External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-06 14:25:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
ac0028f541
libvirt/src/util/viridentity.c

855 lines
24 KiB
C
Raw Normal View History

Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
/*
* viridentity.c: helper APIs for managing user identities
*
* Copyright (C) 2012-2013 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; If not, see
* <http://www.gnu.org/licenses/>.
*
*/
#include <config.h>
Add API to get the system identity If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 11:00:16 +00:00
#include <unistd.h>
util: generate a persistent system token When creating the system identity set the system token. The system token is currently stored in a local path /var/run/libvirt/common/system.token Obviously with only traditional UNIX DAC in effect, this is largely security through obscurity, if the client is running at the same privilege level as the daemon. It does, however, reliably distinguish an unprivileged client from the system daemons. With a MAC system like SELinux though, or possible use of containers, access can be further restricted. A possible future improvement for Linux would be to populate the kernel keyring with a secret for libvirt daemons to share. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:40:33 +00:00
#include <fcntl.h>
Fix typos s/HAVE_SELINUX/WITH_SELINUX/ The virNetSocket & virIdentity classes accidentally got some conditionals using HAVE_SELINUX instead of WITH_SELINUX. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-20 13:06:04 +00:00
#if WITH_SELINUX
Add API to get the system identity If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 11:00:16 +00:00
# include <selinux/selinux.h>
#endif
util: generate a persistent system token When creating the system identity set the system token. The system token is currently stored in a local path /var/run/libvirt/common/system.token Obviously with only traditional UNIX DAC in effect, this is largely security through obscurity, if the client is running at the same privilege level as the daemon. It does, however, reliably distinguish an unprivileged client from the system daemons. With a MAC system like SELinux though, or possible use of containers, access can be further restricted. A possible future improvement for Linux would be to populate the kernel keyring with a secret for libvirt daemons to share. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:40:33 +00:00
#define LIBVIRT_VIRIDENTITYPRIV_H_ALLOW
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
#include "internal.h"
#include "viralloc.h"
#include "virerror.h"
util: generate a persistent system token When creating the system identity set the system token. The system token is currently stored in a local path /var/run/libvirt/common/system.token Obviously with only traditional UNIX DAC in effect, this is largely security through obscurity, if the client is running at the same privilege level as the daemon. It does, however, reliably distinguish an unprivileged client from the system daemons. With a MAC system like SELinux though, or possible use of containers, access can be further restricted. A possible future improvement for Linux would be to populate the kernel keyring with a secret for libvirt daemons to share. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:40:33 +00:00
#include "viridentitypriv.h"
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
#include "virlog.h"
#include "virobject.h"
util: generate a persistent system token When creating the system identity set the system token. The system token is currently stored in a local path /var/run/libvirt/common/system.token Obviously with only traditional UNIX DAC in effect, this is largely security through obscurity, if the client is running at the same privilege level as the daemon. It does, however, reliably distinguish an unprivileged client from the system daemons. With a MAC system like SELinux though, or possible use of containers, access can be further restricted. A possible future improvement for Linux would be to populate the kernel keyring with a secret for libvirt daemons to share. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:40:33 +00:00
#include "virrandom.h"
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
#include "virthread.h"
Add API to get the system identity If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 11:00:16 +00:00
#include "virutil.h"
Adapt to VIR_STRDUP and VIR_STRNDUP in src/util/*
2013-05-24 07:19:51 +00:00
#include "virstring.h"
Ensure system identity includes process start time The polkit access driver will want to use the process start time field. This was already set for network identities, but not for the system identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-28 14:22:05 +00:00
#include "virprocess.h"
util: allow identity to be imported/exported as typed parameters Add ability to import/export all the parameters associated with an identity, so that they can be exposed via the public API. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:36:29 +00:00
#include "virtypedparam.h"
util: generate a persistent system token When creating the system identity set the system token. The system token is currently stored in a local path /var/run/libvirt/common/system.token Obviously with only traditional UNIX DAC in effect, this is largely security through obscurity, if the client is running at the same privilege level as the daemon. It does, however, reliably distinguish an unprivileged client from the system daemons. With a MAC system like SELinux though, or possible use of containers, access can be further restricted. A possible future improvement for Linux would be to populate the kernel keyring with a secret for libvirt daemons to share. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:40:33 +00:00
#include "virfile.h"
#include "configmake.h"
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
#define VIR_FROM_THIS VIR_FROM_IDENTITY
util: introduce concept of a system token into identities We want a way to distinguish between calls from a libvirt daemon, and a regular client application when both are running as the same user account. This is not possible with the current set of attributes recorded against an identity, as there is nothing that is common to all of the modular libvirt daemons, while distinct to all other processes. We thus introduce the idea of a system token, which is simply a random hex string that is only known by the libvirt daemons, to be recorded against the system identity. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-11-19 12:26:17 +00:00
