[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2] run QEMU as non-root

Stefano Stabellini writes ("[PATCH v2] run QEMU as non-root"):
> +2) a user named "xen-qemudepriv-base", adding domid to its uid
> +If xen-qemudepriv-base has uid 6000, and the domid is 25, libxl will try
> +to use uid 6025. To use this mechanism, you might want to create a large
> +number of users at installation time. For example:

You should document explicitly, and not just in the example, that this
will require the reservation of 65536 uids from the uid of
xen-qemudepriv-base to that uid+65535.

> +        buf_size = sysconf(_SC_GETPW_R_SIZE_MAX);
> +        if (buf_size < 0) {
> +            LOGE(ERROR, "sysconf(_SC_GETPW_R_SIZE_MAX) returned error %ld", 
> buf_size);
> +            goto end_search;
> +        }
> +        buf = libxl__malloc(gc, buf_size);

This is not the correct use of getpwnam_r.  getpwnam_r is allowed to
fail with ERANGE even if the buffer you provide is as big as the
sysconf requested.

But: is qemu at this point actually multithreaded ?  If not then
plain getpwnam is probably better...

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.