From 4387132f31d46d20b4123cafb4d511a5f3109e71 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 18 Oct 2013 14:13:19 +0200 Subject: [PATCH] security: use a single function to set DAC user and group Merge the functions 'virSecurityDACSetUser' and 'virSecurityDACSetGroup' into 'virSecurityDACSetUserAndGroup'. Signed-off-by: Giuseppe Scrivano --- src/security/security_dac.c | 24 ++++++++++++++---------- src/security/security_dac.h | 7 +++---- src/security/security_manager.c | 6 ++++-- 3 files changed, 21 insertions(+), 16 deletions(-) diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 6876bd502c..f16251cd4e 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -47,22 +47,25 @@ struct _virSecurityDACData { gid_t *groups; int ngroups; bool dynamicOwnership; + char *baselabel; }; -void -virSecurityDACSetUser(virSecurityManagerPtr mgr, - uid_t user) +/* returns -1 on error, 0 on success */ +int +virSecurityDACSetUserAndGroup(virSecurityManagerPtr mgr, + uid_t user, + gid_t group) { virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); priv->user = user; -} - -void -virSecurityDACSetGroup(virSecurityManagerPtr mgr, - gid_t group) -{ - virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); priv->group = group; + + if (virAsprintf(&priv->baselabel, "%u:%u", + (unsigned int) user, + (unsigned int) group) < 0) + return -1; + + return 0; } void @@ -217,6 +220,7 @@ virSecurityDACClose(virSecurityManagerPtr mgr) { virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); VIR_FREE(priv->groups); + VIR_FREE(priv->baselabel); return 0; } diff --git a/src/security/security_dac.h b/src/security/security_dac.h index 02432a5ad8..dbcf56fdde 100644 --- a/src/security/security_dac.h +++ b/src/security/security_dac.h @@ -25,10 +25,9 @@ extern virSecurityDriver virSecurityDriverDAC; -void virSecurityDACSetUser(virSecurityManagerPtr mgr, - uid_t user); -void virSecurityDACSetGroup(virSecurityManagerPtr mgr, - gid_t group); +int virSecurityDACSetUserAndGroup(virSecurityManagerPtr mgr, + uid_t user, + gid_t group); void virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr, bool dynamic); diff --git a/src/security/security_manager.c b/src/security/security_manager.c index 92fb504f75..0e783ee5af 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -146,8 +146,10 @@ virSecurityManagerPtr virSecurityManagerNewDAC(const char *virtDriver, if (!mgr) return NULL; - virSecurityDACSetUser(mgr, user); - virSecurityDACSetGroup(mgr, group); + if (virSecurityDACSetUserAndGroup(mgr, user, group) < 0) { + virSecurityManagerDispose(mgr); + return NULL; + } virSecurityDACSetDynamicOwnership(mgr, dynamicOwnership); return mgr;