) - dropped previous patch 2 and decomposed the original patch into 2 units So for v2, this is what the settings will look like: system QEMU: HOME=/var/lib/libvirt/qemu/domain-5-f-live \ XDG_DATA_HOME=/var/lib/libvirt/qemu/domain-5-f-live/.local/share \ XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain-5-f-live/.cache \ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain-5-f-live/.config \ session QEMU: XDG_CACHE_HOME=/home/eskultet/.config/libvirt/qemu/lib/domain-4-f-live/.cache \ NOTE: This version doesn't contain the test changes in order to bring down the patch size, so this won't compile, if you want to try it, see my github with full changeset: https://github.com/eskultety/libvirt/tree/xdg-vars Travis build: https://travis-ci.org/eskultety/libvirt/builds/503560867 Erik Skultety (3): util: command: Introduce virCommandAddEnvXDG helper qemu: command: Enforce setting XDG variables for system QEMU qemu: command: Override HOME variable for system QEMU src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 17 +++++++++++++++++ src/util/vircommand.c | 21 +++++++++++++++++++++ src/util/vircommand.h | 2 ++ 4 files changed, 41 insertions(+) -- 2.20.1
Some modules/libraries within QEMU could make use of the XDG_ vars when writing their data to the disk. Define the most common XDG variables and point them to the specific driver's libDir, i.e. XDG_CACHE_HOME -> /var/lib/libvirt/<driver>/.cache XDG_DATA_HOME -> /var/lib/libvirt/<driver>/.local/share XDG_CONFIG_HOME -> /var/lib/libvirt/<driver>/.config Signed-off-by: Erik Skultety <eskultet@redhat.com> --- src/libvirt_private.syms | 1 + src/util/vircommand.c | 21 +++++++++++++++++++++ src/util/vircommand.h | 2 ++ 3 files changed, 24 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index d2a240fc7a..92e21d3939 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1628,6 +1628,7 @@ virCommandAddEnvPassAllowSUID; virCommandAddEnvPassBlockSUID; virCommandAddEnvPassCommon; virCommandAddEnvString; +virCommandAddEnvXDG; virCommandAllowCap; virCommandClearCaps; virCommandDaemonize; diff --git a/src/util/vircommand.c b/src/util/vircommand.c index 84a65a2f6d..15e2f0ef1e 100644 --- a/src/util/vircommand.c +++ b/src/util/vircommand.c @@ -1483,6 +1483,27 @@ virCommandAddEnvPassCommon(virCommandPtr cmd) virCommandAddEnvPassBlockSUID(cmd, "TMPDIR", NULL); } + +void +virCommandAddEnvXDG(virCommandPtr cmd, const char *baseDir) +{ + if (!cmd || cmd->has_error) + return; + + if (VIR_RESIZE_N(cmd->env, cmd->maxenv, cmd->nenv, 3) < 0) { + cmd->has_error = ENOMEM; + return; + } + + virCommandAddEnvFormat(cmd, "XDG_DATA_HOME=%s/%s", + baseDir, ".local/share"); + virCommandAddEnvFormat(cmd, "XDG_CACHE_HOME=%s/%s", + baseDir, ".cache"); + virCommandAddEnvFormat(cmd, "XDG_CONFIG_HOME=%s/%s", + baseDir, ".config"); +} + + /** * virCommandAddArg: * @cmd: the command to modify diff --git a/src/util/vircommand.h b/src/util/vircommand.h index 99849051f8..efdc5dd00d 100644 --- a/src/util/vircommand.h +++ b/src/util/vircommand.h @@ -122,6 +122,8 @@ void virCommandAddEnvPassAllowSUID(virCommandPtr cmd, void virCommandAddEnvPassCommon(virCommandPtr cmd); +void virCommandAddEnvXDG(virCommandPtr cmd, const char *baseDir); + void virCommandAddArg(virCommandPtr cmd, const char *val) ATTRIBUTE_NONNULL(2); -- 2.20.1
On Fri, Mar 08, 2019 at 01:00:47PM +0100, Erik Skultety wrote:
Some modules/libraries within QEMU could make use of the XDG_ vars when writing their data to the disk. Define the most common XDG variables and point them to the specific driver's libDir, i.e.
