[libvirt PATCH v2 09/10] src: elevate current identity privilege when fetching secret
Michal Prívozník
mprivozn at redhat.com
Mon May 10 11:32:20 UTC 2021
On 5/7/21 6:24 PM, Daniel P. Berrangé wrote:
> When fetching the value of a private secret, we need to use an elevated
> identity otherwise the secret driver will deny access.
>
> When using the modular daemons, the elevated identity needs to be active
> before the secret driver connection is opened, and it will apply to all
> APIs calls made on that conncetion.
>
> When using the monolithic daemon, the identity at time of opening the
> connection is ignored, and the elevated identity needs to be active
> precisely at the time the virSecretGetValue API call is made.
>
> After acquiring the secret value, the elevated identity should be
> cleared.
>
> This sounds complex, but is fairly straightfoward with the automatic
> cleanup callbacks.
>
> Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
> ---
> src/libxl/libxl_conf.c | 5 +++++
> src/qemu/qemu_domain.c | 11 ++++++++++-
> src/qemu/qemu_tpm.c | 5 +++++
> src/storage/storage_backend_iscsi.c | 5 +++++
> src/storage/storage_backend_iscsi_direct.c | 5 +++++
> src/storage/storage_backend_rbd.c | 5 +++++
> src/storage/storage_util.c | 5 +++++
> 7 files changed, 40 insertions(+), 1 deletion(-)
>
After this, I see qemuxml2argv test crash (because of NULL passed to
open() in the area I'm raising in 03/10). With the fix I'm suggesting I
see a different error:
internal error: No current identity to elevate
That's because we failed to initialize identity. Unfortunately, I will
have to leave this up to you.
Michal
More information about the libvir-list
mailing list