diff options
Diffstat (limited to 'community/libvirt/0002-Ensure-system-identity-includes-process-start-time.patch')
| -rw-r--r-- | community/libvirt/0002-Ensure-system-identity-includes-process-start-time.patch | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/community/libvirt/0002-Ensure-system-identity-includes-process-start-time.patch b/community/libvirt/0002-Ensure-system-identity-includes-process-start-time.patch new file mode 100644 index 000000000..1fba7d56c --- /dev/null +++ b/community/libvirt/0002-Ensure-system-identity-includes-process-start-time.patch @@ -0,0 +1,70 @@ +From f26b6e44bf0c3efe8167a528141224ccb7623b4a Mon Sep 17 00:00:00 2001
+From: "Daniel P. Berrange" <berrange@redhat.com>
+Date: Wed, 28 Aug 2013 15:22:05 +0100
+Subject: [PATCH 2/3] Ensure system identity includes process start time
+
+The polkit access driver will want to use the process start
+time field. This was already set for network identities, but
+not for the system identity.
+
+Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
+---
+ src/util/viridentity.c | 16 ++++++++++++++++
+ 1 file changed, 16 insertions(+)
+
+diff --git a/src/util/viridentity.c b/src/util/viridentity.c
+index 03c375b..f681f85 100644
+--- a/src/util/viridentity.c
++++ b/src/util/viridentity.c
+@@ -35,6 +35,7 @@
+ #include "virthread.h"
+ #include "virutil.h"
+ #include "virstring.h"
++#include "virprocess.h"
+
+ #define VIR_FROM_THIS VIR_FROM_IDENTITY
+
+@@ -142,11 +143,20 @@ virIdentityPtr virIdentityGetSystem(void)
+ security_context_t con;
+ #endif
+ char *processid = NULL;
++ unsigned long long timestamp;
++ char *processtime = NULL;
+
+ if (virAsprintf(&processid, "%llu",
+ (unsigned long long)getpid()) < 0)
+ goto cleanup;
+
++ if (virProcessGetStartTime(getpid(), ×tamp) < 0)
++ goto cleanup;
++
++ if (timestamp != 0 &&
++ virAsprintf(&processtime, "%llu", timestamp) < 0)
++ goto cleanup;
++
+ if (!(username = virGetUserName(getuid())))
+ goto cleanup;
+ if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
+@@ -198,6 +208,11 @@ virIdentityPtr virIdentityGetSystem(void)
+ VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
+ processid) < 0)
+ goto error;
++ if (processtime &&
++ virIdentitySetAttr(ret,
++ VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
++ processtime) < 0)
++ goto error;
+
+ cleanup:
+ VIR_FREE(username);
+@@ -206,6 +221,7 @@ cleanup:
+ VIR_FREE(groupid);
+ VIR_FREE(seccontext);
+ VIR_FREE(processid);
++ VIR_FREE(processtime);
+ return ret;
+
+ error:
+--
+1.8.3.1
+
|