virSecurityManagerTransactionCommit: Accept pid == -1

It will be desirable to run transactions more often than we
currently do. Even if the domain we're relabeling the paths for
does not run in a namespace. If that's the case, there is no need
to fork() as we are already running in the right namespace. To
differentiate whether transaction code should fork() or not the
@pid argument now accepts -1 (which means do not fork).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 2a5f8639feb2d5f92f70b92f4d7b6347683f13d9..926c9a33c16a8b3912371911d6d0aef9fa43823f 100644 (file)
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -485,11 +485,14 @@ virSecurityDACTransactionStart(virSecurityManagerPtr mgr)
  * @mgr: security manager
  * @pid: domain's PID
  *
- * Enters the @pid namespace (usually @pid refers to a domain) and
- * performs all the chown()-s on the list. Note that the transaction is
- * also freed, therefore new one has to be started after successful
- * return from this function. Also it is considered as error if there's
- * no transaction set and this function is called.
+ * If @pid is not -1 then enter the @pid namespace (usually @pid refers
+ * to a domain) and perform all the chown()-s on the list. If @pid is -1
+ * then the transaction is performed in the namespace of the caller.
+ *
+ * Note that the transaction is also freed, therefore new one has to be
+ * started after successful return from this function. Also it is
+ * considered as error if there's no transaction set and this function
+ * is called.
  *
  * Returns: 0 on success,
  *         -1 otherwise.
@@ -514,9 +517,12 @@ virSecurityDACTransactionCommit(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
         goto cleanup;
     }
 
-    if (virProcessRunInMountNamespace(pid,
-                                      virSecurityDACTransactionRun,
-                                      list) < 0)
+    if ((pid == -1 &&
+         virSecurityDACTransactionRun(pid, list) < 0) ||
+        (pid != -1 &&
+         virProcessRunInMountNamespace(pid,
+                                       virSecurityDACTransactionRun,
+                                       list) < 0))
         goto cleanup;
 
     ret = 0;

diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index 21eb6f7452a75ac43c2f77076ca0ca82e5998ec8..9f770d8c535c7cdf9d16729abe7323c163c1f4d7 100644 (file)
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -267,11 +267,15 @@ virSecurityManagerTransactionStart(virSecurityManagerPtr mgr)
  * @mgr: security manager
  * @pid: domain's PID
  *
- * Enters the @pid namespace (usually @pid refers to a domain) and
- * performs all the operations on the transaction list. Note that the
- * transaction is also freed, therefore new one has to be started after
- * successful return from this function. Also it is considered as error
- * if there's no transaction set and this function is called.
+ * If @pid is not -1 then enter the @pid namespace (usually @pid refers
+ * to a domain) and perform all the operations on the transaction list.
+ * If @pid is -1 then the transaction is performed in the namespace of
+ * the caller.
+ *
+ * Note that the transaction is also freed, therefore new one has to be
+ * started after successful return from this function. Also it is
+ * considered as error if there's no transaction set and this function
+ * is called.
  *
  * Returns: 0 on success,
  *         -1 otherwise.

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 96944d0202b1508625550aa705d37ac725c09fe5..288f3628f7813526d573432e185c4a902ab83685 100644 (file)
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1040,11 +1040,15 @@ virSecuritySELinuxTransactionStart(virSecurityManagerPtr mgr)
  * @mgr: security manager
  * @pid: domain's PID
  *
- * Enters the @pid namespace (usually @pid refers to a domain) and
- * performs all the sefilecon()-s on the list. Note that the
- * transaction is also freed, therefore new one has to be started after
- * successful return from this function. Also it is considered as error
- * if there's no transaction set and this function is called.
+ * If @pis is not -1 then enter the @pid namespace (usually @pid refers
+ * to a domain) and perform all the sefilecon()-s on the list. If @pid
+ * is -1 then the transaction is performed in the namespace of the
+ * caller.
+ *
+ * Note that the transaction is also freed, therefore new one has to be
+ * started after successful return from this function. Also it is
+ * considered as error if there's no transaction set and this function
+ * is called.
  *
  * Returns: 0 on success,
  *         -1 otherwise.
@@ -1066,9 +1070,12 @@ virSecuritySELinuxTransactionCommit(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
         goto cleanup;
     }
 
-    if (virProcessRunInMountNamespace(pid,
-                                      virSecuritySELinuxTransactionRun,
-                                      list) < 0)
+    if ((pid == -1 &&
+         virSecuritySELinuxTransactionRun(pid, list) < 0) ||
+        (pid != -1 &&
+         virProcessRunInMountNamespace(pid,
+                                       virSecuritySELinuxTransactionRun,
+                                       list) < 0))
         goto cleanup;
 
     ret = 0;