mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-10-30 01:43:23 +00:00
Added config params to customize UNIX sock perms & ownership
This commit is contained in:
parent
8f4e48edff
commit
e1f4399150
@ -1,3 +1,10 @@
|
|||||||
|
Tue Sep 18 22:22:00 EST 2007 Daniel P. Berrange <berrange@redhat.com>
|
||||||
|
|
||||||
|
* qemud/qemud.c: Allow customization of UNIX socket permissions
|
||||||
|
and group ownership from config file
|
||||||
|
* docs/libvir.html: Added docs on UNIX socket perms & group owner
|
||||||
|
config parameters
|
||||||
|
|
||||||
Tue Sep 18 21:34:00 EST 2007 Daniel P. Berrange <berrange@redhat.com>
|
Tue Sep 18 21:34:00 EST 2007 Daniel P. Berrange <berrange@redhat.com>
|
||||||
|
|
||||||
* configure.in: Added checks for locating Avahi.
|
* configure.in: Added checks for locating Avahi.
|
||||||
|
@ -2210,6 +2210,34 @@ Blank lines and comments beginning with <code>#</code> are ignored.
|
|||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td> unix_sock_group <i>"groupname"</i> </td>
|
||||||
|
<td> "root" </td>
|
||||||
|
<td>
|
||||||
|
The UNIX group to own the UNIX domain socket. If the socket permissions allow
|
||||||
|
group access, then applications running under matching group can access the
|
||||||
|
socket. Only valid if running as root
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td> unix_sock_ro_perms <i>"octal-perms"</i> </td>
|
||||||
|
<td> "0777" </td>
|
||||||
|
<td>
|
||||||
|
The permissions for the UNIX domain socket for read-only client connections.
|
||||||
|
The default allows any user to monitor domains.
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td> unix_sock_rw_perms <i>"octal-perms"</i> </td>
|
||||||
|
<td> "0700" </td>
|
||||||
|
<td>
|
||||||
|
The permissions for the UNIX domain socket for read-write client connections.
|
||||||
|
The default allows only root to manage domains.
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
<tr>
|
<tr>
|
||||||
<td> tls_no_verify_certificate <i>[0|1]</i> </td>
|
<td> tls_no_verify_certificate <i>[0|1]</i> </td>
|
||||||
<td> 0 (certificates are verified) </td>
|
<td> 0 (certificates are verified) </td>
|
||||||
|
@ -484,6 +484,25 @@ Blank lines and comments beginning with <code>#</code> are ignored.
|
|||||||
includes the machine's short hostname. This must be unique to the
|
includes the machine's short hostname. This must be unique to the
|
||||||
local LAN segment.
|
local LAN segment.
|
||||||
</td>
|
</td>
|
||||||
|
</tr><tr><td> unix_sock_group <i>"groupname"</i> </td>
|
||||||
|
<td> "root" </td>
|
||||||
|
<td>
|
||||||
|
The UNIX group to own the UNIX domain socket. If the socket permissions allow
|
||||||
|
group access, then applications running under matching group can access the
|
||||||
|
socket. Only valid if running as root
|
||||||
|
</td>
|
||||||
|
</tr><tr><td> unix_sock_ro_perms <i>"octal-perms"</i> </td>
|
||||||
|
<td> "0777" </td>
|
||||||
|
<td>
|
||||||
|
The permissions for the UNIX domain socket for read-only client connections.
|
||||||
|
The default allows any user to monitor domains.
|
||||||
|
</td>
|
||||||
|
</tr><tr><td> unix_sock_rw_perms <i>"octal-perms"</i> </td>
|
||||||
|
<td> "0700" </td>
|
||||||
|
<td>
|
||||||
|
The permissions for the UNIX domain socket for read-write client connections.
|
||||||
|
The default allows only root to manage domains.
