Remove (nearly) all use of getuid()/getgid()

Most of the usage of getuid()/getgid() is in cases where we are
considering what privileges we have. As such the code should be
using the effective IDs, not real IDs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 9b0af09240)

src/libvirt.c

@@ -133,7 +133,7 @@ static int virConnectAuthGainPolkit(const char *privilege) {
     int status;
     int ret = -1;
 
-    if (getuid() == 0)
+    if (geteuid() == 0)
         return 0;
 
     cmd = virCommandNewArgList(POLKIT_AUTH, "--obtain", privilege, NULL);

src/locking/lock_daemon.c

@@ -1167,7 +1167,7 @@ int main(int argc, char **argv) {
         {0, 0, 0, 0}
     };
 
-    privileged = getuid() == 0;
+    privileged = geteuid() == 0;
 
     if (setlocale(LC_ALL, "") == NULL ||
         bindtextdomain(PACKAGE, LOCALEDIR) == NULL ||

src/locking/lock_driver_lockd.c

@@ -302,7 +302,7 @@ virLockManagerLockDaemonConnect(virLockManagerPtr lock,
 {
     virNetClientPtr client;
 
-    if (!(client = virLockManagerLockDaemonConnectionNew(getuid() == 0, program)))
+    if (!(client = virLockManagerLockDaemonConnectionNew(geteuid() == 0, program)))
         return NULL;
 
     if (virLockManagerLockDaemonConnectionRegister(lock,
@@ -331,7 +331,7 @@ static int virLockManagerLockDaemonSetupLockspace(const char *path)
     memset(&args, 0, sizeof(args));
     args.path = (char*)path;
 
-    if (!(client = virLockManagerLockDaemonConnectionNew(getuid() == 0, &program)))
+    if (!(client = virLockManagerLockDaemonConnectionNew(geteuid() == 0, &program)))
         return -1;
 
     if (virNetClientProgramCall(program,

src/lxc/lxc_controller.c

@@ -2346,7 +2346,7 @@ int main(int argc, char *argv[])
         goto cleanup;
     }
 
-    if (getuid() != 0) {
+    if (geteuid() != 0) {
         fprintf(stderr, "%s: must be run as the 'root' user\n", argv[0]);
         goto cleanup;
     }

src/qemu/qemu_driver.c

@@ -2786,8 +2786,8 @@ qemuOpenFileAs(uid_t fallback_uid, gid_t fallback_gid,
     unsigned int vfoflags = 0;
     int fd = -1;
     int path_shared = virStorageFileIsSharedFS(path);
-    uid_t uid = getuid();
+    uid_t uid = geteuid();
-    gid_t gid = getgid();
+    gid_t gid = getegid();
 
     /* path might be a pre-existing block dev, in which case
      * we need to skip the create step, and also avoid unlink
@@ -2827,7 +2827,7 @@ qemuOpenFileAs(uid_t fallback_uid, gid_t fallback_gid,
                qemu user is non-root, just set a flag to
                bypass security driver shenanigans, and retry the operation
                after doing setuid to qemu user */
-            if ((fd != -EACCES && fd != -EPERM) || fallback_uid == getuid())
+            if ((fd != -EACCES && fd != -EPERM) || fallback_uid == geteuid())
                 goto error;
 
             /* On Linux we can also verify the FS-type of the directory. */

src/remote/remote_driver.c

@@ -995,7 +995,7 @@ remoteConnectOpen(virConnectPtr conn,
          (strstr(conn->uri->scheme, "+unix") != NULL)) &&
         (STREQ(conn->uri->path, "/session") ||
          STRPREFIX(conn->uri->scheme, "test+")) &&
-        getuid() > 0) {
+        geteuid() > 0) {
         VIR_DEBUG("Auto-spawn user daemon instance");
         rflags |= VIR_DRV_OPEN_REMOTE_USER;
         if (!virIsSUID() &&
@@ -1013,7 +1013,7 @@ remoteConnectOpen(virConnectPtr conn,
     if (!conn->uri) {
         VIR_DEBUG("Auto-probe remote URI");
 #ifndef __sun
-        if (getuid() > 0) {
+        if (geteuid() > 0) {
             VIR_DEBUG("Auto-spawn user daemon instance");
             rflags |= VIR_DRV_OPEN_REMOTE_USER;
             if (!virIsSUID() &&

