[libvirt] [PATCH v3 1/2] security: also parse user/group names instead of just IDs for DAC labels

Eric Blake eblake at redhat.com
Thu Oct 4 23:46:31 UTC 2012 

On 10/02/2012 11:57 AM, Marcelo Cerri wrote:
> The DAC driver is missing parsing of group and user names for DAC labels
> and currently just parses uid and gid. This patch extends it to support
> names, so the following security label definition is now valid:
> 
>   <seclabel type='static' model='dac' relabel='yes'>
>       <label>qemu:qemu</label>
>       <imagelabel>qemu:qemu</imagelabel>
>   </seclabel>
> 
> When it tries to parse an owner or a group, it first tries to resolve it as
> a name, if it fails or it's an invalid user/group name then it tries to
> parse it as an UID or GID. A leading '+' can also be used for both owner and
> group to force it to be parsed as IDs, so the following example is also
> valid:
> 
>   <seclabel type='static' model='dac' relabel='yes'>
>       <label>+101:+101</label>
>       <imagelabel>+101:+101</imagelabel>
>   </seclabel>
> 

Yuck.  With this patch, I'm seeing lots of ugly error messages in the log:

2012-10-04 22:59:52.584+0000: 9225: error : virGetUserID:2535 : Failed
to find user record for name '0': Success

I think the correct fix is to move this logic...

> +    /* Parse owner */
> +    if (*owner == '+') {
> +        if (virStrToLong_ui(++owner, NULL, 10, &theuid) < 0) {
> +            virReportError(VIR_ERR_INVALID_ARG,
> +                           _("Invalid uid \"%s\" in DAC label \"%s\""),
> +                           owner, label);
> +            goto cleanup;
> +        }
> +    } else {
> +        if (virGetUserID(owner, &theuid) < 0 &&
> +            virStrToLong_ui(owner, NULL, 10, &theuid) < 0) {
> +            virReportError(VIR_ERR_INVALID_ARG,
> +                           _("Invalid owner \"%s\" in DAC label \"%s\""),
> +                           owner, label);
> +            goto cleanup;
> +        }
>      }

...out of security_dac.c and into src/util/util.c:virGetUserID(), so
that we are consistently parsing in this manner for ALL places where we
convert a string into a user id, and also so that virGetUserID will quit
logging such a bogus error message when it fails to find a given id
string that happens to be a valid number.

Likewise for virGetGroupID.

-- 
Eric Blake   eblake at redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 617 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20121004/2bb62cf7/attachment-0001.sig>

More information about the libvir-list mailing list