#define VIR_CONNECT_IDENTITY_SYSTEM_TOKEN "system.token"
Add virLogSource variables to all source files Any source file which calls the logging APIs now needs to have a VIR_LOG_INIT("source.name") declaration at the start of the file. This provides a static variable of the virLogSource type. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-02-28 12:16:17 +00:00
VIR_LOG_INIT("util.identity");
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
struct _virIdentity {
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
GObject parent;
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
int nparams;
int maxparams;
virTypedParameterPtr params;
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
};
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT)
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
static virThreadLocal virIdentityCurrent;
util: generate a persistent system token When creating the system identity set the system token. The system token is currently stored in a local path /var/run/libvirt/common/system.token Obviously with only traditional UNIX DAC in effect, this is largely security through obscurity, if the client is running at the same privilege level as the daemon. It does, however, reliably distinguish an unprivileged client from the system daemons. With a MAC system like SELinux though, or possible use of containers, access can be further restricted. A possible future improvement for Linux would be to populate the kernel keyring with a secret for libvirt daemons to share. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:40:33 +00:00
static char *systemToken;
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
static void virIdentityFinalize(GObject *obj);
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
static void virIdentityCurrentCleanup(void *ident)
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
{
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
if (ident)
g_object_unref(ident);
}
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
static int virIdentityOnceInit(void)
{
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
if (virThreadLocalInit(&virIdentityCurrent,
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
virIdentityCurrentCleanup) < 0) {
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Cannot initialize thread local for current identity"));
return -1;
}
util: generate a persistent system token When creating the system identity set the system token. The system token is currently stored in a local path /var/run/libvirt/common/system.token Obviously with only traditional UNIX DAC in effect, this is largely security through obscurity, if the client is running at the same privilege level as the daemon. It does, however, reliably distinguish an unprivileged client from the system daemons. With a MAC system like SELinux though, or possible use of containers, access can be further restricted. A possible future improvement for Linux would be to populate the kernel keyring with a secret for libvirt daemons to share. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:40:33 +00:00
if (!(systemToken = virIdentityEnsureSystemToken()))
return -1;
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
return 0;
}
Require a semicolon for VIR_ONCE_GLOBAL_INIT calls Missing semicolon at the end of macros can confuse some analyzers (like cppcheck <filename>). VIR_ONCE_GLOBAL_INIT is almost exclusively called without an ending semicolon, but let's standardize on using one like the other macros. Add a dummy struct definition at the end of the macro, so the compiler will require callers to add a semicolon. Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Cole Robinson <crobinso@redhat.com>
2019-01-20 17:23:29 +00:00
VIR_ONCE_GLOBAL_INIT(virIdentity);
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
static void vir_identity_init(virIdentity *ident G_GNUC_UNUSED)
{
}
static void vir_identity_class_init(virIdentityClass *klass)
{
GObjectClass *obj = G_OBJECT_CLASS(klass);
obj->finalize = virIdentityFinalize;
}
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
/**
* virIdentityGetCurrent:
*
* Get the current identity associated with this thread. The
* caller will own a reference to the returned identity, but
* must not modify the object in any way, other than to
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
* release the reference when done with g_object_unref
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
*
* Returns: a reference to the current identity, or NULL
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
virIdentity *virIdentityGetCurrent(void)
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
{
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
virIdentity *ident;
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
Fix initialization of virIdentityPtr thread locals Some code mistakenly called virIdentityOnceInit directly instead of virIdentityInitialize(). This meant that one-time initializer was run many times with predictably bad results.
2013-03-21 10:58:15 +00:00
if (virIdentityInitialize() < 0)
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
return NULL;
ident = virThreadLocalGet(&virIdentityCurrent);
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
if (ident)
g_object_ref(ident);
return ident;
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
}
/**
* virIdentitySetCurrent:
*
* Set the new identity to be associated with this thread.
* The caller should not modify the passed identity after
* it has been set, other than to release its own reference.
*
* Returns 0 on success, or -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetCurrent(virIdentity *ident)
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
{
util: virIdentitySetCurrent: only unref the old identity on success In the unlikely case that we were unable to set the new identity, we would unref the old one even though it still could be in the thread-local storage. Fixes: c6825d88137cb8e4debdf4310e45ee23cb5698c0 Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-09-03 14:04:44 +00:00
virIdentity *old = NULL;
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
Fix initialization of virIdentityPtr thread locals Some code mistakenly called virIdentityOnceInit directly instead of virIdentityInitialize(). This meant that one-time initializer was run many times with predictably bad results.