src/storage/storage_backend.c

@@ -527,11 +527,11 @@ virStorageBackendCreateExecCommand(virStoragePoolObjPtr pool,
     bool filecreated = false;
 
     if ((pool->def->type == VIR_STORAGE_POOL_NETFS)
-        && (((getuid() == 0)
+        && (((geteuid() == 0)
              && (vol->target.perms.uid != (uid_t) -1)
              && (vol->target.perms.uid != 0))
             || ((vol->target.perms.gid != (gid_t) -1)
-                && (vol->target.perms.gid != getgid())))) {
+                && (vol->target.perms.gid != getegid())))) {
 
         virCommandSetUID(cmd, vol->target.perms.uid);
         virCommandSetGID(cmd, vol->target.perms.gid);

src/storage/storage_backend_fs.c

@@ -786,9 +786,9 @@ virStorageBackendFileSystemBuild(virConnectPtr conn ATTRIBUTE_UNUSED,
 
     /* Reflect the actual uid and gid to the config. */
     if (pool->def->target.perms.uid == (uid_t) -1)
-        pool->def->target.perms.uid = getuid();
+        pool->def->target.perms.uid = geteuid();
     if (pool->def->target.perms.gid == (gid_t) -1)
-        pool->def->target.perms.gid = getgid();
+        pool->def->target.perms.gid = getegid();
 
     if (flags != 0) {
         ret = virStorageBackendMakeFileSystem(pool, flags);

src/storage/storage_backend_logical.c

@@ -719,7 +719,7 @@ virStorageBackendLogicalCreateVol(virConnectPtr conn,
         goto error;
 
     /* We can only chown/grp if root */
-    if (getuid() == 0) {
+    if (geteuid() == 0) {
         if (fchown(fd, vol->target.perms.uid, vol->target.perms.gid) < 0) {
             virReportSystemError(errno,
                                  _("cannot set file owner '%s'"),

src/util/virfile.c

@@ -1457,8 +1457,8 @@ virFileAccessibleAs(const char *path, int mode,
     gid_t *groups;
     int ngroups;
 
-    if (uid == getuid() &&
+    if (uid == geteuid() &&
-        gid == getgid())
+        gid == getegid())
         return access(path, mode);
 
     ngroups = virGetGroupList(uid, gid, &groups);
@@ -1750,9 +1750,9 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
 
     /* allow using -1 to mean "current value" */
     if (uid == (uid_t) -1)
-        uid = getuid();
+        uid = geteuid();
     if (gid == (gid_t) -1)
-        gid = getgid();
+        gid = getegid();
 
     /* treat absence of both flags as presence of both for simpler
      * calling. */
@@ -1760,7 +1760,7 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
         flags |= VIR_FILE_OPEN_NOFORK|VIR_FILE_OPEN_FORK;
 
     if ((flags & VIR_FILE_OPEN_NOFORK)
-        || (getuid() != 0)
+        || (geteuid() != 0)
         || ((uid == 0) && (gid == 0))) {
 
         if ((fd = open(path, openflags, mode)) < 0) {
@@ -1871,12 +1871,12 @@ virDirCreate(const char *path,
 