XDG_CACHE_HOME -> /var/lib/libvirt/<driver>/.cache XDG_DATA_HOME -> /var/lib/libvirt/<driver>/.local/share XDG_CONFIG_HOME -> /var/lib/libvirt/<driver>/.config
Signed-off-by: Erik Skultety <eskultet@redhat.com> --- src/libvirt_private.syms | 1 + src/util/vircommand.c | 21 +++++++++++++++++++++ src/util/vircommand.h | 2 ++ 3 files changed, 24 insertions(+)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
For session mode, only XDG_CACHE_HOME is set, because we want to remain integrating with services in user session, but for system mode, this would have become reading/writing to '/' which carries the obvious issue with permissions (also, '/' is the wrong location in 99.9% cases anyway). Signed-off-by: Erik Skultety <eskultet@redhat.com> --- src/qemu/qemu_command.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 3a2ec7f26c..23be0d8554 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -10658,6 +10658,22 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, virCommandAddEnvPassCommon(cmd); + /* For system QEMU we want to set both HOME and all the XDG variables to + * libDir/qemu otherwise apps QEMU links to might try to access the default + * home dir '/' which would always result in a permission issue. + * + * For session QEMU, we only want to set XDG_CACHE_HOME as cache data + * may be purged at any time and that should not affect any app. We + * do want VMs to integrate with services in user's session so we're + * not re-setting any other env variables + */ + if (!driver->privileged) { + virCommandAddEnvFormat(cmd, "XDG_CACHE_HOME=%s/%s", + priv->libDir, ".cache"); + } else { + virCommandAddEnvXDG(cmd, priv->libDir); + } + if (qemuBuildNameCommandLine(cmd, cfg, def, qemuCaps) < 0) goto error; -- 2.20.1
On Fri, Mar 08, 2019 at 01:00:48PM +0100, Erik Skultety wrote:
For session mode, only XDG_CACHE_HOME is set, because we want to remain integrating with services in user session, but for system mode, this would have become reading/writing to '/' which carries the obvious issue with permissions (also, '/' is the wrong location in 99.9% cases anyway).
Signed-off-by: Erik Skultety <eskultet@redhat.com> --- src/qemu/qemu_command.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> (with the test cases that have been snipped) Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
By default, qemu user's home dir points to '/' which shouldn't be used at all. We therefore pass the HOME variable from the current variable iff not running as SUID, which means that for systemd we never set it. This patch makes sure, that for system QEMU this is always set to libDir/<driver>, session mode is left untouched. Signed-off-by: Erik Skultety <eskultet@redhat.com> --- src/qemu/qemu_command.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 23be0d8554..26c36d2e19 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -10671,6 +10671,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, virCommandAddEnvFormat(cmd, "XDG_CACHE_HOME=%s/%s", priv->libDir, ".cache"); } else { + virCommandAddEnvPair(cmd, "HOME", priv->libDir); virCommandAddEnvXDG(cmd, priv->libDir); } -- 2.20.1
On Fri, Mar 08, 2019 at 01:00:49PM +0100, Erik Skultety wrote:
By default, qemu user's home dir points to '/' which shouldn't be used at all. We therefore pass the HOME variable from the current variable iff not running as SUID, which means that for systemd we never set it. This patch makes sure, that for system QEMU this is always set to libDir/<driver>, session mode is left untouched.
Signed-off-by: Erik Skultety <eskultet@redhat.com> --- src/qemu/qemu_command.c | 1 + 1 file changed, 1 insertion(+)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Fri, Mar 08, 2019 at 01:00:46PM +0100, Erik Skultety wrote:
v1 here: https://www.redhat.com/archives/libvir-list/2019-March/msg00323.html
since v1: As per conversation with Dan P.B: - dropped XDG setting (apart from XDG_CACHE_HOME - we need that) for session QEMU - dropped setting HOME for session mode (HOME is passed from the session) - dropped previous patch 2 and decomposed the original patch into 2 units
So for v2, this is what the settings will look like:
system QEMU: HOME=/var/lib/libvirt/qemu/domain-5-f-live \ XDG_DATA_HOME=/var/lib/libvirt/qemu/domain-5-f-live/.local/share \ XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain-5-f-live/.cache \ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain-5-f-live/.config \
session QEMU: XDG_CACHE_HOME=/home/eskultet/.config/libvirt/qemu/lib/domain-4-f-live/.cache \
NOTE: This version doesn't contain the test changes in order to bring down the patch size, so this won't compile, if you want to try it, see my github with full changeset: https://github.com/eskultety/libvirt/tree/xdg-vars
Travis build: https://travis-ci.org/eskultety/libvirt/builds/503560867
ping Erik
participants (2)
-
Daniel P. Berrangé -
Erik Skultety