2013-03-21 10:58:15 +00:00
if (virIdentityInitialize() < 0)
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
return -1;
old = virThreadLocalGet(&virIdentityCurrent);
if (virThreadLocalSet(&virIdentityCurrent,
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
ident ? g_object_ref(ident) : NULL) < 0) {
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Unable to set thread local identity"));
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
if (ident)
g_object_unref(ident);
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
return -1;
}
util: virIdentitySetCurrent: only unref the old identity on success In the unlikely case that we were unable to set the new identity, we would unref the old one even though it still could be in the thread-local storage. Fixes: c6825d88137cb8e4debdf4310e45ee23cb5698c0 Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-09-03 14:04:44 +00:00
if (old)
g_object_unref(old);
Add APIs for associating a virIdentityPtr with the current thread To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 10:53:47 +00:00
return 0;
}
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
util: helper to temporary elevate privileges of the current identity When talking to the secret driver, the callers inside libvirt daemons need to be able to run with an elevated privileges that prove the API calls are made by a libvirt daemon, not an end user application. The virIdentityElevateCurrent method will take the current identity and, if not already present, add the system token. The old current identity is returned to the caller. With the VIR_IDENTITY_AUTORESTORE annotation, the old current identity will be restored upon leaving the codeblock scope. ... early work with regular privileges ... if (something needing elevated privs) { VIR_IDENTITY_AUTORESTORE virIdentity *oldident = virIdentityElevateCurrent(); if (!oldident) return -1; ... do something with elevated privileges ... } ... later work with regular privileges ... Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-30 15:52:30 +00:00
/**
* virIdentityElevateCurrent:
*
* Set the new identity to be associated with this thread,
* to an elevated copy of the current identity. The old
* current identity is returned and should be released by
* the caller when no longer required.
*
* Returns the previous identity, or NULL on error
*/
virIdentity *virIdentityElevateCurrent(void)
{
g_autoptr(virIdentity) ident = virIdentityGetCurrent();
const char *token;
int rc;
if (!ident) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("No current identity to elevate"));
return NULL;
}
if ((rc = virIdentityGetSystemToken(ident, &token)) < 0)
return NULL;
if (rc == 0) {
g_autoptr(virIdentity) identel = virIdentityNewCopy(ident);
if (virIdentitySetSystemToken(identel, systemToken) < 0)
return NULL;
if (virIdentitySetCurrent(identel) < 0)
return NULL;
}
return g_steal_pointer(&ident);
}
void virIdentityRestoreHelper(virIdentity **identptr)
{
virIdentity *ident = *identptr;
viridentity: Fix ref/unref imbalance in VIR_IDENTITY_AUTORESTORE The basic use case of VIR_IDENTITY_AUTORESTORE() is in conjunction with virIdentityElevateCurrent(). What happens is that virIdentityElevateCurrent() gets current identity (which increases the refcounter of thread local virIdentity object) and returns a pointer to it. Later, when the variable goes out of scope the virIdentityRestoreHelper() is called which calls virIdentitySetCurrent() over the old identity. But this means that the refcounter is increased again. Therefore, we have to explicitly decrease the refcounter by calling g_object_unref(). Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-17 16:01:11 +00:00
if (ident != NULL) {
util: helper to temporary elevate privileges of the current identity When talking to the secret driver, the callers inside libvirt daemons need to be able to run with an elevated privileges that prove the API calls are made by a libvirt daemon, not an end user application. The virIdentityElevateCurrent method will take the current identity and, if not already present, add the system token. The old current identity is returned to the caller. With the VIR_IDENTITY_AUTORESTORE annotation, the old current identity will be restored upon leaving the codeblock scope. ... early work with regular privileges ... if (something needing elevated privs) { VIR_IDENTITY_AUTORESTORE virIdentity *oldident = virIdentityElevateCurrent(); if (!oldident) return -1; ... do something with elevated privileges ... } ... later work with regular privileges ... Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-30 15:52:30 +00:00
virIdentitySetCurrent(ident);
viridentity: Fix ref/unref imbalance in VIR_IDENTITY_AUTORESTORE The basic use case of VIR_IDENTITY_AUTORESTORE() is in conjunction with virIdentityElevateCurrent(). What happens is that virIdentityElevateCurrent() gets current identity (which increases the refcounter of thread local virIdentity object) and returns a pointer to it. Later, when the variable goes out of scope the virIdentityRestoreHelper() is called which calls virIdentitySetCurrent() over the old identity. But this means that the refcounter is increased again. Therefore, we have to explicitly decrease the refcounter by calling g_object_unref(). Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-17 16:01:11 +00:00
/* virIdentitySetCurrent() grabs its own reference.