     /* allow using -1 to mean "current value" */
     if (uid == (uid_t) -1)
-        uid = getuid();
+        uid = geteuid();
     if (gid == (gid_t) -1)
-        gid = getgid();
+        gid = getegid();
 
     if ((!(flags & VIR_DIR_CREATE_AS_UID))
-        || (getuid() != 0)
+        || (geteuid() != 0)
         || ((uid == 0) && (gid == 0))
         || ((flags & VIR_DIR_CREATE_ALLOW_EXIST) && (stat(path, &st) >= 0))) {
         return virDirCreateNoFork(path, mode, uid, gid, flags);

src/util/viridentity.c

@@ -157,14 +157,14 @@ virIdentityPtr virIdentityGetSystem(void)
         virAsprintf(&processtime, "%llu", timestamp) < 0)
         goto cleanup;
 
-    if (!(username = virGetUserName(getuid())))
+    if (!(username = virGetUserName(geteuid())))
         goto cleanup;
-    if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
+    if (virAsprintf(&userid, "%d", (int)geteuid()) < 0)
         goto cleanup;
 
-    if (!(groupname = virGetGroupName(getgid())))
+    if (!(groupname = virGetGroupName(getegid())))
         goto cleanup;
-    if (virAsprintf(&groupid, "%d", (int)getgid()) < 0)
+    if (virAsprintf(&groupid, "%d", (int)getegid()) < 0)
         goto cleanup;
 
 #if WITH_SELINUX

src/util/virstoragefile.c

@@ -572,7 +572,7 @@ virFindBackingFile(const char *start, bool start_is_dir, const char *path,
         goto cleanup;
     }
 
-    if (virFileAccessibleAs(combined, F_OK, getuid(), getgid()) < 0) {
+    if (virFileAccessibleAs(combined, F_OK, geteuid(), getegid()) < 0) {
         virReportSystemError(errno,
                              _("Cannot access backing file '%s'"),
                              combined);

src/vbox/vbox_driver.c

@@ -153,7 +153,7 @@ static virDrvOpenStatus vboxConnectOpen(virConnectPtr conn,
                                         virConnectAuthPtr auth ATTRIBUTE_UNUSED,
                                         unsigned int flags)
 {
-    uid_t uid = getuid();
+    uid_t uid = geteuid();
 
     virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
 

src/vbox/vbox_tmpl.c

@@ -999,7 +999,7 @@ static virDrvOpenStatus vboxConnectOpen(virConnectPtr conn,
                                         unsigned int flags)
 {
     vboxGlobalData *data = NULL;
-    uid_t uid = getuid();
+    uid_t uid = geteuid();
 
     virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
 

tests/qemumonitortestutils.c

@@ -785,7 +785,7 @@ qemuMonitorCommonTestNew(virDomainXMLOptionPtr xmlopt,
             goto error;
     }
 
-    if (virNetSocketNewListenUNIX(path, 0700, getuid(), getgid(),
+    if (virNetSocketNewListenUNIX(path, 0700, geteuid(), getegid(),
                                   &test->server) < 0)
         goto error;
 

tests/virnetsockettest.c

@@ -220,7 +220,7 @@ static int testSocketUNIXAccept(const void *data ATTRIBUTE_UNUSED)
     if (virAsprintf(&path, "%s/test.sock", tmpdir) < 0)
         goto cleanup;
 
-    if (virNetSocketNewListenUNIX(path, 0700, -1, getgid(), &lsock) < 0)
+    if (virNetSocketNewListenUNIX(path, 0700, -1, getegid(), &lsock) < 0)
         goto cleanup;
 
     if (virNetSocketListen(lsock, 0) < 0)
@@ -270,7 +270,7 @@ static int testSocketUNIXAddrs(const void *data ATTRIBUTE_UNUSED)
     if (virAsprintf(&path, "%s/test.sock", tmpdir) < 0)
         goto cleanup;
 
-    if (virNetSocketNewListenUNIX(path, 0700, -1, getgid(), &lsock) < 0)
+    if (virNetSocketNewListenUNIX(path, 0700, -1, getegid(), &lsock) < 0)
         goto cleanup;
 
     if (STRNEQ(virNetSocketLocalAddrString(lsock), "127.0.0.1;0")) {