External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-03 19:45:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Replace all remaining setgid/setuid calls with virSetUIDGID

Browse Source 
Two additional places need initgroups call to properly work in an
environment where the UID is allowed to open/create stuff through its
supplementary groups.
This commit is contained in:
Jiri Denemark 2011-05-22 17:05:07 +03:00
parent 4dd9c16161
commit 5e09aea7b0
2 changed files with 4 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/storage/storage_backend.c
View File

@ -535,20 +535,9 @@ static int virStorageBuildSetUIDHook(void *data) {
if (tmp->skip) if (tmp->skip)
return 0; return 0;
if ((vol->target.perms.gid != -1) if (virSetUIDGID(vol->target.perms.uid, vol->target.perms.gid) < 0)
&& (setgid(vol->target.perms.gid) != 0)) {
virReportSystemError(errno,
_("Cannot set gid to %u before creating %s"),
vol->target.perms.gid, vol->target.path);
return -1; return -1;
}
if ((vol->target.perms.uid != -1)
&& (setuid(vol->target.perms.uid) != 0)) {
virReportSystemError(errno,
_("Cannot set uid to %u before creating %s"),
vol->target.perms.uid, vol->target.path);
return -1;
}
return 0; return 0;
} }

22
src/util/util.c
View File

@ -1476,18 +1476,8 @@ parenterror:
/* set desired uid/gid, then attempt to create the file */ /* set desired uid/gid, then attempt to create the file */
if ((gid != 0) && (setgid(gid) != 0)) { if (virSetUIDGID(uid, gid) < 0) {
ret = -errno; ret = -errno;
virReportSystemError(errno,
_("cannot set gid %u creating '%s'"),
(unsigned int) gid, path);
goto childerror;
}
if ((uid != 0) && (setuid(uid) != 0)) {
ret = -errno;
virReportSystemError(errno,
_("cannot set uid %u creating '%s'"),
(unsigned int) uid, path);
goto childerror; goto childerror;
} }
if ((fd = open(path, openflags, mode)) < 0) { if ((fd = open(path, openflags, mode)) < 0) {
@ -1595,16 +1585,8 @@ parenterror:
/* set desired uid/gid, then attempt to create the directory */ /* set desired uid/gid, then attempt to create the directory */
if ((gid != 0) && (setgid(gid) != 0)) { if (virSetUIDGID(uid, gid) < 0) {
ret = -errno; ret = -errno;
virReportSystemError(errno, _("cannot set gid %u creating '%s'"),
(unsigned int) gid, path);
goto childerror;
}
if ((uid != 0) && (setuid(uid) != 0)) {
ret = -errno;
virReportSystemError(errno, _("cannot set uid %u creating '%s'"),
(unsigned int) uid, path);
goto childerror; goto childerror;
} }
if (mkdir(path, mode) < 0) { if (mkdir(path, mode) < 0) {