* We don't need ours anymore. */
g_object_unref(ident);
}
util: helper to temporary elevate privileges of the current identity When talking to the secret driver, the callers inside libvirt daemons need to be able to run with an elevated privileges that prove the API calls are made by a libvirt daemon, not an end user application. The virIdentityElevateCurrent method will take the current identity and, if not already present, add the system token. The old current identity is returned to the caller. With the VIR_IDENTITY_AUTORESTORE annotation, the old current identity will be restored upon leaving the codeblock scope. ... early work with regular privileges ... if (something needing elevated privs) { VIR_IDENTITY_AUTORESTORE virIdentity *oldident = virIdentityElevateCurrent(); if (!oldident) return -1; ... do something with elevated privileges ... } ... later work with regular privileges ... Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-30 15:52:30 +00:00
}
util: generate a persistent system token When creating the system identity set the system token. The system token is currently stored in a local path /var/run/libvirt/common/system.token Obviously with only traditional UNIX DAC in effect, this is largely security through obscurity, if the client is running at the same privilege level as the daemon. It does, however, reliably distinguish an unprivileged client from the system daemons. With a MAC system like SELinux though, or possible use of containers, access can be further restricted. A possible future improvement for Linux would be to populate the kernel keyring with a secret for libvirt daemons to share. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:40:33 +00:00
#define TOKEN_BYTES 16
#define TOKEN_STRLEN (TOKEN_BYTES * 2)
static char *
virIdentityConstructSystemTokenPath(void)
{
g_autofree char *commondir = NULL;
if (geteuid() == 0) {
commondir = g_strdup(RUNSTATEDIR "/libvirt/common");
} else {
g_autofree char *rundir = virGetUserRuntimeDirectory();
commondir = g_strdup_printf("%s/common", rundir);
}
if (g_mkdir_with_parents(commondir, 0700) < 0) {
virReportSystemError(errno,
_("Cannot create daemon common directory '%s'"),
commondir);
return NULL;
}
return g_strdup_printf("%s/system.token", commondir);
}
char *
virIdentityEnsureSystemToken(void)
{
g_autofree char *tokenfile = virIdentityConstructSystemTokenPath();
g_autofree char *token = NULL;
VIR_AUTOCLOSE fd = -1;
struct stat st;
if (!tokenfile)
return NULL;
fd = open(tokenfile, O_RDWR|O_APPEND|O_CREAT, 0600);
if (fd < 0) {
virReportSystemError(errno,
_("Unable to open system token %s"),
tokenfile);
return NULL;
}
if (virSetCloseExec(fd) < 0) {
virReportSystemError(errno,
_("Failed to set close-on-exec flag '%s'"),
tokenfile);
return NULL;
}
if (virFileLock(fd, false, 0, 1, true) < 0) {
virReportSystemError(errno,
_("Failed to lock system token '%s'"),
tokenfile);
return NULL;
}
if (fstat(fd, &st) < 0) {
virReportSystemError(errno,
_("Failed to check system token '%s'"),
tokenfile);
return NULL;
}
/* Ok, we're the first one here, so we must populate it */
if (st.st_size == 0) {
if (!(token = virRandomToken(TOKEN_BYTES))) {
return NULL;
}
if (safewrite(fd, token, TOKEN_STRLEN) != TOKEN_STRLEN) {
virReportSystemError(errno,
_("Failed to write system token '%s'"),
tokenfile);
return NULL;
}
} else {
if (virFileReadLimFD(fd, TOKEN_STRLEN, &token) < 0) {
virReportSystemError(errno,
virIdentityEnsureSystemToken: Fix error message This appears to be a copy-paste mistake from the check directly above. Signed-off-by: Tim Wiederhake <twiederh@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-07-20 15:02:31 +00:00
_("Failed to read system token '%s'"),
util: generate a persistent system token When creating the system identity set the system token. The system token is currently stored in a local path /var/run/libvirt/common/system.token Obviously with only traditional UNIX DAC in effect, this is largely security through obscurity, if the client is running at the same privilege level as the daemon. It does, however, reliably distinguish an unprivileged client from the system daemons. With a MAC system like SELinux though, or possible use of containers, access can be further restricted. A possible future improvement for Linux would be to populate the kernel keyring with a secret for libvirt daemons to share. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:40:33 +00:00
tokenfile);
return NULL;
}
if (strlen(token) != TOKEN_STRLEN) {
virReportSystemError(errno,
_("System token in %s was corrupt"),
tokenfile);
return NULL;
}
}
return g_steal_pointer(&token);
}
Add API to get the system identity If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 11:00:16 +00:00
/**
* virIdentityGetSystem:
*
* Returns an identity that represents the system itself.
* This is the identity that the process is running as
*
* Returns a reference to the system identity, or NULL
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
virIdentity *virIdentityGetSystem(void)
Add API to get the system identity If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 11:00:16 +00:00
{
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
g_autofree char *username = NULL;
g_autofree char *groupname = NULL;
Convert callers to use typesafe APIs for setting identity attrs Update virNetServerClientCreateIdentity and virIdentityGetSystem to use the new typesafe APIs for setting identity attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:58:58 +00:00
unsigned long long startTime;
src: stop checking virIdentityNew return value This method will always succeed. Reviewed-by: Peter Krempa <pkrempa@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-08-05 18:03:19 +00:00
g_autoptr(virIdentity) ret = virIdentityNew();
Fix typos s/HAVE_SELINUX/WITH_SELINUX/ The virNetSocket & virIdentity classes accidentally got some conditionals using HAVE_SELINUX instead of WITH_SELINUX. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-20 13:06:04 +00:00
#if WITH_SELINUX
Substitute security_context_t with char * Historically, we've used security_context_t for variables passed to libselinux APIs. But almost 7 years ago, libselinux developers admitted in their API that in fact, it's just a 'char *' type [1]. Ever since then the APIs accept 'char *' instead, but they kept the old alias just for API stability. Well, not anymore [2]. 1: https://github.com/SELinuxProject/selinux/commit/9eb9c9327563014ad6a807814e7975424642d5b9 2: https://github.com/SELinuxProject/selinux/commit/7a124ca2758136f49cc38efc26fb1a2d385ecfd9 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-07-15 10:32:48 +00:00
char *con;
Add API to get the system identity If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 11:00:16 +00:00
#endif
util: set system token for system identity Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-30 15:21:59 +00:00
g_autofree char *token = NULL;
Set process ID in system identity When creating a virIdentityPtr for the system identity, include the current process ID as an attribute.
