From: Jes.Sorensen@redhat.com
To: anthony@codemonkey.ws
Cc: Jes Sorensen <Jes.Sorensen@redhat.com>, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH 12/17] Move runas handling from vl.c to OS specific files.
Date: Fri, 4 Jun 2010 18:09:10 +0200 [thread overview]
Message-ID: <1275667755-4821-13-git-send-email-Jes.Sorensen@redhat.com> (raw)
In-Reply-To: <1275667755-4821-1-git-send-email-Jes.Sorensen@redhat.com>
From: Jes Sorensen <Jes.Sorensen@redhat.com>
Move code to handle runas, ie. change of user id of QEMU process
to OS specific files and provide dummy stub for Win32.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
---
os-posix.c | 28 ++++++++++++++++++++++++++++
qemu-os-posix.h | 1 +
qemu-os-win32.h | 1 +
vl.c | 29 +----------------------------
4 files changed, 31 insertions(+), 28 deletions(-)
diff --git a/os-posix.c b/os-posix.c
index 0deddf3..8b686a4 100644
--- a/os-posix.c
+++ b/os-posix.c
@@ -28,6 +28,7 @@
#include <signal.h>
#include <sys/types.h>
#include <sys/wait.h>
+#include <pwd.h>
#include <libgen.h>
/* Needed early for CONFIG_BSD etc. */
@@ -36,6 +37,8 @@
#include "net/slirp.h"
#include "qemu-options.h"
+static struct passwd *user_pwd;
+
void os_setup_early_signal_handling(void)
{
struct sigaction act;
@@ -146,6 +149,31 @@ void os_parse_cmd_args(int index, const char *optarg)
exit(1);
break;
#endif
+ case QEMU_OPTION_runas:
+ user_pwd = getpwnam(optarg);
+ if (!user_pwd) {
+ fprintf(stderr, "User \"%s\" doesn't exist\n", optarg);
+ exit(1);
+ }
+ break;
}
return;
}
+
+void os_change_process_uid(void)
+{
+ if (user_pwd) {
+ if (setgid(user_pwd->pw_gid) < 0) {
+ fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid);
+ exit(1);
+ }
+ if (setuid(user_pwd->pw_uid) < 0) {
+ fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid);
+ exit(1);
+ }
+ if (setuid(0) != -1) {
+ fprintf(stderr, "Dropping privileges failed\n");
+ exit(1);
+ }
+ }
+}
diff --git a/qemu-os-posix.h b/qemu-os-posix.h
index ff5adb1..6d8cf79 100644
--- a/qemu-os-posix.h
+++ b/qemu-os-posix.h
@@ -31,5 +31,6 @@ static inline void os_host_main_loop_wait(int *timeout)
}
void os_setup_signal_handling(void);
+void os_change_process_uid(void);
#endif
diff --git a/qemu-os-win32.h b/qemu-os-win32.h
index e7e2ee3..70fdca5 100644
--- a/qemu-os-win32.h
+++ b/qemu-os-win32.h
@@ -43,5 +43,6 @@ void qemu_del_wait_object(HANDLE handle, WaitObjectFunc *func, void *opaque);
void os_host_main_loop_wait(int *timeout);
static inline void os_setup_signal_handling(void) {}
+static inline void os_change_process_uid(void) {}
#endif
diff --git a/vl.c b/vl.c
index 7c48024..5fa4c79 100644
--- a/vl.c
+++ b/vl.c
@@ -34,7 +34,6 @@
#ifndef _WIN32
#include <libgen.h>
-#include <pwd.h>
#include <sys/times.h>
#include <sys/wait.h>
#include <termios.h>
@@ -2310,9 +2309,7 @@ int main(int argc, char **argv, char **envp)
const char *incoming = NULL;
#ifndef _WIN32
int fd = 0;
- struct passwd *pwd = NULL;
const char *chroot_dir = NULL;
- const char *run_as = NULL;
#endif
int show_vnc_port = 0;
int defconfig = 1;
@@ -3060,9 +3057,6 @@ int main(int argc, char **argv, char **envp)
case QEMU_OPTION_chroot:
chroot_dir = optarg;
break;
- case QEMU_OPTION_runas:
- run_as = optarg;
- break;
#endif
case QEMU_OPTION_xen_domid:
if (!(xen_available())) {
@@ -3552,14 +3546,6 @@ int main(int argc, char **argv, char **envp)
exit(1);
}
- if (run_as) {
- pwd = getpwnam(run_as);
- if (!pwd) {
- fprintf(stderr, "User \"%s\" doesn't exist\n", run_as);
