Patchwork [11/16] Move runas handling from vl.c to OS specific files.

login
register
mail settings
Submitter Jes Sorensen
Date June 3, 2010, 4:48 p.m.
Message ID <1275583692-11678-12-git-send-email-Jes.Sorensen@redhat.com>
Download mbox | patch
Permalink /patch/54505/
State New
Headers show

Comments

Jes Sorensen - June 3, 2010, 4:48 p.m.
From: Jes Sorensen <Jes.Sorensen@redhat.com>

Move code to handle runas, ie. change of user id of QEMU process
to OS specific files and provide dummy stub for Win32.

Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
---
 os-posix.c      |   28 ++++++++++++++++++++++++++++
 qemu-os-posix.h |    1 +
 qemu-os-win32.h |    1 +
 vl.c            |   29 +----------------------------
 4 files changed, 31 insertions(+), 28 deletions(-)
Richard Henderson - June 3, 2010, 9 p.m.
On 06/03/2010 09:48 AM, Jes.Sorensen@redhat.com wrote:
> +static inline void os_change_process_uid(void) {};

Stray ;


r~

Patch

diff --git a/os-posix.c b/os-posix.c
index 66f2bf5..f8a092e 100644
--- a/os-posix.c
+++ b/os-posix.c
@@ -28,6 +28,7 @@ 
 #include <signal.h>
 #include <sys/types.h>
 #include <sys/wait.h>
+#include <pwd.h>
 #include <libgen.h>
 
 /* Needed early for CONFIG_BSD etc. */
@@ -35,6 +36,8 @@ 
 #include "sysemu.h"
 #include "net/slirp.h"
 
+static struct passwd *user_pwd;
+
 void os_setup_early_signal_handling(void)
 {
     struct sigaction act;
@@ -159,8 +162,33 @@  int os_parse_cmd_args(const QEMUOption *popt, const char *optarg)
             exit(1);
         break;
 #endif
+    case QEMU_OPTION_runas:
+        user_pwd = getpwnam(optarg);
+        if (!user_pwd) {
+            fprintf(stderr, "User \"%s\" doesn't exist\n", optarg);
+            exit(1);
+        }
+        break;
     default:
         ret = -1;
     }
     return ret;
 }
+
+void os_change_process_uid(void)
+{
+    if (user_pwd) {
+        if (setgid(user_pwd->pw_gid) < 0) {
+            fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid);
+            exit(1);
+        }
+        if (setuid(user_pwd->pw_uid) < 0) {
+            fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid);
+            exit(1);
+        }
+        if (setuid(0) != -1) {
+            fprintf(stderr, "Dropping privileges failed\n");
+            exit(1);
+        }
+    }
+}
diff --git a/qemu-os-posix.h b/qemu-os-posix.h
index ff5adb1..6d8cf79 100644
--- a/qemu-os-posix.h
+++ b/qemu-os-posix.h
@@ -31,5 +31,6 @@  static inline void os_host_main_loop_wait(int *timeout)
 }
 
 void os_setup_signal_handling(void);
+void os_change_process_uid(void);
 
 #endif
diff --git a/qemu-os-win32.h b/qemu-os-win32.h
index 4343c6d..9df0eda 100644
--- a/qemu-os-win32.h
+++ b/qemu-os-win32.h
@@ -43,5 +43,6 @@  void qemu_del_wait_object(HANDLE handle, WaitObjectFunc *func, void *opaque);
 void os_host_main_loop_wait(int *timeout);
 
 static inline void os_setup_signal_handling(void) {};
+static inline void os_change_process_uid(void) {};
 
 #endif
diff --git a/vl.c b/vl.c
index 838e109..d42be8d 100644
--- a/vl.c
+++ b/vl.c
@@ -34,7 +34,6 @@ 
 
 #ifndef _WIN32
 #include <libgen.h>
-#include <pwd.h>
 #include <sys/times.h>
 #include <sys/wait.h>
 #include <termios.h>
@@ -2312,9 +2311,7 @@  int main(int argc, char **argv, char **envp)
     const char *incoming = NULL;
 #ifndef _WIN32
     int fd = 0;
-    struct passwd *pwd = NULL;
     const char *chroot_dir = NULL;
-    const char *run_as = NULL;
 #endif
     int show_vnc_port = 0;
     int defconfig = 1;
@@ -3062,9 +3059,6 @@  int main(int argc, char **argv, char **envp)
             case QEMU_OPTION_chroot:
                 chroot_dir = optarg;
                 break;
-            case QEMU_OPTION_runas:
-                run_as = optarg;
-                break;
 #endif
             case QEMU_OPTION_xen_domid:
                 if (!(xen_available())) {
@@ -3554,14 +3548,6 @@  int main(int argc, char **argv, char **envp)
 	    exit(1);
     }
 
-    if (run_as) {
-        pwd = getpwnam(run_as);
-        if (!pwd) {
-            fprintf(stderr, "User \"%s\" doesn't exist\n", run_as);
-            exit(1);
-        }
-    }
-
     if (chroot_dir) {
         if (chroot(chroot_dir) < 0) {
             fprintf(stderr, "chroot failed\n");
@@ -3573,20 +3559,7 @@  int main(int argc, char **argv, char **envp)
         }
     }
 
-    if (run_as) {
-        if (setgid(pwd->pw_gid) < 0) {
-            fprintf(stderr, "Failed to setgid(%d)\n", pwd->pw_gid);
-            exit(1);
-        }
-        if (setuid(pwd->pw_uid) < 0) {
-            fprintf(stderr, "Failed to setuid(%d)\n", pwd->pw_uid);
-            exit(1);
-        }
-        if (setuid(0) != -1) {
-            fprintf(stderr, "Dropping privileges failed\n");
-            exit(1);
-        }
-    }
+    os_change_process_uid();
 
     if (daemonize) {
         dup2(fd, 0);