提交 db7a5688 编写于 作者: D Daniel P. Berrange

Also store user & group ID values in virIdentity

Future improvements to the polkit code will require access to
the numeric user ID, not merely user name.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
上级 d0d013d9
...@@ -652,7 +652,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client) ...@@ -652,7 +652,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
char *processid = NULL; char *processid = NULL;
char *processtime = NULL; char *processtime = NULL;
char *username = NULL; char *username = NULL;
char *userid = NULL;
char *groupname = NULL; char *groupname = NULL;
char *groupid = NULL;
#if WITH_SASL #if WITH_SASL
char *saslname = NULL; char *saslname = NULL;
#endif #endif
...@@ -672,8 +674,12 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client) ...@@ -672,8 +674,12 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
if (!(username = virGetUserName(uid))) if (!(username = virGetUserName(uid)))
goto cleanup; goto cleanup;
if (virAsprintf(&userid, "%d", (int)uid) < 0)
goto cleanup;
if (!(groupname = virGetGroupName(gid))) if (!(groupname = virGetGroupName(gid)))
goto cleanup; goto cleanup;
if (virAsprintf(&userid, "%d", (int)gid) < 0)
goto cleanup;
if (virAsprintf(&processid, "%llu", if (virAsprintf(&processid, "%llu",
(unsigned long long)pid) < 0) (unsigned long long)pid) < 0)
goto cleanup; goto cleanup;
...@@ -710,11 +716,21 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client) ...@@ -710,11 +716,21 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
VIR_IDENTITY_ATTR_UNIX_USER_NAME, VIR_IDENTITY_ATTR_UNIX_USER_NAME,
username) < 0) username) < 0)
goto error; goto error;
if (userid &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_USER_ID,
userid) < 0)
goto error;
if (groupname && if (groupname &&
virIdentitySetAttr(ret, virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME, VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
groupname) < 0) groupname) < 0)
goto error; goto error;
if (groupid &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
groupid) < 0)
goto error;
if (processid && if (processid &&
virIdentitySetAttr(ret, virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID, VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
...@@ -745,7 +761,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client) ...@@ -745,7 +761,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
cleanup: cleanup:
VIR_FREE(username); VIR_FREE(username);
VIR_FREE(userid);
VIR_FREE(groupname); VIR_FREE(groupname);
VIR_FREE(groupid);
VIR_FREE(processid); VIR_FREE(processid);
VIR_FREE(processtime); VIR_FREE(processtime);
VIR_FREE(seccontext); VIR_FREE(seccontext);
......
...@@ -133,7 +133,9 @@ int virIdentitySetCurrent(virIdentityPtr ident) ...@@ -133,7 +133,9 @@ int virIdentitySetCurrent(virIdentityPtr ident)
virIdentityPtr virIdentityGetSystem(void) virIdentityPtr virIdentityGetSystem(void)
{ {
char *username = NULL; char *username = NULL;
char *userid = NULL;
char *groupname = NULL; char *groupname = NULL;
char *groupid = NULL;
char *seccontext = NULL; char *seccontext = NULL;
virIdentityPtr ret = NULL; virIdentityPtr ret = NULL;
#if WITH_SELINUX #if WITH_SELINUX
...@@ -147,8 +149,13 @@ virIdentityPtr virIdentityGetSystem(void) ...@@ -147,8 +149,13 @@ virIdentityPtr virIdentityGetSystem(void)
if (!(username = virGetUserName(getuid()))) if (!(username = virGetUserName(getuid())))
goto cleanup; goto cleanup;
if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
goto cleanup;
if (!(groupname = virGetGroupName(getgid()))) if (!(groupname = virGetGroupName(getgid())))
goto cleanup; goto cleanup;
if (virAsprintf(&groupid, "%d", (int)getgid()) < 0)
goto cleanup;
#if WITH_SELINUX #if WITH_SELINUX
if (getcon(&con) < 0) { if (getcon(&con) < 0) {
...@@ -166,16 +173,22 @@ virIdentityPtr virIdentityGetSystem(void) ...@@ -166,16 +173,22 @@ virIdentityPtr virIdentityGetSystem(void)
if (!(ret = virIdentityNew())) if (!(ret = virIdentityNew()))
goto cleanup; goto cleanup;
if (username && if (virIdentitySetAttr(ret,
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_USER_NAME, VIR_IDENTITY_ATTR_UNIX_USER_NAME,
username) < 0) username) < 0)
goto error; goto error;
if (groupname && if (virIdentitySetAttr(ret,
virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_UNIX_USER_ID,
userid) < 0)
goto error;
if (virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME, VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
groupname) < 0) groupname) < 0)
goto error; goto error;
if (virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
groupid) < 0)
goto error;
if (seccontext && if (seccontext &&
virIdentitySetAttr(ret, virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_SELINUX_CONTEXT, VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
...@@ -188,7 +201,9 @@ virIdentityPtr virIdentityGetSystem(void) ...@@ -188,7 +201,9 @@ virIdentityPtr virIdentityGetSystem(void)
cleanup: cleanup:
VIR_FREE(username); VIR_FREE(username);
VIR_FREE(userid);
VIR_FREE(groupname); VIR_FREE(groupname);
VIR_FREE(groupid);
VIR_FREE(seccontext); VIR_FREE(seccontext);
VIR_FREE(processid); VIR_FREE(processid);
return ret; return ret;
......
...@@ -29,7 +29,9 @@ typedef virIdentity *virIdentityPtr; ...@@ -29,7 +29,9 @@ typedef virIdentity *virIdentityPtr;
typedef enum { typedef enum {
VIR_IDENTITY_ATTR_UNIX_USER_NAME, VIR_IDENTITY_ATTR_UNIX_USER_NAME,
VIR_IDENTITY_ATTR_UNIX_USER_ID,
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME, VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID, VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME, VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
VIR_IDENTITY_ATTR_SASL_USER_NAME, VIR_IDENTITY_ATTR_SASL_USER_NAME,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册