|
|
a5a3f0 |
From f019023539b64742e8f1ebc38ea26a204fa0a45c Mon Sep 17 00:00:00 2001
|
|
|
a5a3f0 |
Message-Id: <f019023539b64742e8f1ebc38ea26a204fa0a45c@dist-git>
|
|
|
a5a3f0 |
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
|
|
|
a5a3f0 |
Date: Tue, 2 Oct 2018 14:00:41 +0200
|
|
|
a5a3f0 |
Subject: [PATCH] security: dac: also label listen UNIX sockets
|
|
|
a5a3f0 |
MIME-Version: 1.0
|
|
|
a5a3f0 |
Content-Type: text/plain; charset=UTF-8
|
|
|
a5a3f0 |
Content-Transfer-Encoding: 8bit
|
|
|
a5a3f0 |
|
|
|
a5a3f0 |
We switched to opening mode='bind' sockets ourselves:
|
|
|
a5a3f0 |
commit 30fb2276d88b275dc2aad6ddd28c100d944b59a5
|
|
|
a5a3f0 |
qemu: support passing pre-opened UNIX socket listen FD
|
|
|
a5a3f0 |
in v4.5.0-rc1~251
|
|
|
a5a3f0 |
|
|
|
a5a3f0 |
Then fixed qemuBuildChrChardevStr to change libvirtd's label
|
|
|
a5a3f0 |
while creating the socket:
|
|
|
a5a3f0 |
commit b0c6300fc42bbc3e5eb0b236392f7344581c5810
|
|
|
a5a3f0 |
qemu: ensure FDs passed to QEMU for chardevs have correct SELinux labels
|
|
|
a5a3f0 |
v4.5.0-rc1~52
|
|
|
a5a3f0 |
|
|
|
a5a3f0 |
Also add labeling of these sockets to the DAC driver.
|
|
|
a5a3f0 |
Instead of duplicating the logic which decides whether libvirt should
|
|
|
a5a3f0 |
pre-create the socket, assume an existing path meaning that it was created
|
|
|
a5a3f0 |
by libvirt.
|
|
|
a5a3f0 |
|
|
|
a5a3f0 |
https://bugzilla.redhat.com/show_bug.cgi?id=1633389
|
|
|
a5a3f0 |
|
|
|
a5a3f0 |
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
|
|
a5a3f0 |
Reviewed-by: Erik Skultety <eskultet@redhat.com>
|
|
|
a5a3f0 |
(cherry picked from commit d6b8838dd83697f721fe0706068df765148154de)
|
|
|
a5a3f0 |
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
|
|
a5a3f0 |
|
|
|
a5a3f0 |
RHEL 8.0: https://bugzilla.redhat.com/show_bug.cgi?id=1634775
|
|
|
a5a3f0 |
RHEL 7.6: https://bugzilla.redhat.com/show_bug.cgi?id=1635228
|
|
|
a5a3f0 |
|
|
|
a5a3f0 |
Conflicts: src/security/security_dac.c
|
|
|
a5a3f0 |
commit 3ac7793ad1ae0f4dc7b7ddbcfd182d5ff0b45538
|
|
|
a5a3f0 |
security_dac: Pass virSecurityManagerPtr to virSecurityDACSetOwnership
|
|
|
a5a3f0 |
is not backported
|
|
|
a5a3f0 |
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
a5a3f0 |
---
|
|
|
a5a3f0 |
src/security/security_dac.c | 7 ++++++-
|
|
|
a5a3f0 |
1 file changed, 6 insertions(+), 1 deletion(-)
|
|
|
a5a3f0 |
|
|
|
a5a3f0 |
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
|
|
|
a5a3f0 |
index 4b623dcf39..74c70dd092 100644
|
|
|
a5a3f0 |
--- a/src/security/security_dac.c
|
|
|
a5a3f0 |
+++ b/src/security/security_dac.c
|
|
|
a5a3f0 |
@@ -1248,7 +1248,12 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
|
|
|
a5a3f0 |
break;
|
|
|
a5a3f0 |
|
|
|
a5a3f0 |
case VIR_DOMAIN_CHR_TYPE_UNIX:
|
|
|
a5a3f0 |
- if (!dev_source->data.nix.listen) {
|
|
|
a5a3f0 |
+ if (!dev_source->data.nix.listen ||
|
|
|
a5a3f0 |
+ (dev_source->data.nix.path &&
|
|
|
a5a3f0 |
+ virFileExists(dev_source->data.nix.path))) {
|
|
|
a5a3f0 |
+ /* Also label mode='bind' sockets if they exist,
|
|
|
a5a3f0 |
+ * e.g. because they were created by libvirt
|
|
|
a5a3f0 |
+ * and passed via FD */
|
|
|
a5a3f0 |
if (virSecurityDACSetOwnership(priv, NULL,
|
|
|
a5a3f0 |
dev_source->data.nix.path,
|
|
|
a5a3f0 |
user, group) < 0)
|
|
|
a5a3f0 |
--
|
|
|
a5a3f0 |
2.19.0
|
|
|
a5a3f0 |
|