rpms/libvirt
7
0
Fork 1
Code Issues Pull Requests Releases Activity
adeaf839fd
libvirt/0106-Ensure-system-identity-includes-process-start-time.patch
Cole Robinson adeaf839fd Sync with v1.1.2-maint 
Rebuild for libswan soname bump (bz #1009701)
CVE-2013-4311: Insecure polkit usage (bz #1009539, bz #1005332)
CVE-2013-4296: Invalid free memory stats (bz #1006173, bz #1009667)
CVE-2013-4297: Invalid free in NBDDeviceAssociate (bz #1006505, bz #1006511)
Fix virsh block-commit abort (bz #1010056)
2013-09-23 14:35:01 -04:00

69 lines
2.1 KiB
Diff
Raw Blame History

From fe544fd4c18d6982e652a1d5cd016816c609b72c Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Wed, 28 Aug 2013 15:22:05 +0100
Subject: [PATCH] Ensure system identity includes process start time
The polkit access driver will want to use the process start
time field. This was already set for network identities, but
not for the system identity.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit e65667c0c6e016d42abea077e31628ae43f57b74)
---
src/util/viridentity.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index 03c375b..f681f85 100644
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -35,6 +35,7 @@
#include "virthread.h"
#include "virutil.h"
#include "virstring.h"
+#include "virprocess.h"
#define VIR_FROM_THIS VIR_FROM_IDENTITY
@@ -142,11 +143,20 @@ virIdentityPtr virIdentityGetSystem(void)
security_context_t con;
#endif
char *processid = NULL;
+ unsigned long long timestamp;
+ char *processtime = NULL;
if (virAsprintf(&processid, "%llu",
(unsigned long long)getpid()) < 0)
goto cleanup;
+ if (virProcessGetStartTime(getpid(), &timestamp) < 0)
+ goto cleanup;
+
+ if (timestamp != 0 &&
+ virAsprintf(&processtime, "%llu", timestamp) < 0)
+ goto cleanup;
+
if (!(username = virGetUserName(getuid())))
goto cleanup;
if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
@@ -198,6 +208,11 @@ virIdentityPtr virIdentityGetSystem(void)
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
processid) < 0)
goto error;
+ if (processtime &&
+ virIdentitySetAttr(ret,
+ VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
+ processtime) < 0)
+ goto error;
cleanup:
VIR_FREE(username);
@@ -206,6 +221,7 @@ cleanup:
VIR_FREE(groupid);
VIR_FREE(seccontext);
VIR_FREE(processid);
+ VIR_FREE(processtime);
return ret;
error:
Reference in New Issue View Git Blame Copy Permalink