|
 |
adeaf8 |
From 2fb7c4d202da975a1498fd205cc3e1bc49595d3c Mon Sep 17 00:00:00 2001
|
|
|
adeaf8 |
From: "Daniel P. Berrange" <berrange@redhat.com>
|
|
|
adeaf8 |
Date: Thu, 22 Aug 2013 16:00:01 +0100
|
|
|
adeaf8 |
Subject: [PATCH] Also store user & group ID values in virIdentity
|
|
|
adeaf8 |
|
|
|
adeaf8 |
Future improvements to the polkit code will require access to
|
|
|
adeaf8 |
the numeric user ID, not merely user name.
|
|
|
adeaf8 |
|
|
|
adeaf8 |
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
adeaf8 |
(cherry picked from commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176)
|
|
|
adeaf8 |
---
|
|
|
adeaf8 |
src/rpc/virnetserverclient.c | 18 ++++++++++++++++++
|
|
|
adeaf8 |
src/util/viridentity.c | 23 +++++++++++++++++++----
|
|
|
adeaf8 |
src/util/viridentity.h | 2 ++
|
|
|
adeaf8 |
3 files changed, 39 insertions(+), 4 deletions(-)
|
|
|
adeaf8 |
|
|
|
adeaf8 |
diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
|
|
|
adeaf8 |
index 83d5cf1..19c4100 100644
|
|
|
adeaf8 |
--- a/src/rpc/virnetserverclient.c
|
|
|
adeaf8 |
+++ b/src/rpc/virnetserverclient.c
|
|
|
adeaf8 |
@@ -652,7 +652,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
|
|
|
adeaf8 |
char *processid = NULL;
|
|
|
adeaf8 |
char *processtime = NULL;
|
|
|
adeaf8 |
char *username = NULL;
|
|
|
adeaf8 |
+ char *userid = NULL;
|
|
|
adeaf8 |
char *groupname = NULL;
|
|
|
adeaf8 |
+ char *groupid = NULL;
|
|
|
adeaf8 |
#if WITH_SASL
|
|
|
adeaf8 |
char *saslname = NULL;
|
|
|
adeaf8 |
#endif
|
|
|
adeaf8 |
@@ -672,8 +674,12 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
|
|
|
adeaf8 |
|
|
|
adeaf8 |
if (!(username = virGetUserName(uid)))
|
|
|
adeaf8 |
goto cleanup;
|
|
|
adeaf8 |
+ if (virAsprintf(&userid, "%d", (int)uid) < 0)
|
|
|
adeaf8 |
+ goto cleanup;
|
|
|
adeaf8 |
if (!(groupname = virGetGroupName(gid)))
|
|
|
adeaf8 |
goto cleanup;
|
|
|
adeaf8 |
+ if (virAsprintf(&userid, "%d", (int)gid) < 0)
|
|
|
adeaf8 |
+ goto cleanup;
|
|
|
adeaf8 |
if (virAsprintf(&processid, "%llu",
|
|
|
adeaf8 |
(unsigned long long)pid) < 0)
|
|
|
adeaf8 |
goto cleanup;
|
|
|
adeaf8 |
@@ -710,11 +716,21 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_UNIX_USER_NAME,
|
|
|
adeaf8 |
username) < 0)
|
|
|
adeaf8 |
goto error;
|
|
|
adeaf8 |
+ if (userid &&
|
|
|
adeaf8 |
+ virIdentitySetAttr(ret,
|
|
|
adeaf8 |
+ VIR_IDENTITY_ATTR_UNIX_USER_ID,
|
|
|
adeaf8 |
+ userid) < 0)
|
|
|
adeaf8 |
+ goto error;
|
|
|
adeaf8 |
if (groupname &&
|
|
|
adeaf8 |
virIdentitySetAttr(ret,
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
|
|
|
adeaf8 |
groupname) < 0)
|
|
|
adeaf8 |
goto error;
|
|
|
adeaf8 |
+ if (groupid &&
|
|
|
adeaf8 |
+ virIdentitySetAttr(ret,
|
|
|
adeaf8 |
+ VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
|
|
|
adeaf8 |
+ groupid) < 0)
|
|
|
adeaf8 |
+ goto error;
|
|
|
adeaf8 |
if (processid &&
|
|
|
adeaf8 |
virIdentitySetAttr(ret,
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
|
|
|
adeaf8 |
@@ -745,7 +761,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
|
|
|
adeaf8 |
|
|
|
adeaf8 |
cleanup:
|
|
|
adeaf8 |
VIR_FREE(username);
|
|
|
adeaf8 |
+ VIR_FREE(userid);
|
|
|
adeaf8 |
VIR_FREE(groupname);
|
|
|
adeaf8 |
+ VIR_FREE(groupid);
|
|
|
adeaf8 |
VIR_FREE(processid);
|
|
|
adeaf8 |
VIR_FREE(processtime);
|
|
|
adeaf8 |
