[libvirt] [PATCH] Solaris least privilege support

Daniel P. Berrange berrange at redhat.com
Thu Jan 15 15:34:11 UTC 2009


On Thu, Jan 15, 2009 at 12:57:49PM +0000, John Levon wrote:
> > > +#ifdef __sun
> > > +    /*
> > > +     * On Solaris, all clients are forced to go via virtd. As a result,
> > > +     * virtd must indicate it really does want to connect to the
> > > +     * hypervisor.
> > > +     */
> > > +    name = "xen:///";
> > > +#endif
> > 
> > This should not be neccessary if the client end + drivers are
> > correctly written.
> 
> Can you explain a bit more? Why don't we need to rewrite the URI as xen?
> 
> > If you want Xen to always go via the demon, the only change that should
> > be required, is to make xenUnifiedOpen() return VIR_DRV_OPEN_DECLINED.
> 
> Hmm, yes you might be right. Let me experiment.

There's three scenarios to worry about:

 1. uri == NULL or ""
 2. uri == "xen:///"  or "xen+unix:///"
 3. uri == "remote:///" or "remote+unix:///"

First of all, in the client case assume that Xen driver has 
neccessary smart to decline the first two URIs, and it trivially
ignores the 3rd case already

Now the open request proceeds to the remote driver, which
is happy to accept all 3 of these URIs I've outlined
above. It looks at the URI, strips out any bits that are
relevant to its own use (eg remove the +unix bit, or any
query parameters). It thus builds a URI to pass to the
remote daemon. In the 3 examples above, the URIs which
remote_internal.c builds to pass to the daemon over the
wire are:

 1. ""
 2. "xen:///"
 3. ""

So, inside the daemon, when virConnectOpen is run, all three
of those URIs will happily be accepted by the Xen driver & thus
the code to force 'name = "xen:///"'  in qemud/remote.c is not
required.

Tthe key really thing you need to ensure that all Xen calls
take place inside the daemon, is simply to make sure the Xen
driver always returns VIR_DRV_OPEN_DECLINED for non-daemon
open calls. Everything else should 'just work'

Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|




More information about the libvir-list mailing list