From nobody Tue Feb 10 23:01:32 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1496770685931537.6791932740516;
 Tue, 6 Jun 2017 10:38:05 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 46801DF873;
	Tue,  6 Jun 2017 17:38:04 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 0A60917963;
	Tue,  6 Jun 2017 17:38:04 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id BD2094A48D;
	Tue,  6 Jun 2017 17:38:03 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v56EB0nQ024485 for <libvir-list@listman.util.phx.redhat.com>;
	Tue, 6 Jun 2017 10:11:00 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 47EB981B54; Tue,  6 Jun 2017 14:11:00 +0000 (UTC)
Received: from mx1.redhat.com (ext-mx04.extmail.prod.ext.phx2.redhat.com
	[10.5.110.28])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 85B337EBD6;
	Tue,  6 Jun 2017 14:10:57 +0000 (UTC)
Received: from smtp.nue.novell.com (smtp.nue.novell.com [195.135.221.5])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 1DDE080B56;
	Tue,  6 Jun 2017 14:10:55 +0000 (UTC)
Received: from laptop.vms (mhy71-2-88-167-63-197.fbx.proxad.net
	[88.167.63.197]) by smtp.nue.novell.com with ESMTP (TLS encrypted);
	Tue, 06 Jun 2017 16:10:53 +0200
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 46801DF873
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=suse.com
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
 spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 46801DF873
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 1DDE080B56
Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com;
	dmarc=none (p=none dis=none) header.from=suse.com
Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com;
	spf=pass smtp.mailfrom=cbosdonnat@suse.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 1DDE080B56
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
To: libvir-list@redhat.com
Date: Tue,  6 Jun 2017 16:10:49 +0200
Message-Id: <20170606141050.12755-2-cbosdonnat@suse.com>
In-Reply-To: <20170606141050.12755-1-cbosdonnat@suse.com>
References: <20170606141050.12755-1-cbosdonnat@suse.com>
X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 203
	matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com
	[10.5.110.28]); Tue, 06 Jun 2017 14:10:56 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com
 [10.5.110.28]);
	Tue, 06 Jun 2017 14:10:56 +0000 (UTC) for IP:'195.135.221.5'
	DOMAIN:'smtp.nue.novell.com' HELO:'smtp.nue.novell.com'
	FROM:'cbosdonnat@suse.com' RCPT:''
X-RedHat-Spam-Score: -1.501  (BAYES_50, RCVD_IN_DNSWL_MED,
	SPF_PASS) 195.135.221.5 smtp.nue.novell.com 195.135.221.5
	smtp.nue.novell.com <cbosdonnat@suse.com>
X-Scanned-By: MIMEDefang 2.78 on 10.5.110.28
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Cc: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
Subject: [libvirt] [PATCH 1/2] util: share code between virExec and
	virCommandExec
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]);
 Tue, 06 Jun 2017 17:38:05 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

virCommand is a version of virExec that doesn't fork, however it is
just calling execve and doesn't honors setting uid/gid and pwd.

This commit extrac those pieces from virExec() to a virExecCommon()
function that is called from both virExec() and virCommandExec().
---
 src/util/vircommand.c | 69 +++++++++++++++++++++++++++++------------------=
----
 1 file changed, 40 insertions(+), 29 deletions(-)

