forked from pool/libvirt
9b367aafd3
db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch, 922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch bnc#836931 - CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats e7f400a1-CVE-2013-4296.patch bnc#838638 - CVE-2013-4297: Fix crash in virFileNBDDeviceAssociate 2dba0323-CVE-2013-4297.patch bnc#838642 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=299
66 lines
2.0 KiB
Diff
66 lines
2.0 KiB
Diff
commit e65667c0c6e016d42abea077e31628ae43f57b74
|
|
Author: Daniel P. Berrange <berrange@redhat.com>
|
|
Date: Wed Aug 28 15:22:05 2013 +0100
|
|
|
|
Ensure system identity includes process start time
|
|
|
|
The polkit access driver will want to use the process start
|
|
time field. This was already set for network identities, but
|
|
not for the system identity.
|
|
|
|
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
|
Index: libvirt-1.1.2/src/util/viridentity.c
|
|
===================================================================
|
|
--- libvirt-1.1.2.orig/src/util/viridentity.c
|
|
+++ libvirt-1.1.2/src/util/viridentity.c
|
|
@@ -35,6 +35,7 @@
|
|
#include "virthread.h"
|
|
#include "virutil.h"
|
|
#include "virstring.h"
|
|
+#include "virprocess.h"
|
|
|
|
#define VIR_FROM_THIS VIR_FROM_IDENTITY
|
|
|
|
@@ -142,11 +143,20 @@ virIdentityPtr virIdentityGetSystem(void
|
|
security_context_t con;
|
|
#endif
|
|
char *processid = NULL;
|
|
+ unsigned long long timestamp;
|
|
+ char *processtime = NULL;
|
|
|
|
if (virAsprintf(&processid, "%llu",
|
|
(unsigned long long)getpid()) < 0)
|
|
goto cleanup;
|
|
|
|
+ if (virProcessGetStartTime(getpid(), ×tamp) < 0)
|
|
+ goto cleanup;
|
|
+
|
|
+ if (timestamp != 0 &&
|
|
+ virAsprintf(&processtime, "%llu", timestamp) < 0)
|
|
+ goto cleanup;
|
|
+
|
|
if (!(username = virGetUserName(getuid())))
|
|
goto cleanup;
|
|
if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
|
|
@@ -198,6 +208,11 @@ virIdentityPtr virIdentityGetSystem(void
|
|
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
|
|
processid) < 0)
|
|
goto error;
|
|
+ if (processtime &&
|
|
+ virIdentitySetAttr(ret,
|
|
+ VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
|
|
+ processtime) < 0)
|
|
+ goto error;
|
|
|
|
cleanup:
|
|
VIR_FREE(username);
|
|
@@ -206,6 +221,7 @@ cleanup:
|
|
VIR_FREE(groupid);
|
|
VIR_FREE(seccontext);
|
|
VIR_FREE(processid);
|
|
+ VIR_FREE(processtime);
|
|
return ret;
|
|
|
|
error:
|