Ensure system identity includes process start time

The polkit access driver will want to use the process start
time field. This was already set for network identities, but
not for the system identity.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit e65667c0c6e016d42abea077e31628ae43f57b74)

diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index 96c0b2caee7a37fc007685709c6332c153ca2259..26157a5991ec657961ff8a23387e2bac660a146c 100644 (file)
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -35,6 +35,7 @@
 #include "virthread.h"
 #include "virutil.h"
 #include "virstring.h"
+#include "virprocess.h"
 
 #define VIR_FROM_THIS VIR_FROM_IDENTITY
 
@@ -142,6 +143,8 @@ virIdentityPtr virIdentityGetSystem(void)
     security_context_t con;
 #endif
     char *processid = NULL;
+    unsigned long long timestamp;
+    char *processtime = NULL;
 
     if (virAsprintf(&processid, "%llu",
                     (unsigned long long)getpid()) < 0) {
@@ -149,6 +152,13 @@ virIdentityPtr virIdentityGetSystem(void)
         goto cleanup;
     }
 
+    if (virProcessGetStartTime(getpid(), &timestamp) < 0)
+        goto cleanup;
+
+    if (timestamp != 0 &&
+        virAsprintf(&processtime, "%llu", timestamp) < 0)
+        goto cleanup;
+
     if (!(username = virGetUserName(getuid())))
         goto cleanup;
     if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
@@ -200,6 +210,11 @@ virIdentityPtr virIdentityGetSystem(void)
                            VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
                            processid) < 0)
         goto error;
+    if (processtime &&
+        virIdentitySetAttr(ret,
+                           VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
+                           processtime) < 0)
+        goto error;
 
 cleanup:
     VIR_FREE(username);
@@ -208,6 +223,7 @@ cleanup:
     VIR_FREE(groupid);
     VIR_FREE(seccontext);
     VIR_FREE(processid);
+    VIR_FREE(processtime);
     return ret;
 
 error: