Re: [libvirt-users] Obtaining the PID of a domain's QEMU process from C
On 3/9/19 1:14 PM, Peter Crowther wrote:
Use a tiny setuid C program that reads the relevant file and writes
it to a
known UNIX-domain socket that has more liberal permissions?
Indeed this is a possibility, but I was hoping for a cleaner solution
that fit in with libvirt's existing authentication mechanisms.
I wouldn't expect this to end up being supported in libvirt,
though there's nothing to stop you creating your own patched version.
That's a shame, but it's certainly not the end of the world.
I may end up running my daemon as root, forking before dropping
privileges, and using the child to open the files and pass them
to the parent using SCM_RIGHTS or something.
Thanks,
Shawn