|
||||||
|
</td>
|
||||||
</tr><tr><td> tls_no_verify_certificate <i>[0|1]</i> </td>
|
</tr><tr><td> tls_no_verify_certificate <i>[0|1]</i> </td>
|
||||||
<td> 0 (certificates are verified) </td>
|
<td> 0 (certificates are verified) </td>
|
||||||
<td>
|
<td>
|
||||||
|
@ -48,6 +48,7 @@
|
|||||||
#include <getopt.h>
|
#include <getopt.h>
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <fnmatch.h>
|
#include <fnmatch.h>
|
||||||
|
#include <grp.h>
|
||||||
|
|
||||||
#include <libvirt/virterror.h>
|
#include <libvirt/virterror.h>
|
||||||
|
|
||||||
@ -72,6 +73,10 @@ static int listen_tcp = 0;
|
|||||||
static const char *tls_port = LIBVIRTD_TLS_PORT;
|
static const char *tls_port = LIBVIRTD_TLS_PORT;
|
||||||
static const char *tcp_port = LIBVIRTD_TCP_PORT;
|
static const char *tcp_port = LIBVIRTD_TCP_PORT;
|
||||||
|
|
||||||
|
static gid_t unix_sock_gid = 0; /* Only root by default */
|
||||||
|
static int unix_sock_rw_perms = 0700; /* Allow user only */
|
||||||
|
static int unix_sock_ro_perms = 0777; /* Allow world */
|
||||||
|
|
||||||
#ifdef HAVE_AVAHI
|
#ifdef HAVE_AVAHI
|
||||||
static int mdns_adv = 1;
|
static int mdns_adv = 1;
|
||||||
static const char *mdns_name = NULL;
|
static const char *mdns_name = NULL;
|
||||||
@ -449,6 +454,7 @@ static int qemudListenUnix(struct qemud_server *server,
|
|||||||
struct qemud_socket *sock = calloc(1, sizeof(struct qemud_socket));
|
struct qemud_socket *sock = calloc(1, sizeof(struct qemud_socket));
|
||||||
struct sockaddr_un addr;
|
struct sockaddr_un addr;
|
||||||
mode_t oldmask;
|
mode_t oldmask;
|
||||||
|
gid_t oldgrp;
|
||||||
|
|
||||||
if (!sock) {
|
if (!sock) {
|
||||||
qemudLog(QEMUD_ERR, "Failed to allocate memory for struct qemud_socket");
|
qemudLog(QEMUD_ERR, "Failed to allocate memory for struct qemud_socket");
|
||||||
@ -475,16 +481,19 @@ static int qemudListenUnix(struct qemud_server *server,
|
|||||||
addr.sun_path[0] = '\0';
|
addr.sun_path[0] = '\0';
|
||||||
|
|
||||||
|
|
||||||
if (readonly)
|
oldgrp = getgid();
|
||||||
oldmask = umask(~(S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH));
|
oldmask = umask(readonly ? ~unix_sock_ro_perms : ~unix_sock_rw_perms);
|
||||||
else
|
if (getuid() == 0)
|
||||||
oldmask = umask(~(S_IRUSR | S_IWUSR));
|
setgid(unix_sock_gid);
|
||||||
|
|
||||||
if (bind(sock->fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
|
if (bind(sock->fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
|
||||||
qemudLog(QEMUD_ERR, "Failed to bind socket to '%s': %s",
|
qemudLog(QEMUD_ERR, "Failed to bind socket to '%s': %s",
|
||||||
path, strerror(errno));
|
path, strerror(errno));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
umask(oldmask);
|
umask(oldmask);
|
||||||
|
if (getuid() == 0)
|
||||||
|
setgid(oldgrp);
|
||||||
|
|
||||||
if (listen(sock->fd, 30) < 0) {
|
if (listen(sock->fd, 30) < 0) {
|
||||||
qemudLog(QEMUD_ERR, "Failed to listen for connections on '%s': %s",
|
qemudLog(QEMUD_ERR, "Failed to listen for connections on '%s': %s",
|
||||||
@ -1556,6 +1565,43 @@ remoteReadConfigFile (const char *filename)
|
|||||||
CHECK_TYPE ("tcp_port", VIR_CONF_STRING);
|
CHECK_TYPE ("tcp_port", VIR_CONF_STRING);
|
||||||
tcp_port = p ? strdup (p->str) : tcp_port;
|
tcp_port = p ? strdup (p->str) : tcp_port;
|
||||||
|
|
||||||
|
p = virConfGetValue (conf, "unix_sock_group");
|
||||||
|
CHECK_TYPE ("unix_sock_group", VIR_CONF_STRING);
|
||||||
|
if (p && p->str) {
|
||||||
|
if (getuid() != 0) {
|
||||||
|
qemudLog (QEMUD_WARN, "Cannot set group when not running as root");
|
||||||
|
} else {
|
||||||
|
struct group *grp = getgrnam(p->str);
|
||||||
|
if (!grp) {
|
||||||
|
qemudLog (QEMUD_ERR, "Failed to lookup group '%s'", p->str);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
unix_sock_gid = grp->gr_gid;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
p = virConfGetValue (conf, "unix_sock_ro_perms");
|
||||||
|
CHECK_TYPE ("unix_sock_ro_perms", VIR_CONF_STRING);
|
||||||
|
if (p && p->str) {
|
||||||
|
char *tmp = NULL;
|
||||||
|
unix_sock_ro_perms = strtol(p->str, &tmp, 8);
|
||||||
|
if (*tmp) {
|
||||||
|
qemudLog (QEMUD_ERR, "Failed to parse mode '%s'", p->str);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
p = virConfGetValue (conf, "unix_sock_rw_perms");
|
||||||
|
CHECK_TYPE ("unix_sock_rw_perms", VIR_CONF_STRING);
|
||||||
|
if (p && p->str) {
|
||||||
|
char *tmp = NULL;
|
||||||
|
unix_sock_rw_perms = strtol(p->str, &tmp, 8);
|
||||||
|
if (*tmp) {
|
||||||
|
qemudLog (QEMUD_ERR, "Failed to parse mode '%s'", p->str);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef HAVE_AVAHI
|
#ifdef HAVE_AVAHI
|
||||||
p = virConfGetValue (conf, "mdns_adv");
|
p = virConfGetValue (conf, "mdns_adv");
|
||||||
CHECK_TYPE ("mdns_adv", VIR_CONF_LONG);
|
CHECK_TYPE ("mdns_adv", VIR_CONF_LONG);
|
||||||
|
Loading…
Reference in New Issue
Block a user