]> xenbits.xensource.com Git - libvirt.git/commitdiff
projects / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0a515a3)
qemu: Implement DAC driver chown callback to co-operate with storage drv
authorPeter Krempa <pkrempa@redhat.com>
Thu, 10 Jul 2014 13:46:01 +0000 (15:46 +0200)
committerPeter Krempa <pkrempa@redhat.com>
Thu, 24 Jul 2014 07:59:00 +0000 (09:59 +0200)
Use the storage driver to chown remote images.

src/qemu/qemu_driver.c patch | blob | blame | history

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 7a9c89749e9889cb0ade27a69da505724d163f7f..e4258ea0bb29228b69c992ba55ac9dc61235bee3 100644 (file)
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -327,6 +327,52 @@ qemuAutostartDomains(virQEMUDriverPtr driver)
     virObjectUnref(cfg);
 }
 
+
+static int
+qemuSecurityChownCallback(virStorageSourcePtr src,
+                          uid_t uid,
+                          gid_t gid)
+{
+    struct stat sb;
+    int save_errno = 0;
+    int ret = -1;
+
+    if (!virStorageFileSupportsSecurityDriver(src))
+        return 0;
+
+    if (virStorageSourceIsLocalStorage(src)) {
+        /* use direct chmod for local files so that the file doesn't
+         * need to be initialized */
+        if (stat(src->path, &sb) >= 0) {
+            if (sb.st_uid == uid &&
+                sb.st_gid == gid) {
+                /* It's alright, there's nothing to change anyway. */
+                return 0;
+            }
+        }
+
+        return chown(src->path, uid, gid);
+    }
+
+    /* storage file init reports errors, return -2 on failure */
+    if (virStorageFileInit(src) < 0)
+        return -2;
+
+    if (virStorageFileChown(src, uid, gid) < 0) {
+        save_errno = errno;
+        goto cleanup;
+    }
+
+    ret = 0;
+
+ cleanup:
+    virStorageFileDeinit(src);
+    errno = save_errno;
+
+    return ret;
+}
+
+
 static int
 qemuSecurityInit(virQEMUDriverPtr driver)
 {
@@ -375,7 +421,7 @@ qemuSecurityInit(virQEMUDriverPtr driver)
                                              cfg->securityDefaultConfined,
                                              cfg->securityRequireConfined,
                                              cfg->dynamicOwnership,
-                                             NULL)))
+                                             qemuSecurityChownCallback)))
             goto error;
         if (!stack) {
             if (!(stack = virSecurityManagerNewStack(mgr)))
Unnamed repository; edit this file 'description' to name the repository.