- exit(1);
- }
- }
-
if (chroot_dir) {
if (chroot(chroot_dir) < 0) {
fprintf(stderr, "chroot failed\n");
@@ -3571,20 +3557,7 @@ int main(int argc, char **argv, char **envp)
}
}
- if (run_as) {
- if (setgid(pwd->pw_gid) < 0) {
- fprintf(stderr, "Failed to setgid(%d)\n", pwd->pw_gid);
- exit(1);
- }
- if (setuid(pwd->pw_uid) < 0) {
- fprintf(stderr, "Failed to setuid(%d)\n", pwd->pw_uid);
- exit(1);
- }
- if (setuid(0) != -1) {
- fprintf(stderr, "Dropping privileges failed\n");
- exit(1);
- }
- }
+ os_change_process_uid();
if (daemonize) {
dup2(fd, 0);
--
1.6.5.2
next prev parent reply other threads:[~2010-06-04 16:12 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-04 16:08 [Qemu-devel] [PATCH v3 00/17] clean up vl.c code Jes.Sorensen
2010-06-04 16:08 ` [Qemu-devel] [PATCH 01/17] vl.c: Remove double include of netinet/in.h for Solaris Jes.Sorensen
2010-06-06 11:13 ` Andreas Färber
2010-06-04 16:09 ` [Qemu-devel] [PATCH 02/17] Create qemu-os-win32.h and move WIN32 specific declarations there Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 03/17] Introduce os-win32.c and move polling functions from vl.c Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 04/17] vl.c: Move host_main_loop_wait() to OS specific files Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 05/17] Introduce os-posix.c and create os_setup_signal_handling() Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 06/17] Move win32 early signal handling setup to os_setup_signal_handling() Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 07/17] Rename os_setup_signal_handling() to os_setup_early_signal_handling() Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 08/17] Move main signal handler setup to os specificfiles Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 09/17] Move find_datadir to OS specific files Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 10/17] Rename qemu-options.h to qemu-options.def Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 11/17] Introduce OS specific cmdline argument handling and move SMB arg to os-posix.c Jes.Sorensen
2010-06-04 16:09 ` Jes.Sorensen [this message]
2010-06-04 16:09 ` [Qemu-devel] [PATCH 13/17] Move chroot handling to OS specific files Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 14/17] Move daemonize " Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 15/17] Make os_change_process_uid and os_change_root os-posix.c local Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 16/17] Move line-buffering setup to OS specific files Jes.Sorensen
2010-06-04 16:09 ` [Qemu-devel] [PATCH 17/17] Move set_proc_name() " Jes.Sorensen
2010-06-04 17:27 ` [Qemu-devel] [PATCH v3 00/17] clean up vl.c code Richard Henderson
2010-06-07 21:41 ` [Qemu-devel] " Juan Quintela
2010-06-08 5:49 ` Jes Sorensen
-- strict thread matches above, loose matches on Subject: below --
2010-06-10 9:42 [Qemu-devel] [PATCH v4 " Jes.Sorensen
2010-06-10 9:42 ` [Qemu-devel] [PATCH 12/17] Move runas handling from vl.c to OS specific files Jes.Sorensen
2010-06-04 13:24 [Qemu-devel] [PATCH v2 00/17] clean up vl.c code Jes.Sorensen
2010-06-04 13:24 ` [Qemu-devel] [PATCH 12/17] Move runas handling from vl.c to OS specific files Jes.Sorensen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1275667755-4821-13-git-send-email-Jes.Sorensen@redhat.com \
--to=jes.sorensen@redhat.com \
--cc=anthony@codemonkey.ws \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).