[libvirt] [PATCH 03/11] Include process start time when doing polkit checks
Daniel P. Berrange
berrange at redhat.com
Thu May 2 12:07:15 UTC 2013
On Thu, May 02, 2013 at 01:03:41PM +0100, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" <berrange at redhat.com>
>
> Since PIDs can be reused, polkit prefers to be given
> a (PID,start time) pair. If given a PID on its own,
> it will attempt to lookup the start time in /proc/pid/stat,
> though this is subject to races.
>
> It is safer if the client app resolves the PID start
> time itself, because as long as the app has the client
> socket open, the client PID won't be reused.
>
> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
> +#elif defined(__FreeBSD__)
> +int virProcessGetStartTime(pid_t pid,
> + unsigned long long *timestamp)
> +{
> + struct kinfo_proc p;
> + int mib[4];
> + size_t len = 4;
> +
> + sysctlnametomib("kern.proc.pid", mib, &len);
> +
> + len = sizeof(struct kinfo_proc);
> + mib[3] = pid;
> +
> + if (sysctl(mib, 4, p, &len, NULL, 0) < 0) {
> + virReportSystemError(errno, "%s",
> + _("Unable to query process ID start time"));
> + return -1;
> + }
> +
> + *timestamp = (unsigned long long)p.ki_start.tv_sec;
> +
> + return 0;
> +
> +}
> +#else
Note this BSD specific code block has not even been compile tested.
It is just copied from the polkit codebase with minimal conversion
to libvirt standards.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list