[libvirt] Pass additional environmental variables
Sean Noonan
stnoonan at obsolescence.net
Tue Aug 12 19:09:52 UTC 2014
We're using sasl+gssapi+kerberos to do authentication for libvirt,
including from hypervisor to hypervisor. However, the environmental
variable filtering implemented in libvirt prevents this from working, so
we're forced to run a locally patched version.
Thoughts on the following patch to pass the location of the local
credential cache as well?
--- a/src/util/vircommand.c 2014-01-07 14:14:11.388934108 +0000
+++ b/src/util/vircommand.c 2014-01-07 14:18:14.725082505 +0000
@@ -1314,6 +1314,7 @@
virCommandAddEnvPair(cmd, "LC_ALL", "C");
+ virCommandAddEnvPassBlockSUID(cmd, "KRB5CCNAME", NULL);
virCommandAddEnvPassBlockSUID(cmd, "LD_PRELOAD", NULL);
virCommandAddEnvPassBlockSUID(cmd, "LD_LIBRARY_PATH", NULL);
virCommandAddEnvPassBlockSUID(cmd, "PATH", "/bin:/usr/bin");
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140812/e9e6aef0/attachment-0001.htm>
More information about the libvir-list
mailing list