2013-06-24 13:47:31 +00:00
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
if (virIdentitySetProcessID(ret, getpid()) < 0)
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return NULL;
Ensure system identity includes process start time The polkit access driver will want to use the process start time field. This was already set for network identities, but not for the system identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-28 14:22:05 +00:00
Convert callers to use typesafe APIs for setting identity attrs Update virNetServerClientCreateIdentity and virIdentityGetSystem to use the new typesafe APIs for setting identity attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:58:58 +00:00
if (virProcessGetStartTime(getpid(), &startTime) < 0)
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return NULL;
Convert callers to use typesafe APIs for setting identity attrs Update virNetServerClientCreateIdentity and virIdentityGetSystem to use the new typesafe APIs for setting identity attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:58:58 +00:00
if (startTime != 0 &&
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
virIdentitySetProcessTime(ret, startTime) < 0)
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return NULL;
Ensure system identity includes process start time The polkit access driver will want to use the process start time field. This was already set for network identities, but not for the system identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-28 14:22:05 +00:00
Remove (nearly) all use of getuid()/getgid() Most of the usage of getuid()/getgid() is in cases where we are considering what privileges we have. As such the code should be using the effective IDs, not real IDs. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-10-09 11:13:45 +00:00
if (!(username = virGetUserName(geteuid())))
util: identity: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:55:09 +00:00
return ret;
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
if (virIdentitySetUserName(ret, username) < 0)
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return NULL;
Convert callers to use typesafe APIs for setting identity attrs Update virNetServerClientCreateIdentity and virIdentityGetSystem to use the new typesafe APIs for setting identity attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:58:58 +00:00
if (virIdentitySetUNIXUserID(ret, getuid()) < 0)
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return NULL;
Also store user & group ID values in virIdentity Future improvements to the polkit code will require access to the numeric user ID, not merely user name. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:00:01 +00:00
Remove (nearly) all use of getuid()/getgid() Most of the usage of getuid()/getgid() is in cases where we are considering what privileges we have. As such the code should be using the effective IDs, not real IDs. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-10-09 11:13:45 +00:00
if (!(groupname = virGetGroupName(getegid())))
util: identity: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:55:09 +00:00
return ret;
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
if (virIdentitySetGroupName(ret, groupname) < 0)
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return NULL;
Convert callers to use typesafe APIs for setting identity attrs Update virNetServerClientCreateIdentity and virIdentityGetSystem to use the new typesafe APIs for setting identity attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:58:58 +00:00
if (virIdentitySetUNIXGroupID(ret, getgid()) < 0)
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return NULL;
Add API to get the system identity If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 11:00:16 +00:00
Fix typos s/HAVE_SELINUX/WITH_SELINUX/ The virNetSocket & virIdentity classes accidentally got some conditionals using HAVE_SELINUX instead of WITH_SELINUX. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-20 13:06:04 +00:00
#if WITH_SELINUX
is_selinux_enabled() returns -1 on error, account for this. Per the documentation, is_selinux_enabled() returns -1 on error. Account for this. Previously when -1 was being returned the condition would still be true. I was noticing this because on my system that has selinux disabled I was getting this in the libvirt.log every 5 seconds: error : virIdentityGetSystem:173 : Unable to lookup SELinux process context: Invalid argument With this patch applied, I no longer get these messages every 5 seconds. I am submitting this in case its deemed useful for inclusion. Anyone have any comments on this change? This is a patch off current master. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-03-20 15:05:14 +00:00
if (is_selinux_enabled() > 0) {
virIdentityGetSystem: don't fail if SELinux is disabled If SELinux is compiled into libvirt but it is disabled on the host, libvirtd logs: error : virIdentityGetSystem:173 : Unable to lookup SELinux process context: Invalid argument on each and every client connection. Use is_selinux_enabled() to skip retrieval of the process's SELinux context if SELinux is disabled. Signed-off-by: Michael Chapman <mike@very.puzzling.org>
2014-03-06 06:02:48 +00:00
if (getcon(&con) < 0) {
virReportSystemError(errno, "%s",
_("Unable to lookup SELinux process context"));
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return NULL;
virIdentityGetSystem: don't fail if SELinux is disabled If SELinux is compiled into libvirt but it is disabled on the host, libvirtd logs: error : virIdentityGetSystem:173 : Unable to lookup SELinux process context: Invalid argument on each and every client connection. Use is_selinux_enabled() to skip retrieval of the process's SELinux context if SELinux is disabled. Signed-off-by: Michael Chapman <mike@very.puzzling.org>
2014-03-06 06:02:48 +00:00
}
Convert callers to use typesafe APIs for setting identity attrs Update virNetServerClientCreateIdentity and virIdentityGetSystem to use the new typesafe APIs for setting identity attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:58:58 +00:00
if (virIdentitySetSELinuxContext(ret, con) < 0) {
virIdentityGetSystem: don't fail if SELinux is disabled If SELinux is compiled into libvirt but it is disabled on the host, libvirtd logs: error : virIdentityGetSystem:173 : Unable to lookup SELinux process context: Invalid argument on each and every client connection. Use is_selinux_enabled() to skip retrieval of the process's SELinux context if SELinux is disabled. Signed-off-by: Michael Chapman <mike@very.puzzling.org>
2014-03-06 06:02:48 +00:00
freecon(con);
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return NULL;
virIdentityGetSystem: don't fail if SELinux is disabled If SELinux is compiled into libvirt but it is disabled on the host, libvirtd logs: error : virIdentityGetSystem:173 : Unable to lookup SELinux process context: Invalid argument on each and every client connection. Use is_selinux_enabled() to skip retrieval of the process's SELinux context if SELinux is disabled. Signed-off-by: Michael Chapman <mike@very.puzzling.org>
