util: introduce concept of a system token into identities

author Daniel P. Berrangé <berrange@redhat.com>

Thu, 19 Nov 2020 12:26:17 +0000 (12:26 +0000)

committer Daniel P. Berrangé <berrange@redhat.com>

Thu, 13 May 2021 10:07:15 +0000 (11:07 +0100)
author Daniel P. Berrangé <berrange@redhat.com>
Thu, 19 Nov 2020 12:26:17 +0000 (12:26 +0000)
committer Daniel P. Berrangé <berrange@redhat.com>
Thu, 13 May 2021 10:07:15 +0000 (11:07 +0100)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms

index 23621fcfd0b1b2f28ac4b3eb040b50d323e2f602..aaae1c80023b5dc78d9b32d4fe4de0d814ac57d0 100644 (file)
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2404,6 +2404,7 @@ virIdentityGetProcessTime;
  virIdentityGetSASLUserName;
  virIdentityGetSELinuxContext;
  virIdentityGetSystem;
+virIdentityGetSystemToken;
  virIdentityGetUNIXGroupID;
  virIdentityGetUNIXUserID;
  virIdentityGetUserName;
@@ -2416,6 +2417,7 @@ virIdentitySetProcessID;
  virIdentitySetProcessTime;
  virIdentitySetSASLUserName;
  virIdentitySetSELinuxContext;
+virIdentitySetSystemToken;
  virIdentitySetUNIXGroupID;
  virIdentitySetUNIXUserID;
  virIdentitySetUserName;
diff --git a/src/util/viridentity.c b/src/util/viridentity.c

index 7edb6a171a9c3f3ab6001fccc077095cda3807e2..7da4ea12f571eb75599d1f97ea068d1e2ebaef62 100644 (file)
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -40,6 +40,8 @@
  
  #define VIR_FROM_THIS VIR_FROM_IDENTITY
  
+#define VIR_CONNECT_IDENTITY_SYSTEM_TOKEN "system.token"
+
  VIR_LOG_INIT("util.identity");
  
  struct _virIdentity {
@@ -382,6 +384,17 @@ int virIdentityGetSELinuxContext(virIdentity *ident,
  }
  
  
+int virIdentityGetSystemToken(virIdentity *ident,
+                              const char **token)
+{
+    *token = NULL;
+    return virTypedParamsGetString(ident->params,
+                                   ident->nparams,
+                                   VIR_CONNECT_IDENTITY_SYSTEM_TOKEN,
+                                   token);
+}
+
+
  int virIdentitySetUserName(virIdentity *ident,
                             const char *username)
  {
@@ -554,6 +567,25 @@ int virIdentitySetSELinuxContext(virIdentity *ident,
  }
  
  
+int virIdentitySetSystemToken(virIdentity *ident,
+                              const char *token)
+{
+    if (virTypedParamsGet(ident->params,
+                          ident->nparams,
+                          VIR_CONNECT_IDENTITY_SYSTEM_TOKEN)) {
+        virReportError(VIR_ERR_OPERATION_DENIED, "%s",
+                       _("Identity attribute is already set"));
+        return -1;
+    }
+
+    return virTypedParamsAddString(&ident->params,
+                                   &ident->nparams,
+                                   &ident->maxparams,
+                                   VIR_CONNECT_IDENTITY_SYSTEM_TOKEN,
+                                   token);
+}
+
+
  int virIdentitySetParameters(virIdentity *ident,
                               virTypedParameterPtr params,
                               int nparams)
@@ -577,6 +609,8 @@ int virIdentitySetParameters(virIdentity *ident,
                                 VIR_TYPED_PARAM_STRING,
                                 VIR_CONNECT_IDENTITY_SELINUX_CONTEXT,
                                 VIR_TYPED_PARAM_STRING,
+                               VIR_CONNECT_IDENTITY_SYSTEM_TOKEN,
+                               VIR_TYPED_PARAM_STRING,
                                 NULL) < 0)
          return -1;
  
diff --git a/src/util/viridentity.h b/src/util/viridentity.h

index fa3f46788cd73c30ebef3fc81c044d5a54381452..640a7ba2e41c1e0b6827b76acb2620fdd71238bf 100644 (file)
--- a/src/util/viridentity.h
+++ b/src/util/viridentity.h
@@ -52,6 +52,8 @@ int virIdentityGetX509DName(virIdentity *ident,
                              const char **dname);
  int virIdentityGetSELinuxContext(virIdentity *ident,
                                   const char **context);
+int virIdentityGetSystemToken(virIdentity *ident,
+                              const char **token);
  
  
  int virIdentitySetUserName(virIdentity *ident,
@@ -72,6 +74,8 @@ int virIdentitySetX509DName(virIdentity *ident,
                              const char *dname);
  int virIdentitySetSELinuxContext(virIdentity *ident,
                                   const char *context);
+int virIdentitySetSystemToken(virIdentity *ident,
+                              const char *token);
  
  int virIdentitySetParameters(virIdentity *ident,
                               virTypedParameterPtr params,
author	Daniel P. Berrangé <berrange@redhat.com>
	Thu, 19 Nov 2020 12:26:17 +0000 (12:26 +0000)
committer	Daniel P. Berrangé <berrange@redhat.com>
	Thu, 13 May 2021 10:07:15 +0000 (11:07 +0100)
src/libvirt_private.syms		patch \| blob \| blame \| history
src/util/viridentity.c		patch \| blob \| blame \| history
src/util/viridentity.h		patch \| blob \| blame \| history