[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 7/8] os-posix: Provide new -runasid option
From: |
Markus Armbruster |
Subject: |
Re: [Qemu-devel] [PATCH 7/8] os-posix: Provide new -runasid option |
Date: |
Mon, 09 Oct 2017 07:46:45 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) |
Ian Jackson <address@hidden> writes:
> This allows the caller to specify a uid and gid to use, even if there
> is no corresponding password entry. This will be useful in certain
> Xen configurations.
>
> Signed-off-by: Ian Jackson <address@hidden>
[...]
> diff --git a/qemu-options.hx b/qemu-options.hx
> index 9f6e2ad..34a5329 100644
> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -3968,6 +3968,18 @@ Immediately before starting guest execution, drop root
> privileges, switching
> to the specified user.
> ETEXI
>
> +#ifndef _WIN32
> +DEF("runasid", HAS_ARG, QEMU_OPTION_runasid, \
> + "-runasid uid.gid change to numeric uid and gid just before starting
> the VM\n",
> + QEMU_ARCH_ALL)
> +#endif
> +STEXI
> address@hidden -runasid @address@hidden
> address@hidden -runasid
> +Immediately before starting guest execution, drop root privileges, switching
> +to the specified uid and gid.
> +ETEXI
> +
> DEF("prom-env", HAS_ARG, QEMU_OPTION_prom_env,
> "-prom-env variable=value\n"
> " set OpenBIOS nvram variables\n",
The last thing the QEMU command line needs is more exotic options. Are
you sure we need a new one here? Can we make existing -runas serve?
Precedence: Coreutils[*]. Pseudo-code:
if argument is a decimal number starting with '+':
user ID
else if argument is a valid user name:
user name
else if argument is a valid user ID:
user ID
else:
error
[*]
https://www.gnu.org/software/coreutils/manual/html_node/Disambiguating-names-and-IDs.html
[Qemu-devel] [PATCH 3/8] xen: defer call to xen_restrict until after os_setup_post, Ian Jackson, 2017/10/04