Also store user & group ID values in virIdentity

Future improvements to the polkit code will require access to
the numeric user ID, not merely user name.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176)

diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
index 2fc48386cbe43490bdfe956282058b84e0f6b304..6b97cb688403e990b2fa0c9f7ad8183ebb66accc 100644 (file)
--- a/src/rpc/virnetserverclient.c
+++ b/src/rpc/virnetserverclient.c
@@ -657,7 +657,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
     char *processid = NULL;
     char *processtime = NULL;
     char *username = NULL;
+    char *userid = NULL;
     char *groupname = NULL;
+    char *groupid = NULL;
 #if WITH_SASL
     char *saslname = NULL;
 #endif
@@ -677,8 +679,12 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
 
         if (!(username = virGetUserName(uid)))
             goto cleanup;
+        if (virAsprintf(&userid, "%d", (int)uid) < 0)
+            goto cleanup;
         if (!(groupname = virGetGroupName(gid)))
             goto cleanup;
+        if (virAsprintf(&userid, "%d", (int)gid) < 0)
+            goto cleanup;
         if (virAsprintf(&processid, "%llu",
                         (unsigned long long)pid) < 0) {
             virReportOOMError();
@@ -719,11 +725,21 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
                            VIR_IDENTITY_ATTR_UNIX_USER_NAME,
                            username) < 0)
         goto error;
+    if (userid &&
+        virIdentitySetAttr(ret,
+                           VIR_IDENTITY_ATTR_UNIX_USER_ID,
+                           userid) < 0)
+        goto error;
     if (groupname &&
         virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
                            groupname) < 0)
         goto error;
+    if (groupid &&
+        virIdentitySetAttr(ret,
+                           VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
+                           groupid) < 0)
+        goto error;
     if (processid &&
         virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
@@ -754,7 +770,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
 
 cleanup:
     VIR_FREE(username);
+    VIR_FREE(userid);
     VIR_FREE(groupname);
+    VIR_FREE(groupid);
     VIR_FREE(processid);
     VIR_FREE(processtime);
     VIR_FREE(seccontext);

diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index 6d93d0f92633dccceeaf3bbd5a319c79378cef2e..96c0b2caee7a37fc007685709c6332c153ca2259 100644 (file)
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -133,7 +133,9 @@ int virIdentitySetCurrent(virIdentityPtr ident)
 virIdentityPtr virIdentityGetSystem(void)
 {
     char *username = NULL;
+    char *userid = NULL;
     char *groupname = NULL;
+    char *groupid = NULL;
     char *seccontext = NULL;
     virIdentityPtr ret = NULL;
 #if WITH_SELINUX
@@ -149,8 +151,13 @@ virIdentityPtr virIdentityGetSystem(void)
 
     if (!(username = virGetUserName(getuid())))
         goto cleanup;
+    if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
+        goto cleanup;
+
     if (!(groupname = virGetGroupName(getgid())))
         goto cleanup;
+    if (virAsprintf(&groupid, "%d", (int)getgid()) < 0)
+        goto cleanup;
 
 #if WITH_SELINUX
     if (getcon(&con) < 0) {
@@ -168,16 +175,22 @@ virIdentityPtr virIdentityGetSystem(void)
     if (!(ret = virIdentityNew()))
         goto cleanup;
 
-    if (username &&
-        virIdentitySetAttr(ret,
+    if (virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_UNIX_USER_NAME,
                            username) < 0)
         goto error;
-    if (groupname &&
-        virIdentitySetAttr(ret,
+    if (virIdentitySetAttr(ret,
+                           VIR_IDENTITY_ATTR_UNIX_USER_ID,
+                           userid) < 0)
+        goto error;
+    if (virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
                            groupname) < 0)
         goto error;
+    if (virIdentitySetAttr(ret,
+                           VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
+                           groupid) < 0)
+        goto error;
     if (seccontext &&
         virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
@@ -190,7 +203,9 @@ virIdentityPtr virIdentityGetSystem(void)
 
 cleanup:
     VIR_FREE(username);
+    VIR_FREE(userid);
     VIR_FREE(groupname);
+    VIR_FREE(groupid);
     VIR_FREE(seccontext);
     VIR_FREE(processid);
     return ret;

diff --git a/src/util/viridentity.h b/src/util/viridentity.h
index 4bae8d63d7cb900f14e7b1192c4b9ce4dafdaedb..a240c2da0543684259819aa8db4c5285b16537de 100644 (file)
--- a/src/util/viridentity.h
+++ b/src/util/viridentity.h
@@ -29,7 +29,9 @@ typedef virIdentity *virIdentityPtr;
 
 typedef enum {
       VIR_IDENTITY_ATTR_UNIX_USER_NAME,
+      VIR_IDENTITY_ATTR_UNIX_USER_ID,
       VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
+      VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
       VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
       VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
       VIR_IDENTITY_ATTR_SASL_USER_NAME,