2014-03-06 06:02:48 +00:00
}
Adapt to VIR_STRDUP and VIR_STRNDUP in src/util/*
2013-05-24 07:19:51 +00:00
freecon(con);
Add API to get the system identity If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 11:00:16 +00:00
}
#endif
util: set system token for system identity Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-30 15:21:59 +00:00
if (!(token = virIdentityEnsureSystemToken()))
return NULL;
if (virIdentitySetSystemToken(ret, token) < 0)
return NULL;
util: convert virIdentity implementation and test suite to g_autoptr To simplify the later conversion from virObject to GObject, introduce the use of g_autoptr to the virIdentity implementnation and test suite. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-01 16:38:12 +00:00
return g_steal_pointer(&ret);
Add API to get the system identity If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-06 11:00:16 +00:00
}
src: add API to determine if current identity is a system identity This is essentially a way to determine if the current identity is that of another libvirt daemon. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-29 14:52:20 +00:00
/**
* virIdentityIsCurrentElevated:
*
* Determine if the current identity has elevated privileges.
* This indicates that it was invoked on behalf of the
* user by a libvirt daemon.
*
* Returns: true if elevated
*/
int virIdentityIsCurrentElevated(void)
{
g_autoptr(virIdentity) current = virIdentityGetCurrent();
const char *currentToken = NULL;
int rv;
if (!current) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("No current identity"));
return -1;
}
rv = virIdentityGetSystemToken(current, &currentToken);
if (rv <= 0)
return rv;
return STREQ_NULLABLE(currentToken, systemToken);
}
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
/**
* virIdentityNew:
*
* Creates a new empty identity object. After creating, one or
* more identifying attributes should be set on the identity.
*
* Returns: a new empty identity
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
virIdentity *virIdentityNew(void)
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
{
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
return VIR_IDENTITY(g_object_new(VIR_TYPE_IDENTITY, NULL));
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
}
util: add API for copying identity objects Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-04-30 15:46:15 +00:00
/**
* virIdentityNewCopy:
*
* Creates a new identity object that is a deep copy of an
* existing identity.
*
* Returns: a copy of the source identity
*/
virIdentity *virIdentityNewCopy(virIdentity *src)
{
g_autoptr(virIdentity) ident = virIdentityNew();
if (virTypedParamsCopy(&ident->params, src->params, src->nparams) < 0)
return NULL;
ident->nparams = src->nparams;
ident->maxparams = src->nparams;
return g_steal_pointer(&ident);
}
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
static void virIdentityFinalize(GObject *object)
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
{
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
virIdentity *ident = VIR_IDENTITY(object);
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
virTypedParamsFree(ident->params, ident->nparams);
util: convert virIdentity class to use GObject Converting from virObject to GObject is reasonably straightforward, as illustrated by this patch for virIdentity In the header file - Remove typedef struct _virIdentity virIdentity - Add #define VIR_TYPE_IDENTITY virIdentity_get_type () G_DECLARE_FINAL_TYPE (virIdentity, vir_identity, VIR, IDENTITY, GObject); Which provides the typedef we just removed, and class declaration boilerplate and various other constants/macros. In the source file - Change 'virObject parent' to 'GObject parent' in the struct - Remove the virClass variable and its initializing call - Add G_DEFINE_TYPE(virIdentity, vir_identity, G_TYPE_OBJECT) which declares the instance & class constructor functions - Add an impl of the instance & class constructors wiring up the finalize method to point to our dispose impl In all files - Replace VIR_AUTOUNREF(virIdentityPtr) with g_autoptr(virIdentity) - Replace virObjectRef/Unref with g_object_ref/unref. Note the latter functions do *NOT* accept a NULL object where as libvirt's do. If you replace g_object_unref with g_clear_object it is NULL safe, but also clears the pointer. Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-19 14:38:03 +00:00
G_OBJECT_CLASS(vir_identity_parent_class)->finalize(object);
Define internal APIs for managing identities Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-01-20 17:49:32 +00:00
}
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
/*
* Returns: 0 if not present, 1 if present, -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetUserName(virIdentity *ident,
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
const char **username)
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
*username = NULL;
return virTypedParamsGetString(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_USER_NAME,
username);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
/*
* Returns: 0 if not present, 1 if present, -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetUNIXUserID(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
uid_t *uid)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
unsigned long long val;
int rc;
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
*uid = -1;
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
rc = virTypedParamsGetULLong(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_UNIX_USER_ID,
&val);
if (rc <= 0)
return rc;
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
*uid = (uid_t)val;
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
return 1;
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
/*
* Returns: 0 if not present, 1 if present, -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetGroupName(virIdentity *ident,
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
const char **groupname)
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
*groupname = NULL;
return virTypedParamsGetString(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_GROUP_NAME,
groupname);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
/*
* Returns: 0 if not present, 1 if present, -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetUNIXGroupID(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
gid_t *gid)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
unsigned long long val;
int rc;
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
*gid = -1;
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
rc = virTypedParamsGetULLong(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_UNIX_GROUP_ID,
&val);
if (rc <= 0)
return rc;
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