VIR_FREE(seccontext);
|
|
|
adeaf8 |
diff --git a/src/util/viridentity.c b/src/util/viridentity.c
|
|
|
adeaf8 |
index 781f660..03c375b 100644
|
|
|
adeaf8 |
--- a/src/util/viridentity.c
|
|
|
adeaf8 |
+++ b/src/util/viridentity.c
|
|
|
adeaf8 |
@@ -133,7 +133,9 @@ int virIdentitySetCurrent(virIdentityPtr ident)
|
|
|
adeaf8 |
virIdentityPtr virIdentityGetSystem(void)
|
|
|
adeaf8 |
{
|
|
|
adeaf8 |
char *username = NULL;
|
|
|
adeaf8 |
+ char *userid = NULL;
|
|
|
adeaf8 |
char *groupname = NULL;
|
|
|
adeaf8 |
+ char *groupid = NULL;
|
|
|
adeaf8 |
char *seccontext = NULL;
|
|
|
adeaf8 |
virIdentityPtr ret = NULL;
|
|
|
adeaf8 |
#if WITH_SELINUX
|
|
|
adeaf8 |
@@ -147,8 +149,13 @@ virIdentityPtr virIdentityGetSystem(void)
|
|
|
adeaf8 |
|
|
|
adeaf8 |
if (!(username = virGetUserName(getuid())))
|
|
|
adeaf8 |
goto cleanup;
|
|
|
adeaf8 |
+ if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
|
|
|
adeaf8 |
+ goto cleanup;
|
|
|
adeaf8 |
+
|
|
|
adeaf8 |
if (!(groupname = virGetGroupName(getgid())))
|
|
|
adeaf8 |
goto cleanup;
|
|
|
adeaf8 |
+ if (virAsprintf(&groupid, "%d", (int)getgid()) < 0)
|
|
|
adeaf8 |
+ goto cleanup;
|
|
|
adeaf8 |
|
|
|
adeaf8 |
#if WITH_SELINUX
|
|
|
adeaf8 |
if (getcon(&con) < 0) {
|
|
|
adeaf8 |
@@ -166,16 +173,22 @@ virIdentityPtr virIdentityGetSystem(void)
|
|
|
adeaf8 |
if (!(ret = virIdentityNew()))
|
|
|
adeaf8 |
goto cleanup;
|
|
|
adeaf8 |
|
|
|
adeaf8 |
- if (username &&
|
|
|
adeaf8 |
- virIdentitySetAttr(ret,
|
|
|
adeaf8 |
+ if (virIdentitySetAttr(ret,
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_UNIX_USER_NAME,
|
|
|
adeaf8 |
username) < 0)
|
|
|
adeaf8 |
goto error;
|
|
|
adeaf8 |
- if (groupname &&
|
|
|
adeaf8 |
- virIdentitySetAttr(ret,
|
|
|
adeaf8 |
+ if (virIdentitySetAttr(ret,
|
|
|
adeaf8 |
+ VIR_IDENTITY_ATTR_UNIX_USER_ID,
|
|
|
adeaf8 |
+ userid) < 0)
|
|
|
adeaf8 |
+ goto error;
|
|
|
adeaf8 |
+ if (virIdentitySetAttr(ret,
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
|
|
|
adeaf8 |
groupname) < 0)
|
|
|
adeaf8 |
goto error;
|
|
|
adeaf8 |
+ if (virIdentitySetAttr(ret,
|
|
|
adeaf8 |
+ VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
|
|
|
adeaf8 |
+ groupid) < 0)
|
|
|
adeaf8 |
+ goto error;
|
|
|
adeaf8 |
if (seccontext &&
|
|
|
adeaf8 |
virIdentitySetAttr(ret,
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
|
|
|
adeaf8 |
@@ -188,7 +201,9 @@ virIdentityPtr virIdentityGetSystem(void)
|
|
|
adeaf8 |
|
|
|
adeaf8 |
cleanup:
|
|
|
adeaf8 |
VIR_FREE(username);
|
|
|
adeaf8 |
+ VIR_FREE(userid);
|
|
|
adeaf8 |
VIR_FREE(groupname);
|
|
|
adeaf8 |
+ VIR_FREE(groupid);
|
|
|
adeaf8 |
VIR_FREE(seccontext);
|
|
|
adeaf8 |
VIR_FREE(processid);
|
|
|
adeaf8 |
return ret;
|
|
|
adeaf8 |
diff --git a/src/util/viridentity.h b/src/util/viridentity.h
|
|
|
adeaf8 |
index 4bae8d6..a240c2d 100644
|
|
|
adeaf8 |
--- a/src/util/viridentity.h
|
|
|
adeaf8 |
+++ b/src/util/viridentity.h
|
|
|
adeaf8 |
@@ -29,7 +29,9 @@ typedef virIdentity *virIdentityPtr;
|
|
|
adeaf8 |
|
|
|
adeaf8 |
typedef enum {
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_UNIX_USER_NAME,
|
|
|
adeaf8 |
+ VIR_IDENTITY_ATTR_UNIX_USER_ID,
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
|
|
|
adeaf8 |
+ VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
|
|
|
adeaf8 |
VIR_IDENTITY_ATTR_SASL_USER_NAME,
|