NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix build when using polkit0

Browse Source 
V2: Remove policy kit references from virNetServer and use DBus APIs
    directly, if available.
This commit is contained in:
Jim Fehlig
2011-07-07 15:12:26 -06:00
parent 109efd7941
commit b8adfcc60c
6 changed files with 70 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
daemon/libvirtd.c
View File

@@ -576,26 +576,6 @@ static int daemonSetupNetworking(virNetServerPtr srv,
}
#endif
#if HAVE_POLKIT0
if (auth_unix_rw == REMOTE_AUTH_POLKIT ||
auth_unix_ro == REMOTE_AUTH_POLKIT) {
DBusError derr;
dbus_connection_set_change_sigpipe(FALSE);
dbus_threads_init_default();
dbus_error_init(&derr);
server->sysbus = dbus_bus_get(DBUS_BUS_SYSTEM, &derr);
if (!(server->sysbus)) {
VIR_ERROR(_("Failed to connect to system bus for PolicyKit auth: %s"),
derr.message);
dbus_error_free(&derr);
goto error;
}
dbus_connection_set_exit_on_disconnect(server->sysbus, FALSE);
}
#endif
return 0;
error:
@@ -1285,6 +1265,7 @@ int main(int argc, char **argv) {
struct daemonConfig *config;
bool privileged = geteuid() == 0 ? true : false;
bool implicit_conf = false;
bool use_polkit_dbus;
struct option opts[] = {
{ "verbose", no_argument, &verbose, 1},
@@ -1445,10 +1426,13 @@ int main(int argc, char **argv) {
umask(old_umask);
}
use_polkit_dbus = config->auth_unix_rw == REMOTE_AUTH_POLKIT ||
config->auth_unix_ro == REMOTE_AUTH_POLKIT;
if (!(srv = virNetServerNew(config->min_workers,
config->max_workers,
config->max_clients,
config->mdns_adv ? config->mdns_name : NULL,
use_polkit_dbus,
remoteClientInitHook))) {
ret = VIR_DAEMON_ERR_INIT;
goto cleanup;

21
daemon/remote.c
View File

@@ -43,6 +43,7 @@
#include "command.h"
#include "intprops.h"
#include "virnetserverservice.h"
#include "virnetserver.h"
#include "remote_protocol.h"
#include "qemu_protocol.h"
@@ -2115,7 +2116,7 @@ authdeny:
}
#elif HAVE_POLKIT0
static int
remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
remoteDispatchAuthPolkit(virNetServerPtr server,
virNetServerClientPtr client,
virNetMessageHeaderPtr hdr ATTRIBUTE_UNUSED,
virNetMessageErrorPtr rerr,
@@ -2137,21 +2138,19 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
memset(ident, 0, sizeof ident);
virMutexLock(&server->lock);
virMutexLock(&client->lock);
virMutexUnlock(&server->lock);
virMutexLock(&priv->lock);
action = client->readonly ?
action = virNetServerClientGetReadonly(client) ?
"org.libvirt.unix.monitor" :
"org.libvirt.unix.manage";
VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client));
if (client->auth != REMOTE_AUTH_POLKIT) {
if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
VIR_ERROR(_("client tried invalid PolicyKit init request"));
goto authfail;
}
if (qemudGetSocketIdentity(virNetServerClientGetFD(client), &callerUid, &callerPid) < 0) {
if (virNetServerClientGetLocalIdentity(client, &callerUid, &callerPid) < 0) {
VIR_ERROR(_("cannot get peer socket identity"));
goto authfail;
}
@@ -2164,7 +2163,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
VIR_INFO("Checking PID %d running as %d", callerPid, callerUid);
dbus_error_init(&err);
if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
if (!(pkcaller = polkit_caller_new_from_pid(virNetServerGetDBusConn(server),
callerPid, &err))) {
VIR_ERROR(_("Failed to lookup policy kit caller: %s"), err.message);
dbus_error_free(&err);
@@ -2226,9 +2225,9 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
action, callerPid, callerUid,
polkit_result_to_string_representation(pkresult));
ret->complete = 1;
client->auth = REMOTE_AUTH_NONE;
virNetServerClientSetIdentity(client, ident);
virMutexUnlock(&client->lock);
virMutexUnlock(&priv->lock);
return 0;
error:
@@ -2236,7 +2235,7 @@ error:
virNetError(VIR_ERR_AUTH_FAILED, "%s",
_("authentication failed"));
virNetMessageSaveError(rerr);
virMutexUnlock(&client->lock);
virMutexUnlock(&priv->lock);
return -1;
authfail: