Re: [Xen-devel] [PATCH v8] run QEMU as non-root

[Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>]

On Fri, 2 Oct 2015, Ian Campbell wrote:
> On Wed, 2015-09-30 at 16:45 +0100, Stefano Stabellini wrote:
> 
> > QEMU is going to setuid and setgid to the user ID and the group ID of
> > the specified user, soon after initialization, before starting to deal
> > with any guest IO.
> 
> Can you confirm that QEMU will bail if the user given via -runas doesn't
> exist.

It prints the error

User "blah" doesn't exist

and exits.


> IOW if the user gives b_info->device_model_user != NULL we will
> correctly end up bailing if that specific user doesn't exist rather than
> running as root?

Yes


> If that is the case then:
> 
> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx>

Thanks


> Wasn't there some code to plumb this into xl at one point? Did that get
> dropped along the way?

device_model_user is added to the idl by this patch, I think that is
enough, right?


> > [...]
> > +        user = NULL;
> > +        LOG(WARN, "Could not find user %s, starting QEMU as root",
> > +            LIBXL_QEMU_USER_SHARED);
> > +
> > +end_search:
> > +        if (user != NULL && strcmp(user, "root")) {
> 
> This strcmp struck me as odd given the user = NULL just above, but this is
> for the case where the user explicitly requested root, right?

Yes, that's right


> > +            flexarray_append(dm_args, "-runas");
> > +            flexarray_append(dm_args, user);
> > +        }

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel