[libvirt] [PATCH] initgroups() in qemudOpenAsUID()

Daniel P. Berrange berrange at redhat.com
Mon Oct 18 09:47:21 UTC 2010 

On Sun, Oct 17, 2010 at 10:58:55PM +0200, Dan Kenigsberg wrote:
> qemudOpenAsUID is intended to open a file with the credentials of a
> specified uid. Current implementation fails if the file is accessible to
> one of uid's groups but not owned by uid.
> 
> This patch replaces the supplementary group list that the child process
> inherited from libvirtd with the default group list of uid.
> ---
>  src/qemu/qemu_driver.c |   16 ++++++++++++++++
>  1 files changed, 16 insertions(+), 0 deletions(-)
> 
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 0ce2d40..a1027d4 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -6353,6 +6353,7 @@ parent_cleanup:
>      char *buf = NULL;
>      size_t bufsize = 1024 * 1024;
>      int bytesread;
> +    struct passwd *pwd;
>  
>      /* child doesn't need the read side of the pipe */
>      close(pipefd[0]);
> @@ -6365,6 +6366,21 @@ parent_cleanup:
>          goto child_cleanup;
>      }
>  
> +    /* we can avoid getpwuid_r() in threadless child */
> +    if ((pwd = getpwuid(uid)) == NULL) {

That may be so, but you're going to hit a 'make syntax-check' failure
here, and we don't want to whitelist the entire qemu_driver.c file
to get past it.

> +        exit_code = errno;
> +        virReportSystemError(errno,
> +                             _("cannot setuid(%d) to read '%s'"),
> +                             uid, path);
> +        goto child_cleanup;
> +    }
> +    if (initgroups(pwd->pw_name, pwd->pw_gid) != 0) {
> +        exit_code = errno;
> +        virReportSystemError(errno,
> +                             _("cannot setuid(%d) to read '%s'"),
> +                             uid, path);
> +        goto child_cleanup;
> +    }
>      if (setuid(uid) != 0) {
>          exit_code = errno;
>          virReportSystemError(errno,


Regards,
Daniel
-- 
|: Red Hat, Engineering, London    -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org        -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

More information about the libvir-list mailing list