rpm/libvirt
SHA256
1
0
Fork 0
forked from pool/libvirt
Code Pull Requests Activity
afbbb95406
libvirt/fcdfa31f-polkit0-auth.patch

54 lines
2.0 KiB
Diff
Raw Normal View History

- Update to libvirt 0.9.10 - Add support for sVirt in the LXC driver - Add new API virDomainBlockRebase - Add api to set and get domain metadata - virDomainGetDiskErrors public API - Add rawio attribute to disk element of domain XML - Introduce virDomainPMSuspendForDuration API - Add virStorageVolResize() API - Add a virt-host-validate command to sanity check HV config - Add new virDomainShutdownFlags API - QEMU guest agent support OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=197
2012-02-15 20:01:07 +01:00
From a06fab953f99e778883618dd0aeaef8da5d5b32a Mon Sep 17 00:00:00 2001
From: Jim Fehlig <jfehlig@suse.com>
Date: Wed, 15 Feb 2012 10:01:50 -0700
Subject: [PATCH] Fix polkit0 authentication
Commit 7033c5f2 introduced some bugs in polkit0 authentication.
Fix libvirtd segfault in remoteDispatchAuthPolkit().
Fix polkit authentication bypass when caller UID = 0.
---
daemon/remote.c | 20 +++++++++-----------
1 files changed, 9 insertions(+), 11 deletions(-)
- Add upstream patches to fix issues with older PolicyKit c05ec920-polkit0-build.patch fcdfa31f-polkit0-auth.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=198
2012-02-16 06:03:57 +01:00
Index: libvirt-0.9.10/daemon/remote.c
===================================================================
--- libvirt-0.9.10.orig/daemon/remote.c
+++ libvirt-0.9.10/daemon/remote.c
@@ -2052,16 +2052,16 @@ remoteDispatchAuthList(virNetServerPtr s
- Update to libvirt 0.9.10 - Add support for sVirt in the LXC driver - Add new API virDomainBlockRebase - Add api to set and get domain metadata - virDomainGetDiskErrors public API - Add rawio attribute to disk element of domain XML - Introduce virDomainPMSuspendForDuration API - Add virStorageVolResize() API - Add a virt-host-validate command to sanity check HV config - Add new virDomainShutdownFlags API - QEMU guest agent support OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=197
2012-02-15 20:01:07 +01:00
} else if (callerUid == 0) {
char *ident;
if (virAsprintf(&ident, "pid:%lld,uid:%d",
- (long long) callerPid, callerUid) == 0) {
- VIR_INFO("Bypass polkit auth for privileged client %s",
- ident);
- if (virNetServerClientSetIdentity(client, ident) < 0)
- virResetLastError();
- else
- auth = VIR_NET_SERVER_SERVICE_AUTH_NONE;
- VIR_FREE(ident);
+ (long long) callerPid, callerUid) < 0) {
+ virReportOOMError();
+ goto cleanup;
}
- rv = -1;
+ VIR_INFO("Bypass polkit auth for privileged client %s", ident);
+ if (virNetServerClientSetIdentity(client, ident) < 0)
+ virResetLastError();
+ else
+ auth = VIR_NET_SERVER_SERVICE_AUTH_NONE;
+ VIR_FREE(ident);
}
}
- Add upstream patches to fix issues with older PolicyKit c05ec920-polkit0-build.patch fcdfa31f-polkit0-auth.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=198
2012-02-16 06:03:57 +01:00
@@ -2592,8 +2592,6 @@ remoteDispatchAuthPolkit(virNetServerPtr
- Update to libvirt 0.9.10 - Add support for sVirt in the LXC driver - Add new API virDomainBlockRebase - Add api to set and get domain metadata - virDomainGetDiskErrors public API - Add rawio attribute to disk element of domain XML - Introduce virDomainPMSuspendForDuration API - Add virStorageVolResize() API - Add a virt-host-validate command to sanity check HV config - Add new virDomainShutdownFlags API - QEMU guest agent support OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=197
2012-02-15 20:01:07 +01:00
struct daemonClientPrivate *priv =
virNetServerClientGetPrivateData(client);
- memset(ident, 0, sizeof ident);
-
virMutexLock(&priv->lock);
action = virNetServerClientGetReadonly(client) ?
Copy Permalink