Re: [Xen-devel] [PATCH 5/5] Allow all user to create a file under the directory /var/lib/xen

[Ian Campbell <ian.campbell@xxxxxxxxxx>]

On Tue, 2016-01-26 at 17:15 +0000, Stefano Stabellini wrote:
> It is sufficient to create an empty save file, as returned by
> libxl__device_model_savefile, with the right owner, at domain creation
> time. Something like below:
> 
> diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c
> index a088d71..f908422 100644
> --- a/tools/libxl/libxl_dm.c
> +++ b/tools/libxl/libxl_dm.c
> @@ -1285,6 +1285,12 @@ end_search:
> ÂÂÂÂÂÂÂÂÂif (user != NULL && strcmp(user, "root")) {
> ÂÂÂÂÂÂÂÂÂÂÂÂÂflexarray_append(dm_args, "-runas");
> ÂÂÂÂÂÂÂÂÂÂÂÂÂflexarray_append(dm_args, user);
> +
> +ÂÂÂÂÂÂÂÂÂÂÂÂconst char *filename = libxl__device_model_savefile(gc, 
> guest_domid);
> +ÂÂÂÂÂÂÂÂÂÂÂÂint fd = open(filename, O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 
> 0600);
> +ÂÂÂÂÂÂÂÂÂÂÂÂstruct passwd *pw = getpwnam(user);
> +ÂÂÂÂÂÂÂÂÂÂÂÂfchown(fd, pw->pw_uid, pw->pw_gid);
> +ÂÂÂÂÂÂÂÂÂÂÂÂclose(fd);
> ÂÂÂÂÂÂÂÂÂ}
> ÂÂÂÂÂ}
> ÂÂÂÂÂflexarray_append(dm_args, NULL);
> 
> This is another thing that would be easier to fix after Ian's privsep
> series, because we'll have a better place for this code.

Right.

In the meantime I think we should update at least docs/misc/qemu-
deprivilege.txt and probably docs/man/xl.cfg.pod.5:device_model_user to
mention the shortcomings of using these options if they are going to break
core functionality such as migration.

Would you knock up a patch please?

At the same time, I wonder ifÂdocs/misc/qemu-deprivilege.txt ought to move
toÂdocs/features/ ?

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel