# HG changeset patch
# User john.levon@sun.com
# Date 1228271172 28800
# Node ID 2771f870b247df02b16a4d79cdf549a1ad0132aa
# Parent a4538c6c2d6690526d80c011b46b4700c23a9ffd
Least privilege support
On Solaris, which users can run virt-install depends on their effective
privilege set, not their effective UID.
if options.connect is None or options.connect.lower()[0:3] == "xen":
- if os.geteuid() != 0:
+ if not virtinst.util.privileged_user():
fail(_("Must be root to clone Xen guests"))
conn = cli.getConnection(options.connect)
diff --git a/virtinst/DistroManager.py b/virtinst/DistroManager.py
--- a/virtinst/DistroManager.py
+++ b/virtinst/DistroManager.py
@@ -193,7 +193,7 @@ class DistroInstaller(Guest.Installer):
"or FTP network install source, or an existing "
"local file/device"))
- if os.geteuid() != 0 and val.startswith("nfs:"):
+ if val.startswith("nfs:") and not util.privileged_user():
raise ValueError(_("NFS installations are only supported as root"))
def get_scratchdir(self):
+ if platform.system() == 'SunOS':
+ return '/var/tmp'
if self.type == "xen" and os.path.exists(XEN_SCRATCH):
return XEN_SCRATCH
- if os.getuid() == 0 and os.path.exists(LIBVIRT_SCRATCH):
+ if util.privileged_user() and os.path.exists(LIBVIRT_SCRATCH):
return LIBVIRT_SCRATCH
else:
return os.path.expanduser("~/.virtinst/boot")
@@ -476,7 +479,7 @@ class Installer(object):
fd = os.open(guest.disks[0].path, os.O_RDONLY)
except OSError, (err, msg):
logging.debug("Failed to open guest disk: %s" % msg)
- if err == errno.EACCES and os.geteuid() != 0:
+ if err == errno.EACCES and not util.privileged_user():
return True # non root might not have access to block devices
else:
raise
diff --git a/virtinst/cli.py b/virtinst/cli.py
--- a/virtinst/cli.py
+++ b/virtinst/cli.py
@@ -118,7 +118,7 @@ def nice_exit():
def getConnection(connect):
if connect and connect.lower()[0:3] == "xen":
- if os.geteuid() != 0:
+ if not util.privileged_user():
fail(_("Must be root to create Xen guests"))
if connect is None:
fail(_("Could not find usable default libvirt connection."))
@@ -307,7 +307,7 @@ def digest_networks(conn, macs, bridges,
# Create extra networks up to the number of nics requested
if len(macs) < nics:
for dummy in range(len(macs),nics):
- if os.getuid() == 0:
+ if util.privileged_user():
net = util.default_network(conn)
networks.append(net[0] + ":" + net[1])
else:
diff --git a/virtinst/util.py b/virtinst/util.py
--- a/virtinst/util.py
+++ b/virtinst/util.py
@@ -93,7 +93,7 @@ def default_connection():
os.path.exists("/usr/bin/qemu-kvm") or
os.path.exists("/usr/bin/kvm") or
os.path.exists("/usr/bin/xenner"):
- if os.getuid() == 0:
+ if privileged_user():
return "qemu:///system"
else:
return "qemu:///session"
@@ -509,6 +509,14 @@ def lookup_pool_by_path(conn, path):
return pool
return None
+def privileged_user():
+ """
+ Return true if the user is privileged enough. On Linux, this
+ equates to being root. On Solaris, it's more complicated, so we
+ just assume we're OK.
+ """
+ return os.uname()[0] == 'SunOS' or os.geteuid() == 0
+
def _test():
import doctest
doctest.testmod()
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@redhat.com
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
12-04-2008, 11:13 AM
"Daniel P. Berrange"
Least privilege support
On Tue, Dec 02, 2008 at 06:26:23PM -0800, john.levon@sun.com wrote:
> # HG changeset patch
> # User john.levon@sun.com
> # Date 1228271172 28800
> # Node ID 2771f870b247df02b16a4d79cdf549a1ad0132aa
> # Parent a4538c6c2d6690526d80c011b46b4700c23a9ffd
> Least privilege support
>
> On Solaris, which users can run virt-install depends on their effective
> privilege set, not their effective UID.
ACK this looks reasonable. Hopefully more of these checks will go
away as we move code out of virtinst and into formal libvirt APIs.
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@redhat.com
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
12-04-2008, 11:41 AM
Atsushi SAKAI
Least privilege support
Hi, John
I have a question about this patch.
(because of my understanding)
It seems check "SunOS" only for Solaris.
(It will be added some code in future?)
Thanks
Atsushi SAKAI
john.levon@sun.com wrote:
> # HG changeset patch
> # User john.levon@sun.com
> # Date 1228271172 28800
> # Node ID 2771f870b247df02b16a4d79cdf549a1ad0132aa
> # Parent a4538c6c2d6690526d80c011b46b4700c23a9ffd
> Least privilege support
>
> On Solaris, which users can run virt-install depends on their effective
> privilege set, not their effective UID.