*gid = (gid_t)val;
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
return 1;
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
/*
* Returns: 0 if not present, 1 if present, -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetProcessID(virIdentity *ident,
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
pid_t *pid)
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
long long val;
int rc;
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
*pid = 0;
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
rc = virTypedParamsGetLLong(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_PROCESS_ID,
&val);
if (rc <= 0)
return rc;
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
*pid = (pid_t)val;
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
return 1;
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
/*
* Returns: 0 if not present, 1 if present, -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetProcessTime(virIdentity *ident,
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
unsigned long long *timestamp)
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
{
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
*timestamp = 0;
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
return virTypedParamsGetULLong(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_PROCESS_TIME,
timestamp);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
/*
* Returns: 0 if not present, 1 if present, -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetSASLUserName(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
const char **username)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
*username = NULL;
return virTypedParamsGetString(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_SASL_USER_NAME,
username);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
/*
* Returns: 0 if not present, 1 if present, -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetX509DName(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
const char **dname)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
*dname = NULL;
return virTypedParamsGetString(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_X509_DISTINGUISHED_NAME,
dname);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: sanitize return values for virIdentity getters The virIdentity getters are unusual in that they return -1 to indicate "not found" and don't report any error. Change them to return -1 for real errors, 0 for not found, and 1 for success. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 15:30:57 +00:00
/*
* Returns: 0 if not present, 1 if present, -1 on error
*/
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetSELinuxContext(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
const char **context)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
*context = NULL;
return virTypedParamsGetString(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_SELINUX_CONTEXT,
context);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: introduce concept of a system token into identities We want a way to distinguish between calls from a libvirt daemon, and a regular client application when both are running as the same user account. This is not possible with the current set of attributes recorded against an identity, as there is nothing that is common to all of the modular libvirt daemons, while distinct to all other processes. We thus introduce the idea of a system token, which is simply a random hex string that is only known by the libvirt daemons, to be recorded against the system identity. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-11-19 12:26:17 +00:00
int virIdentityGetSystemToken(virIdentity *ident,
const char **token)
{
*token = NULL;
return virTypedParamsGetString(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_SYSTEM_TOKEN,
token);
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetUserName(virIdentity *ident,
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
const char *username)
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_USER_NAME)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
return -1;
}
return virTypedParamsAddString(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_USER_NAME,
username);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetUNIXUserID(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
uid_t uid)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_UNIX_USER_ID)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
return -1;
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
}
util: identity: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:55:09 +00:00
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
return virTypedParamsAddULLong(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_UNIX_USER_ID,
uid);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetGroupName(virIdentity *ident,
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
const char *groupname)
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_GROUP_NAME)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
return -1;
}
return virTypedParamsAddString(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_GROUP_NAME,
groupname);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetUNIXGroupID(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
gid_t gid)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_UNIX_GROUP_ID)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
return -1;
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
}
util: identity: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:55:09 +00:00
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
return virTypedParamsAddULLong(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_UNIX_GROUP_ID,
gid);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetProcessID(virIdentity *ident,
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
pid_t pid)
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_PROCESS_ID)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
return -1;
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
}
util: identity: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:55:09 +00:00
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
return virTypedParamsAddLLong(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_PROCESS_ID,
pid);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetProcessTime(virIdentity *ident,
util: change identity class attribute names Remove the "UNIX" tag from the names for user name, group name, process ID and process time, since these attributes are all usable for non-UNIX platforms like Windows. User ID and group ID are left with a "UNIX" tag, since there's no equivalent on Windows. The closest equivalent concept on Windows, SID, is a struct containing a number of integer fields, which is commonly represented in string format instead. This would require a separate attribute, and is left for a future exercise, since the daemons are not currently built on Windows anyway. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 10:59:15 +00:00
