[libvirt] [PATCH] virt-admin: Properly fix the default session daemon URI to admin server
Commit 30ce2f0e tried to fix the issue with an incorrect session URI to admin server but it messed up the checks: if (geteuid == 0 && VIR_STRDUP(*uristr, "libvirtd:///system") < 0) return -1; else if (VIR_STRDUP(*uristr, "libvirtd:///session") < 0) return -1; So if a client executed with root privileges tries to connect, its euid is checked (true) and the correct URI is successfully copied to @uristr (false), therefore the 'else' branch is taken and @uristr is replaced by the session URI which for root results in: Failed to connect socket to '/root/.cache/libvirt/libvirt-admin-sock': No such file or directory Signed-off-by: Erik Skultety <eskultet@redhat.com> --- src/libvirt-admin.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/libvirt-admin.c b/src/libvirt-admin.c index 4552e84..03245b6 100644 --- a/src/libvirt-admin.c +++ b/src/libvirt-admin.c @@ -179,11 +179,13 @@ virAdmGetDefaultURI(virConfPtr conf, char **uristr) * we set the default admin server URI to 'libvirtd:///system' or * 'libvirtd:///session' depending on the process's EUID. */ - if (geteuid() == 0 && - VIR_STRDUP(*uristr, "libvirtd:///system") < 0) + if (geteuid() == 0) { + if (VIR_STRDUP(*uristr, "libvirtd:///system") < 0) return -1; - else if (VIR_STRDUP(*uristr, "libvirtd:///session") < 0) + } else { + if (VIR_STRDUP(*uristr, "libvirtd:///session") < 0) return -1; + } } } -- 2.5.5
On Tue, Aug 09, 2016 at 15:43:57 +0200, Erik Skultety wrote:
Commit 30ce2f0e tried to fix the issue with an incorrect session URI to admin server but it messed up the checks:
if (geteuid == 0 && VIR_STRDUP(*uristr, "libvirtd:///system") < 0) return -1; else if (VIR_STRDUP(*uristr, "libvirtd:///session") < 0) return -1;
So if a client executed with root privileges tries to connect, its euid is checked (true) and the correct URI is successfully copied to @uristr (false), therefore the 'else' branch is taken and @uristr is replaced by the session URI which for root results in: Failed to connect socket to '/root/.cache/libvirt/libvirt-admin-sock': No such file or directory
Signed-off-by: Erik Skultety <eskultet@redhat.com> --- src/libvirt-admin.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)
ACK Jirka
On 09/08/16 16:04, Jiri Denemark wrote:
On Tue, Aug 09, 2016 at 15:43:57 +0200, Erik Skultety wrote:
Commit 30ce2f0e tried to fix the issue with an incorrect session URI to admin server but it messed up the checks:
if (geteuid == 0 && VIR_STRDUP(*uristr, "libvirtd:///system") < 0) return -1; else if (VIR_STRDUP(*uristr, "libvirtd:///session") < 0) return -1;
So if a client executed with root privileges tries to connect, its euid is checked (true) and the correct URI is successfully copied to @uristr (false), therefore the 'else' branch is taken and @uristr is replaced by the session URI which for root results in: Failed to connect socket to '/root/.cache/libvirt/libvirt-admin-sock': No such file or directory
Signed-off-by: Erik Skultety <eskultet@redhat.com> --- src/libvirt-admin.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)
ACK
Jirka
Thanks, pushed. Erik
participants (2)
-
Erik Skultety -
Jiri Denemark