diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 2f9dfad4436f7e6b9cdb9674531ebbfc6d92fc2b..31c6ce1b61794bfe4d1360e687e11f044ce16561 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -675,30 +675,6 @@ daemonVersion(const char *argv0) printf("%s (%s) %s\n", argv0, PACKAGE_NAME, PACKAGE_VERSION); } -#ifdef __sun -static int -daemonSetupPrivs(void) -{ - chown("/var/run/libvirt", SYSTEM_UID, SYSTEM_UID); - - if (__init_daemon_priv(PU_RESETGROUPS | PU_CLEARLIMITSET, - SYSTEM_UID, SYSTEM_UID, PRIV_XVM_CONTROL, NULL)) { - VIR_ERROR(_("additional privileges are required")); - return -1; - } - - if (priv_set(PRIV_OFF, PRIV_ALLSETS, PRIV_FILE_LINK_ANY, PRIV_PROC_INFO, - PRIV_PROC_SESSION, PRIV_PROC_EXEC, PRIV_PROC_FORK, NULL)) { - VIR_ERROR(_("failed to set reduced privileges")); - return -1; - } - - return 0; -} -#else -# define daemonSetupPrivs() 0 -#endif - static void daemonShutdownHandler(virNetDaemonPtr dmn, siginfo_t *sig ATTRIBUTE_UNUSED, @@ -1336,15 +1312,6 @@ int main(int argc, char **argv) { goto cleanup; } - /* Beyond this point, nothing should rely on using - * getuid/geteuid() == 0, for privilege level checks. - */ - VIR_DEBUG("Dropping privileges (if required)"); - if (daemonSetupPrivs() < 0) { - ret = VIR_DAEMON_ERR_PRIVS; - goto cleanup; - } - daemonInitialize(); remoteProcs[REMOTE_PROC_AUTH_LIST].needAuth = false; diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index f765c09416560623a49b981af95ab15c2b31725e..34e5ced0a93a28bab340c82bd6bcf86f5154c28d 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -1350,7 +1350,6 @@ remoteConnectOpen(virConnectPtr conn, */ if (!conn->uri) { VIR_DEBUG("Auto-probe remote URI"); -#ifndef __sun if (geteuid() > 0) { VIR_DEBUG("Auto-spawn user daemon instance"); rflags |= VIR_DRV_OPEN_REMOTE_USER; @@ -1359,7 +1358,6 @@ remoteConnectOpen(virConnectPtr conn, STRNEQ(autostart, "0"))) rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART; } -#endif } ret = doRemoteOpen(conn, priv, auth, conf, rflags);