>
> Signed-off-by: John Levon <john.levon@sun.com>
>
> diff --git a/virt-clone b/virt-clone
> --- a/virt-clone
> +++ b/virt-clone
> @@ -185,7 +185,7 @@ def main():
> logging.debug("start clone with HV " + options.connect)
>
> if options.connect is None or options.connect.lower()[0:3] == "xen":
> - if os.geteuid() != 0:
> + if not virtinst.util.privileged_user():
> fail(_("Must be root to clone Xen guests"))
>
> conn = cli.getConnection(options.connect)
> diff --git a/virtinst/DistroManager.py b/virtinst/DistroManager.py
> --- a/virtinst/DistroManager.py
> +++ b/virtinst/DistroManager.py
> @@ -193,7 +193,7 @@ class DistroInstaller(Guest.Installer):
> "or FTP network install source, or an existing "
> "local file/device"))
>
> - if os.geteuid() != 0 and val.startswith("nfs:"):
> + if val.startswith("nfs:") and not util.privileged_user():
> raise ValueError(_("NFS installations are only supported as root"))
>
> self._location = val
> diff --git a/virtinst/Guest.py b/virtinst/Guest.py
> --- a/virtinst/Guest.py
> +++ b/virtinst/Guest.py
> @@ -28,6 +28,7 @@ import urlgrabber.progress as progress
> import urlgrabber.progress as progress
> import util
> import libvirt
> +import platform
> import __builtin__
> import CapabilitiesParser
> import VirtualDevice
> @@ -347,9 +348,11 @@ class Installer(object):
> os_type = property(get_os_type, set_os_type)
>
> def get_scratchdir(self):
> + if platform.system() == 'SunOS':
> + return '/var/tmp'
> if self.type == "xen" and os.path.exists(XEN_SCRATCH):
> return XEN_SCRATCH
> - if os.getuid() == 0 and os.path.exists(LIBVIRT_SCRATCH):
> + if util.privileged_user() and os.path.exists(LIBVIRT_SCRATCH):
> return LIBVIRT_SCRATCH
> else:
> return os.path.expanduser("~/.virtinst/boot")
> @@ -476,7 +479,7 @@ class Installer(object):
> fd = os.open(guest.disks[0].path, os.O_RDONLY)
> except OSError, (err, msg):
> logging.debug("Failed to open guest disk: %s" % msg)
> - if err == errno.EACCES and os.geteuid() != 0:
> + if err == errno.EACCES and not util.privileged_user():
> return True # non root might not have access to block devices
> else:
> raise
> diff --git a/virtinst/cli.py b/virtinst/cli.py
> --- a/virtinst/cli.py
> +++ b/virtinst/cli.py
> @@ -118,7 +118,7 @@ def nice_exit():
>
> def getConnection(connect):
> if connect and connect.lower()[0:3] == "xen":
> - if os.geteuid() != 0:
> + if not util.privileged_user():
> fail(_("Must be root to create Xen guests"))
> if connect is None:
> fail(_("Could not find usable default libvirt connection."))
> @@ -307,7 +307,7 @@ def digest_networks(conn, macs, bridges,
> # Create extra networks up to the number of nics requested
> if len(macs) < nics:
> for dummy in range(len(macs),nics):
> - if os.getuid() == 0:
> + if util.privileged_user():
> net = util.default_network(conn)
> networks.append(net[0] + ":" + net[1])
> else:
> diff --git a/virtinst/util.py b/virtinst/util.py
> --- a/virtinst/util.py
> +++ b/virtinst/util.py
> @@ -93,7 +93,7 @@ def default_connection():
> os.path.exists("/usr/bin/qemu-kvm") or
> os.path.exists("/usr/bin/kvm") or
> os.path.exists("/usr/bin/xenner"):
> - if os.getuid() == 0:
> + if privileged_user():
> return "qemu:///system"
> else:
> return "qemu:///session"
> @@ -509,6 +509,14 @@ def lookup_pool_by_path(conn, path):
> return pool
> return None
>
> +def privileged_user():
> + """
> + Return true if the user is privileged enough. On Linux, this
> + equates to being root. On Solaris, it's more complicated, so we
> + just assume we're OK.
> + """
> + return os.uname()[0] == 'SunOS' or os.geteuid() == 0
> +
> def _test():
> import doctest
> doctest.testmod()
>
> _______________________________________________
> et-mgmt-tools mailing list
> et-mgmt-tools@redhat.com
> https://www.redhat.com/mailman/listinfo/et-mgmt-tools
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@redhat.com
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
12-04-2008, 12:26 PM
John Levon
Least privilege support
On Thu, Dec 04, 2008 at 09:41:19PM +0900, Atsushi SAKAI wrote:
> I have a question about this patch.
> (because of my understanding)
>
> It seems check "SunOS" only for Solaris.
> (It will be added some code in future?)
Possibly. There's no generally available Python interface to test for
effective Solaris privileges right now.
regards
john
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@redhat.com
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
12-07-2008, 03:24 AM
Cole Robinson
Least privilege support
john.levon@sun.com wrote:
> # HG changeset patch
> # User john.levon@sun.com
> # Date 1228271172 28800
> # Node ID 2771f870b247df02b16a4d79cdf549a1ad0132aa
> # Parent a4538c6c2d6690526d80c011b46b4700c23a9ffd
> Least privilege support
>
> On Solaris, which users can run virt-install depends on their effective
> privilege set, not their effective UID.
>
> Signed-off-by: John Levon <john.levon@sun.com>
>
>
Least privilege support
