Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Krempa <pkrempa@redhat.com>2012-09-18 12:20:41 +0200
committerPeter Krempa <pkrempa@redhat.com>2012-09-20 16:21:52 +0200
commitede89aab64ba9eeb953f4b895bfaba13f64ab5ed (patch)
tree088b981c9bb9434063c189b649f9ef6652a756aa
parentsimplify xenXMDomainPinVcpu function (diff)
downloadlibvirt-ede89aab64ba9eeb953f4b895bfaba13f64ab5ed.tar.gz
libvirt-ede89aab64ba9eeb953f4b895bfaba13f64ab5ed.tar.bz2
libvirt-ede89aab64ba9eeb953f4b895bfaba13f64ab5ed.zip
security: Don't ignore errors when parsing DAC security labels
The DAC security driver silently ignored errors when parsing the DAC label and used default values instead. With a domain containing the following label definition: <seclabel type='static' model='dac' relabel='yes'> <label>sdfklsdjlfjklsdjkl</label> </seclabel> the domain would start normaly but the disk images would be still owned by root and no error was displayed. This patch changes the behavior if the parsing of the label fails (note that a not present label is not a failure and in this case the default label should be used) the error isn't masked but is raised that causes the domain start to fail with a descriptive error message: virsh # start tr error: Failed to start domain tr error: internal error invalid argument: failed to parse DAC seclabel 'sdfklsdjlfjklsdjkl' for domain 'tr' I also changed the error code to "invalid argument" from "internal error" and tweaked the various error messages to contain correct and useful information.
Diffstat
-rw-r--r--src/security/security_dac.c95
1 files changed, 61 insertions, 34 deletions
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 211fb37e9..5f30f0f29 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -90,6 +90,7 @@ int parseIds(const char *label, uid_t *uidPtr, gid_t *gidPtr)
return 0;
}
+/* returns 1 if label isn't found, 0 on success, -1 on error */
static
int virSecurityDACParseIds(virDomainDefPtr def, uid_t *uidPtr, gid_t *gidPtr)
{
@@ -98,20 +99,18 @@ int virSecurityDACParseIds(virDomainDefPtr def, uid_t *uidPtr, gid_t *gidPtr)
virSecurityLabelDefPtr seclabel;
if (def == NULL)
- return -1;
+ return 1;
seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
if (seclabel == NULL || seclabel->label == NULL) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("security label for DAC not found in domain %s"),
- def->name);
- return -1;
+ VIR_DEBUG("DAC seclabel for domain '%s' wasn't found", def->name);
+ return 1;
}
if (seclabel->label && parseIds(seclabel->label, &uid, &gid)) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("failed to parse uid and gid for DAC "
- "security driver: %s"), seclabel->label);
+ virReportError(VIR_ERR_INVALID_ARG,
+ _("failed to parse DAC seclabel '%s' for domain '%s'"),
+ seclabel->label, def->name);
return -1;
}
@@ -127,19 +126,35 @@ static
int virSecurityDACGetIds(virDomainDefPtr def, virSecurityDACDataPtr priv,
uid_t *uidPtr, gid_t *gidPtr)
{
- if (virSecurityDACParseIds(def, uidPtr, gidPtr) == 0)
- return 0;
+ int ret;
- if (priv) {
- if (uidPtr)
- *uidPtr = priv->user;
- if (gidPtr)
- *gidPtr = priv->group;
- return 0;
+ if (!def && !priv) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("Failed to determine default DAC seclabel "
+ "for an unknown object"));
+ return -1;
}
- return -1;
+
+ if ((ret = virSecurityDACParseIds(def, uidPtr, gidPtr)) <= 0)
+ return ret;
+
+ if (!priv) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("DAC seclabel couldn't be determined "
+ "for domain '%s'"), def->name);
+ return -1;
+ }
+
+ if (uidPtr)
+ *uidPtr = priv->user;
+ if (gidPtr)
+ *gidPtr = priv->group;
+
+ return 0;
}
+
+/* returns 1 if label isn't found, 0 on success, -1 on error */
static
int virSecurityDACParseImageIds(virDomainDefPtr def,
uid_t *uidPtr, gid_t *gidPtr)
@@ -149,21 +164,19 @@ int virSecurityDACParseImageIds(virDomainDefPtr def,
virSecurityLabelDefPtr seclabel;
if (def == NULL)
- return -1;
+ return 1;
seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
if (seclabel == NULL || seclabel->imagelabel == NULL) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("security label for DAC not found in domain %s"),
- def->name);
- return -1;
+ VIR_DEBUG("DAC imagelabel for domain '%s' wasn't found", def->name);
+ return 1;
}
if (seclabel->imagelabel
&& parseIds(seclabel->imagelabel, &uid, &gid)) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("failed to parse uid and gid for DAC "
- "security driver: %s"), seclabel->label);
+ virReportError(VIR_ERR_INVALID_ARG,
+ _("failed to parse DAC imagelabel '%s' for domain '%s'"),
+ seclabel->imagelabel, def->name);
return -1;
}
@@ -179,17 +192,31 @@ static
int virSecurityDACGetImageIds(virDomainDefPtr def, virSecurityDACDataPtr priv,
uid_t *uidPtr, gid_t *gidPtr)
{
- if (virSecurityDACParseImageIds(def, uidPtr, gidPtr) == 0)
- return 0;
+ int ret;
- if (priv) {
- if (uidPtr)
- *uidPtr = priv->user;
- if (gidPtr)
- *gidPtr = priv->group;
- return 0;
+ if (!def && !priv) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("Failed to determine default DAC imagelabel "
+ "for an unknown object"));
+ return -1;
+ }
+
+ if ((ret = virSecurityDACParseImageIds(def, uidPtr, gidPtr)) <= 0)
+ return ret;
+
+ if (!priv) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("DAC imagelabel couldn't be determined "
+ "for domain '%s'"), def->name);
+ return -1;
}
- return -1;
+
+ if (uidPtr)
+ *uidPtr = priv->user;
+ if (gidPtr)
+ *gidPtr = priv->group;
+
+ return 0;
}