From nobody Thu May 2 22:40:16 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1552046465624489.1298086551453; Fri, 8 Mar 2019 04:01:05 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6242DC058CB7; Fri, 8 Mar 2019 12:01:03 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2585A5D787; Fri, 8 Mar 2019 12:01:03 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 949053FB11; Fri, 8 Mar 2019 12:01:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x28C0xJK008484 for ; Fri, 8 Mar 2019 07:00:59 -0500 Received: by smtp.corp.redhat.com (Postfix) id EABD017D61; Fri, 8 Mar 2019 12:00:59 +0000 (UTC) Received: from beluga.usersys.redhat.com (unknown [10.43.2.166]) by smtp.corp.redhat.com (Postfix) with ESMTP id 467095D9CD; Fri, 8 Mar 2019 12:00:59 +0000 (UTC) From: Erik Skultety To: libvir-list@redhat.com Date: Fri, 8 Mar 2019 13:00:47 +0100 Message-Id: <48569992a740c5eb6b4370f79561239c85923a83.1552045608.git.eskultet@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Cc: Erik Skultety Subject: [libvirt] [PATCH v2 1/3] util: command: Introduce virCommandAddEnvXDG helper X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 08 Mar 2019 12:01:04 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Some modules/libraries within QEMU could make use of the XDG_ vars when writing their data to the disk. Define the most common XDG variables and point them to the specific driver's libDir, i.e. XDG_CACHE_HOME -> /var/lib/libvirt//.cache XDG_DATA_HOME -> /var/lib/libvirt//.local/share XDG_CONFIG_HOME -> /var/lib/libvirt//.config Signed-off-by: Erik Skultety Reviewed-by: Daniel P. Berrang=C3=A9 --- src/libvirt_private.syms | 1 + src/util/vircommand.c | 21 +++++++++++++++++++++ src/util/vircommand.h | 2 ++ 3 files changed, 24 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index d2a240fc7a..92e21d3939 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1628,6 +1628,7 @@ virCommandAddEnvPassAllowSUID; virCommandAddEnvPassBlockSUID; virCommandAddEnvPassCommon; virCommandAddEnvString; +virCommandAddEnvXDG; virCommandAllowCap; virCommandClearCaps; virCommandDaemonize; diff --git a/src/util/vircommand.c b/src/util/vircommand.c index 84a65a2f6d..15e2f0ef1e 100644 --- a/src/util/vircommand.c +++ b/src/util/vircommand.c @@ -1483,6 +1483,27 @@ virCommandAddEnvPassCommon(virCommandPtr cmd) virCommandAddEnvPassBlockSUID(cmd, "TMPDIR", NULL); } =20 + +void +virCommandAddEnvXDG(virCommandPtr cmd, const char *baseDir) +{ + if (!cmd || cmd->has_error) + return; + + if (VIR_RESIZE_N(cmd->env, cmd->maxenv, cmd->nenv, 3) < 0) { + cmd->has_error =3D ENOMEM; + return; + } + + virCommandAddEnvFormat(cmd, "XDG_DATA_HOME=3D%s/%s", + baseDir, ".local/share"); + virCommandAddEnvFormat(cmd, "XDG_CACHE_HOME=3D%s/%s", + baseDir, ".cache"); + virCommandAddEnvFormat(cmd, "XDG_CONFIG_HOME=3D%s/%s", + baseDir, ".config"); +} + + /** * virCommandAddArg: * @cmd: the command to modify diff --git a/src/util/vircommand.h b/src/util/vircommand.h index 99849051f8..efdc5dd00d 100644 --- a/src/util/vircommand.h +++ b/src/util/vircommand.h @@ -122,6 +122,8 @@ void virCommandAddEnvPassAllowSUID(virCommandPtr cmd, =20 void virCommandAddEnvPassCommon(virCommandPtr cmd); =20 +void virCommandAddEnvXDG(virCommandPtr cmd, const char *baseDir); + void virCommandAddArg(virCommandPtr cmd, const char *val) ATTRIBUTE_NONNULL(2); =20 --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Thu May 2 22:40:16 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1552046465698747.2466674574381; Fri, 8 Mar 2019 04:01:05 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7BC6630D78C7; Fri, 8 Mar 2019 12:01:03 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3836A614FE; Fri, 8 Mar 2019 12:01:03 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B8F953FB12; Fri, 8 Mar 2019 12:01:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x28C10Dh008494 for ; Fri, 8 Mar 2019 07:01:01 -0500 Received: by smtp.corp.redhat.com (Postfix) id EE22917DE5; Fri, 8 Mar 2019 12:01:00 +0000 (UTC) Received: from beluga.usersys.redhat.com (unknown [10.43.2.166]) by smtp.corp.redhat.com (Postfix) with ESMTP id 456015D9CD; Fri, 8 Mar 2019 12:01:00 +0000 (UTC) From: Erik Skultety To: libvir-list@redhat.com Date: Fri, 8 Mar 2019 13:00:48 +0100 Message-Id: <6ff142adbeb43bc568768a76a79312bedb3bc472.1552045608.git.eskultet@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Cc: Erik Skultety Subject: [libvirt] [PATCH v2 2/3] qemu: command: Enforce setting XDG variables for system QEMU X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Fri, 08 Mar 2019 12:01:04 +0000 (UTC) Content-Type: text/plain; charset="utf-8" For session mode, only XDG_CACHE_HOME is set, because we want to remain integrating with services in user session, but for system mode, this would have become reading/writing to '/' which carries the obvious issue with permissions (also, '/' is the wrong location in 99.9% cases anyway). Signed-off-by: Erik Skultety Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_command.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 3a2ec7f26c..23be0d8554 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -10658,6 +10658,22 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, =20 virCommandAddEnvPassCommon(cmd); =20 + /* For system QEMU we want to set both HOME and all the XDG variables = to + * libDir/qemu otherwise apps QEMU links to might try to access the de= fault + * home dir '/' which would always result in a permission issue. + * + * For session QEMU, we only want to set XDG_CACHE_HOME as cache data + * may be purged at any time and that should not affect any app. We + * do want VMs to integrate with services in user's session so we're + * not re-setting any other env variables + */ + if (!driver->privileged) { + virCommandAddEnvFormat(cmd, "XDG_CACHE_HOME=3D%s/%s", + priv->libDir, ".cache"); + } else { + virCommandAddEnvXDG(cmd, priv->libDir); + } + if (qemuBuildNameCommandLine(cmd, cfg, def, qemuCaps) < 0) goto error; =20 --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Thu May 2 22:40:16 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1552046470562216.1403933396532; Fri, 8 Mar 2019 04:01:10 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7740B99DBA; Fri, 8 Mar 2019 12:01:08 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3E35B600C8; Fri, 8 Mar 2019 12:01:08 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id DABE83FAF4; Fri, 8 Mar 2019 12:01:07 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x28C115f008500 for ; Fri, 8 Mar 2019 07:01:02 -0500 Received: by smtp.corp.redhat.com (Postfix) id EABAD17D61; Fri, 8 Mar 2019 12:01:01 +0000 (UTC) Received: from beluga.usersys.redhat.com (unknown [10.43.2.166]) by smtp.corp.redhat.com (Postfix) with ESMTP id 452F0607D8; Fri, 8 Mar 2019 12:01:01 +0000 (UTC) From: Erik Skultety To: libvir-list@redhat.com Date: Fri, 8 Mar 2019 13:00:49 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Cc: Erik Skultety Subject: [libvirt] [PATCH v2 3/3] qemu: command: Override HOME variable for system QEMU X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Fri, 08 Mar 2019 12:01:09 +0000 (UTC) Content-Type: text/plain; charset="utf-8" By default, qemu user's home dir points to '/' which shouldn't be used at all. We therefore pass the HOME variable from the current variable iff not running as SUID, which means that for systemd we never set it. This patch makes sure, that for system QEMU this is always set to libDir/, session mode is left untouched. Signed-off-by: Erik Skultety Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_command.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 23be0d8554..26c36d2e19 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -10671,6 +10671,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, virCommandAddEnvFormat(cmd, "XDG_CACHE_HOME=3D%s/%s", priv->libDir, ".cache"); } else { + virCommandAddEnvPair(cmd, "HOME", priv->libDir); virCommandAddEnvXDG(cmd, priv->libDir); } =20 --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list