unsigned long long timestamp)
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_PROCESS_TIME)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
return -1;
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
}
util: identity: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:55:09 +00:00
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
return virTypedParamsAddULLong(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_PROCESS_TIME,
timestamp);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetSASLUserName(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
const char *username)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_SASL_USER_NAME)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
return -1;
}
return virTypedParamsAddString(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_SASL_USER_NAME,
username);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetX509DName(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
const char *dname)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_X509_DISTINGUISHED_NAME)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
return -1;
}
return virTypedParamsAddString(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_X509_DISTINGUISHED_NAME,
dname);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetSELinuxContext(virIdentity *ident,
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
const char *context)
{
util: store identity attrs as virTypedParameter internally We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:27:25 +00:00
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_SELINUX_CONTEXT)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
return -1;
}
return virTypedParamsAddString(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_SELINUX_CONTEXT,
context);
Add typesafe APIs for virIdentity attributes Instead of requiring the caller to format to/from strings, add typesafe APIs todo this work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-22 15:43:35 +00:00
}
util: allow identity to be imported/exported as typed parameters Add ability to import/export all the parameters associated with an identity, so that they can be exposed via the public API. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:36:29 +00:00
util: introduce concept of a system token into identities We want a way to distinguish between calls from a libvirt daemon, and a regular client application when both are running as the same user account. This is not possible with the current set of attributes recorded against an identity, as there is nothing that is common to all of the modular libvirt daemons, while distinct to all other processes. We thus introduce the idea of a system token, which is simply a random hex string that is only known by the libvirt daemons, to be recorded against the system identity. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-11-19 12:26:17 +00:00
int virIdentitySetSystemToken(virIdentity *ident,
const char *token)
{
if (virTypedParamsGet(ident->params,
ident->nparams,
VIR_CONNECT_IDENTITY_SYSTEM_TOKEN)) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("Identity attribute is already set"));
return -1;
}
return virTypedParamsAddString(&ident->params,
&ident->nparams,
&ident->maxparams,
VIR_CONNECT_IDENTITY_SYSTEM_TOKEN,
token);
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentitySetParameters(virIdentity *ident,
util: allow identity to be imported/exported as typed parameters Add ability to import/export all the parameters associated with an identity, so that they can be exposed via the public API. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:36:29 +00:00
virTypedParameterPtr params,
int nparams)
{
if (virTypedParamsValidate(params, nparams,
VIR_CONNECT_IDENTITY_USER_NAME,
VIR_TYPED_PARAM_STRING,
VIR_CONNECT_IDENTITY_UNIX_USER_ID,
VIR_TYPED_PARAM_ULLONG,
VIR_CONNECT_IDENTITY_GROUP_NAME,
VIR_TYPED_PARAM_STRING,
VIR_CONNECT_IDENTITY_UNIX_GROUP_ID,
VIR_TYPED_PARAM_ULLONG,
VIR_CONNECT_IDENTITY_PROCESS_ID,
VIR_TYPED_PARAM_LLONG,
VIR_CONNECT_IDENTITY_PROCESS_TIME,
VIR_TYPED_PARAM_ULLONG,
VIR_CONNECT_IDENTITY_SASL_USER_NAME,
VIR_TYPED_PARAM_STRING,
VIR_CONNECT_IDENTITY_X509_DISTINGUISHED_NAME,
VIR_TYPED_PARAM_STRING,
VIR_CONNECT_IDENTITY_SELINUX_CONTEXT,
VIR_TYPED_PARAM_STRING,
util: introduce concept of a system token into identities We want a way to distinguish between calls from a libvirt daemon, and a regular client application when both are running as the same user account. This is not possible with the current set of attributes recorded against an identity, as there is nothing that is common to all of the modular libvirt daemons, while distinct to all other processes. We thus introduce the idea of a system token, which is simply a random hex string that is only known by the libvirt daemons, to be recorded against the system identity. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-11-19 12:26:17 +00:00
VIR_CONNECT_IDENTITY_SYSTEM_TOKEN,
VIR_TYPED_PARAM_STRING,
util: allow identity to be imported/exported as typed parameters Add ability to import/export all the parameters associated with an identity, so that they can be exposed via the public API. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:36:29 +00:00
NULL) < 0)
return -1;
virTypedParamsFree(ident->params, ident->nparams);
ident->params = NULL;
ident->nparams = 0;
ident->maxparams = 0;
if (virTypedParamsCopy(&ident->params, params, nparams) < 0)
return -1;
ident->nparams = nparams;
ident->maxparams = nparams;
return 0;
}
lib: Drop internal virXXXPtr typedefs Historically, we declared pointer type to our types: typedef struct _virXXX virXXX; typedef virXXX *virXXXPtr; But usefulness of such declaration is questionable, at best. Unfortunately, we can't drop every such declaration - we have to carry some over, because they are part of public API (e.g. virDomainPtr). But for internal types - we can do drop them and use what every other C project uses 'virXXX *'. This change was generated by a very ugly shell script that generated sed script which was then called over each file in the repository. For the shell script refer to the cover letter: https://listman.redhat.com/archives/libvir-list/2021-March/msg00537.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-03-11 07:16:13 +00:00
int virIdentityGetParameters(virIdentity *ident,
util: allow identity to be imported/exported as typed parameters Add ability to import/export all the parameters associated with an identity, so that they can be exposed via the public API. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-26 15:36:29 +00:00
virTypedParameterPtr *params,
int *nparams)
{
*params = NULL;
*nparams = 0;
if (virTypedParamsCopy(params, ident->params, ident->nparams) < 0)
return -1;
*nparams = ident->nparams;
return 0;
}
Reference in New Issue Copy Permalink