[Libguestfs] [PATCH] daemon: always provide stdin when running chroot commands (RHBZ#1280029)
Richard W.M. Jones
rjones at redhat.com
Tue Dec 1 16:58:11 UTC 2015
On Tue, Dec 01, 2015 at 03:59:56PM +0100, Mateusz Guzik wrote:
> CHROOT_IN/OUT around commandvf are definitely problematic. chroot should be
> done in the child, which also removes the need to chroot out in the
> parent.
The CHROOT_IN/OUT business does need to be rewritten. Every
instance where we currently do something like:
CHROOT_IN;
r = stat (fd, &statbuf);
CHROOT_OUT
[https://github.com/libguestfs/libguestfs/blob/master/daemon/stat.c#L93-L95]
should instead be forking a subprocess, chrooting in the subprocess,
and doing the system call in the subprocess.
The problem which makes it not so easy is that instead of using a nice
local variable, we would have to pass back the result from a
subprocess to the parent process (the pair (r, statbuf) in the above
example).
So that means .. a pipe, and serializing the result down the pipe.
The good news is that since this all runs on the same machine in the
same compiled program, it's quite acceptable to dump a C struct into
the pipe.
But it's still a lot of work .. patches welcome of course.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html
More information about the Libguestfs
mailing list