[libvirt] [PATCH 11/15] qemu: let virCommand set child process security labels/uid/gid

[Daniel P. Berrange]

On Thu, Feb 07, 2013 at 04:37:52PM -0500, Laine Stump wrote:
> The qemu driver had been calling virSecurityManagerSetProcessLabel()
> from a "pre-exec hook" function that is run after the child is forked,
> but before exec'ing qemu. This is problematic because the uid and gid
> of the child are set by the security driver, but capabilities are
> dropped by virCommand - such separation doesn't work; the two
> operations must be done together or the capabilities do not transfer
> properly to the child process.
> 
> This patch switches to using virSecurityManagerSetChildProcessLabel(),
> which is called prior to virCommandRun() (rather than being called
> *during* virCommandrun() by the hook function), and doesn't set the
> UID/GID/security label directly, but instead merely informs virCommand
> what it should set them all to when the time is appropriate.
> 
> This lets virCommand choose to do the uid/gid and caps dropping all at
> the same time if it wants (it does *want* to, but isn't doing so yet;
> that's for an upcoming patch).
> ---
>  src/qemu/qemu_process.c | 12 +++++++-----
>  1 file changed, 7 insertions(+), 5 deletions(-)

ACK


Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|