From 8847cfe8aa9d8f6b8648aafd5d929a57d836cc61 Mon Sep 17 00:00:00 2001 From: Jes Sorensen Date: Thu, 10 Jun 2010 11:42:26 +0200 Subject: Move runas handling from vl.c to OS specific files. Move code to handle runas, ie. change of user id of QEMU process to OS specific files and provide dummy stub for Win32. Signed-off-by: Jes Sorensen Acked-by: Juan Quintela Acked-by: Richard Henderson Signed-off-by: Blue Swirl --- os-posix.c | 28 ++++++++++++++++++++++++++++ qemu-os-posix.h | 1 + qemu-os-win32.h | 1 + vl.c | 29 +---------------------------- 4 files changed, 31 insertions(+), 28 deletions(-) diff --git a/os-posix.c b/os-posix.c index 0deddf3e41..8b686a44e1 100644 --- a/os-posix.c +++ b/os-posix.c @@ -28,6 +28,7 @@ #include #include #include +#include #include /* Needed early for CONFIG_BSD etc. */ @@ -36,6 +37,8 @@ #include "net/slirp.h" #include "qemu-options.h" +static struct passwd *user_pwd; + void os_setup_early_signal_handling(void) { struct sigaction act; @@ -146,6 +149,31 @@ void os_parse_cmd_args(int index, const char *optarg) exit(1); break; #endif + case QEMU_OPTION_runas: + user_pwd = getpwnam(optarg); + if (!user_pwd) { + fprintf(stderr, "User \"%s\" doesn't exist\n", optarg); + exit(1); + } + break; } return; } + +void os_change_process_uid(void) +{ + if (user_pwd) { + if (setgid(user_pwd->pw_gid) < 0) { + fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid); + exit(1); + } + if (setuid(user_pwd->pw_uid) < 0) { + fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid); + exit(1); + } + if (setuid(0) != -1) { + fprintf(stderr, "Dropping privileges failed\n"); + exit(1); + } + } +} diff --git a/qemu-os-posix.h b/qemu-os-posix.h index ff5adb1b2b..6d8cf79899 100644 --- a/qemu-os-posix.h +++ b/qemu-os-posix.h @@ -31,5 +31,6 @@ static inline void os_host_main_loop_wait(int *timeout) } void os_setup_signal_handling(void); +void os_change_process_uid(void); #endif diff --git a/qemu-os-win32.h b/qemu-os-win32.h index e7e2ee3abf..70fdca55c5 100644 --- a/qemu-os-win32.h +++ b/qemu-os-win32.h @@ -43,5 +43,6 @@ void qemu_del_wait_object(HANDLE handle, WaitObjectFunc *func, void *opaque); void os_host_main_loop_wait(int *timeout); static inline void os_setup_signal_handling(void) {} +static inline void os_change_process_uid(void) {} #endif diff --git a/vl.c b/vl.c index b08b5adf9a..723154b56f 100644 --- a/vl.c +++ b/vl.c @@ -34,7 +34,6 @@ #ifndef _WIN32 #include -#include #include #include #include @@ -2310,9 +2309,7 @@ int main(int argc, char **argv, char **envp) const char *incoming = NULL; #ifndef _WIN32 int fd = 0; - struct passwd *pwd = NULL; const char *chroot_dir = NULL; - const char *run_as = NULL; #endif int show_vnc_port = 0; int defconfig = 1; @@ -3060,9 +3057,6 @@ int main(int argc, char **argv, char **envp) case QEMU_OPTION_chroot: chroot_dir = optarg; break; - case QEMU_OPTION_runas: - run_as = optarg; - break; #endif case QEMU_OPTION_xen_domid: if (!(xen_available())) { @@ -3554,14 +3548,6 @@ int main(int argc, char **argv, char **envp) exit(1); } - if (run_as) { - pwd = getpwnam(run_as); - if (!pwd) { - fprintf(stderr, "User \"%s\" doesn't exist\n", run_as); - exit(1); - } - } - if (chroot_dir) { if (chroot(chroot_dir) < 0) { fprintf(stderr, "chroot failed\n"); @@ -3573,20 +3559,7 @@ int main(int argc, char **argv, char **envp) } } - if (run_as) { - if (setgid(pwd->pw_gid) < 0) { - fprintf(stderr, "Failed to setgid(%d)\n", pwd->pw_gid); - exit(1); - } - if (setuid(pwd->pw_uid) < 0) { - fprintf(stderr, "Failed to setuid(%d)\n", pwd->pw_uid); - exit(1); - } - if (setuid(0) != -1) { - fprintf(stderr, "Dropping privileges failed\n"); - exit(1); - } - } + os_change_process_uid(); if (daemonize) { dup2(fd, 0); -- cgit v1.2.3