diff --git a/src/util/vircommand.c b/src/util/vircommand.c
index e1bbc0526..60c1121da 100644
--- a/src/util/vircommand.c
+++ b/src/util/vircommand.c
@@ -464,6 +464,41 @@ virCommandHandshakeChild(virCommandPtr cmd)
     return 0;
 }
=20
+static int
+virExecCommon(virCommandPtr cmd)
+{
+    gid_t *groups =3D NULL;
+    int ngroups;
+    int ret =3D -1;
+
+    if ((ngroups =3D virGetGroupList(cmd->uid, cmd->gid, &groups)) < 0)
+        goto cleanup;
+
+    if (cmd->uid !=3D (uid_t)-1 || cmd->gid !=3D (gid_t)-1 ||
+        cmd->capabilities || (cmd->flags & VIR_EXEC_CLEAR_CAPS)) {
+        VIR_DEBUG("Setting child uid:gid to %d:%d with caps %llx",
+                  (int)cmd->uid, (int)cmd->gid, cmd->capabilities);
+        if (virSetUIDGIDWithCaps(cmd->uid, cmd->gid, groups, ngroups,
+                                 cmd->capabilities,
+                                 !!(cmd->flags & VIR_EXEC_CLEAR_CAPS)) < 0)
+            goto cleanup;
+    }
+
+    if (cmd->pwd) {
+        VIR_DEBUG("Running child in %s", cmd->pwd);
+        if (chdir(cmd->pwd) < 0) {
+            virReportSystemError(errno,
+                                 _("Unable to change to %s"), cmd->pwd);
+            goto cleanup;
+        }
+    }
+    ret =3D 0;
+
+ cleanup:
+    VIR_FREE(groups);
+    return ret;
+}
+
 /*
  * virExec:
  * @cmd virCommandPtr containing all information about the program to
@@ -484,8 +519,6 @@ virExec(virCommandPtr cmd)
     const char *binary =3D NULL;
     int ret;
     struct sigaction waxon, waxoff;
-    gid_t *groups =3D NULL;
-    int ngroups;
=20
     if (cmd->args[0][0] !=3D '/') {
         if (!(binary =3D binarystr =3D virFindFileInPath(cmd->args[0]))) {
@@ -556,9 +589,6 @@ virExec(virCommandPtr cmd)
         childerr =3D null;
     }
=20
-    if ((ngroups =3D virGetGroupList(cmd->uid, cmd->gid, &groups)) < 0)
-        goto cleanup;
-
     pid =3D virFork();
=20
     if (pid < 0)
@@ -578,7 +608,6 @@ virExec(virCommandPtr cmd)
         cmd->pid =3D pid;
=20
         VIR_FREE(binarystr);
-        VIR_FREE(groups);
=20
         return 0;
     }
@@ -727,28 +756,8 @@ virExec(virCommandPtr cmd)
     }
 # endif
=20
-    /* The steps above may need to do something privileged, so we delay
-     * setuid and clearing capabilities until the last minute.
-     */
-    if (cmd->uid !=3D (uid_t)-1 || cmd->gid !=3D (gid_t)-1 ||
-        cmd->capabilities || (cmd->flags & VIR_EXEC_CLEAR_CAPS)) {
-        VIR_DEBUG("Setting child uid:gid to %d:%d with caps %llx",
-                  (int)cmd->uid, (int)cmd->gid, cmd->capabilities);
-        if (virSetUIDGIDWithCaps(cmd->uid, cmd->gid, groups, ngroups,
-                                 cmd->capabilities,
-                                 !!(cmd->flags & VIR_EXEC_CLEAR_CAPS)) < 0=
) {
-            goto fork_error;
-        }
-    }
-
-    if (cmd->pwd) {
-        VIR_DEBUG("Running child in %s", cmd->pwd);
-        if (chdir(cmd->pwd) < 0) {
-            virReportSystemError(errno,
-                                 _("Unable to change to %s"), cmd->pwd);
-            goto fork_error;
-        }
-    }
+    if (virExecCommon(cmd) < 0)
+        goto fork_error;
=20
     if (virCommandHandshakeChild(cmd) < 0)
        goto fork_error;
@@ -789,7 +798,6 @@ virExec(virCommandPtr cmd)
     /* This is cleanup of parent process only - child
        should never jump here on error */
=20
-    VIR_FREE(groups);
     VIR_FREE(binarystr);
=20
     /* NB we don't virReportError() on any failures here
@@ -2166,6 +2174,9 @@ int virCommandExec(virCommandPtr cmd)
         return -1;
     }
=20
+    if (virExecCommon(cmd) < 0)
+        return -1;
+
     execve(cmd->args[0], cmd->args, cmd->env);
=20
     virReportSystemError(errno,
--=20
2.12.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list