[libvirt] PATCH: Remove all getuid==0 checks from code
Daniel P. Berrange
berrange at redhat.com
Tue Jun 2 13:41:57 UTC 2009
On Tue, Jun 02, 2009 at 08:29:47AM -0500, Serge E. Hallyn wrote:
> Quoting Daniel P. Berrange (berrange at redhat.com):
> > This patch is preparing the way for future work on allowing the libvirtd
> > daemon to run as a less-privileged user ID. The idea is that we will
> > switch from 'root' to 'libvirtd', but use Linux capabilties to keep the
> > handful of higher privileges we need for our work. Thus any code which
> > does a check of 'getuid() == 0' is guarenteed to break [1].
> >
> > The way this patch approaches this problem, is to change the driver
> > initialization function virStateInitialize() to have it be passed in a
> > 'int privileged' flag from the libvirtd daemon. Each driver is updated
> > to record this flag, and use it for checks where needed. The only real
> > exception is the Xen driver, where we simply check access(2) against
> > the file we need to open.
>
> Hi Daniel,
>
> just a few questions:
>
> ...
>
> > diff -r 5e3b5d1f91c2 qemud/qemud.c
> ...
> > @@ -2871,7 +2870,7 @@ int main(int argc, char **argv) {
> > sigaction(SIGPIPE, &sig_action, NULL);
> >
> > /* Ensure the rundir exists (on tmpfs on some systems) */
> > - if (geteuid () == 0) {
> > + if (getuid() == 0) {
>
> Why this change?
I removed that line originally. And then put it back wrong. Will
fix that.
> > logmode = O_CREAT | O_WRONLY;
> > - if (uid != 0)
> > + /* Only logrotate files in /var/log, so only append if running privileged */
> > + if (driver->privileged)
> > + logmode |= O_APPEND;
> > + else
> > logmode |= O_TRUNC;
> > - else
> > - logmode |= O_APPEND;
>
> Hmm, so if I run as unpriv user my logfiles will always be truncated?
Yeah, when running as privileged, logs are in /var/log where a logrotate
script takes care of them. With non-privileged, we truncate because we
don't want them to grow without bound forever. Arguably we could make
this a config file option for the daemon...
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the libvir-list
mailing list