External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-09 22:45:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't allow remote driver daemon autostart when running setuid

Browse Source 
We don't want setuid programs automatically spawning libvirtd,
so disable any use of autostart when setuid.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 171bb12911)
This commit is contained in:
Daniel P. Berrange 2013-10-09 11:47:13 +01:00
parent 89b2e56d7a
commit a8813e50c2
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/remote/remote_driver.c
View File

@ -431,7 +431,7 @@ doRemoteOpen(virConnectPtr conn,
trans_tcp, trans_tcp,
} transport; } transport;
#ifndef WIN32 #ifndef WIN32
const char *daemonPath; const char *daemonPath = NULL;
#endif #endif
/* We handle *ALL* URIs here. The caller has rejected any /* We handle *ALL* URIs here. The caller has rejected any
@ -713,7 +713,8 @@ doRemoteOpen(virConnectPtr conn,
VIR_DEBUG("Proceeding with sockname %s", sockname); VIR_DEBUG("Proceeding with sockname %s", sockname);
} }
if (!(daemonPath = remoteFindDaemonPath())) { if ((flags & VIR_DRV_OPEN_REMOTE_AUTOSTART) &&
!(daemonPath = remoteFindDaemonPath())) {
virReportError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unable to locate libvirtd daemon in %s " _("Unable to locate libvirtd daemon in %s "
"(to override, set $LIBVIRTD_PATH to the " "(to override, set $LIBVIRTD_PATH to the "
@ -997,8 +998,9 @@ remoteConnectOpen(virConnectPtr conn,
getuid() > 0) { getuid() > 0) {
VIR_DEBUG("Auto-spawn user daemon instance"); VIR_DEBUG("Auto-spawn user daemon instance");
rflags |= VIR_DRV_OPEN_REMOTE_USER; rflags |= VIR_DRV_OPEN_REMOTE_USER;
if (!autostart || if (!virIsSUID() &&
STRNEQ(autostart, "0")) (!autostart ||
STRNEQ(autostart, "0")))
rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART; rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART;
} }
@ -1014,8 +1016,9 @@ remoteConnectOpen(virConnectPtr conn,
if (getuid() > 0) { if (getuid() > 0) {
VIR_DEBUG("Auto-spawn user daemon instance"); VIR_DEBUG("Auto-spawn user daemon instance");
rflags |= VIR_DRV_OPEN_REMOTE_USER; rflags |= VIR_DRV_OPEN_REMOTE_USER;
if (!autostart || if (!virIsSUID() &&
STRNEQ(autostart, "0")) (!autostart ||
STRNEQ(autostart, "0")))
rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART; rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART;
} }
#endif #endif