Also store user & group ID values in virIdentity

Future improvements to the polkit code will require access to
the numeric user ID, not merely user name.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
index 83d5cf17297ce2aa3ca2ece745d58059d703fd5a..19c4100d5e0dd7ac7cc7a106720aa50d2c9497ca 100644 (file)
--- a/src/rpc/virnetserverclient.c
+++ b/src/rpc/virnetserverclient.c
@@ -652,7 +652,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
     char *processid = NULL;
     char *processtime = NULL;
     char *username = NULL;
+    char *userid = NULL;
     char *groupname = NULL;
+    char *groupid = NULL;
 #if WITH_SASL
     char *saslname = NULL;
 #endif
@@ -672,8 +674,12 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
 
         if (!(username = virGetUserName(uid)))
             goto cleanup;
+        if (virAsprintf(&userid, "%d", (int)uid) < 0)
+            goto cleanup;
         if (!(groupname = virGetGroupName(gid)))
             goto cleanup;
+        if (virAsprintf(&userid, "%d", (int)gid) < 0)
+            goto cleanup;
         if (virAsprintf(&processid, "%llu",
                         (unsigned long long)pid) < 0)
             goto cleanup;
@@ -710,11 +716,21 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
                            VIR_IDENTITY_ATTR_UNIX_USER_NAME,
                            username) < 0)
         goto error;
+    if (userid &&
+        virIdentitySetAttr(ret,
+                           VIR_IDENTITY_ATTR_UNIX_USER_ID,
+                           userid) < 0)
+        goto error;
     if (groupname &&
         virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
                            groupname) < 0)
         goto error;
+    if (groupid &&
+        virIdentitySetAttr(ret,
+                           VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
+                           groupid) < 0)
+        goto error;
     if (processid &&
         virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
@@ -745,7 +761,9 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
 
 cleanup:
     VIR_FREE(username);
+    VIR_FREE(userid);
     VIR_FREE(groupname);
+    VIR_FREE(groupid);
     VIR_FREE(processid);
     VIR_FREE(processtime);
     VIR_FREE(seccontext);

diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index 781f660d1310a7fdf38ab2496d3e6faa4044fe39..03c375bccffe1e0ceeef66ac2b3dad2d5ada91ce 100644 (file)
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -133,7 +133,9 @@ int virIdentitySetCurrent(virIdentityPtr ident)
 virIdentityPtr virIdentityGetSystem(void)
 {
     char *username = NULL;
+    char *userid = NULL;
     char *groupname = NULL;
+    char *groupid = NULL;
     char *seccontext = NULL;
     virIdentityPtr ret = NULL;
 #if WITH_SELINUX
@@ -147,8 +149,13 @@ virIdentityPtr virIdentityGetSystem(void)
 
     if (!(username = virGetUserName(getuid())))
         goto cleanup;
+    if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
+        goto cleanup;
+
     if (!(groupname = virGetGroupName(getgid())))
         goto cleanup;
+    if (virAsprintf(&groupid, "%d", (int)getgid()) < 0)
+        goto cleanup;
 
 #if WITH_SELINUX
     if (getcon(&con) < 0) {
@@ -166,16 +173,22 @@ virIdentityPtr virIdentityGetSystem(void)
     if (!(ret = virIdentityNew()))
         goto cleanup;
 
-    if (username &&
-        virIdentitySetAttr(ret,
+    if (virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_UNIX_USER_NAME,
                            username) < 0)
         goto error;
-    if (groupname &&
-        virIdentitySetAttr(ret,
+    if (virIdentitySetAttr(ret,
+                           VIR_IDENTITY_ATTR_UNIX_USER_ID,
+                           userid) < 0)
+        goto error;
+    if (virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
                            groupname) < 0)
         goto error;
+    if (virIdentitySetAttr(ret,
+                           VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
+                           groupid) < 0)
+        goto error;
     if (seccontext &&
         virIdentitySetAttr(ret,
                            VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
@@ -188,7 +201,9 @@ virIdentityPtr virIdentityGetSystem(void)
 
 cleanup:
     VIR_FREE(username);
+    VIR_FREE(userid);
     VIR_FREE(groupname);
+    VIR_FREE(groupid);
     VIR_FREE(seccontext);
     VIR_FREE(processid);
     return ret;

diff --git a/src/util/viridentity.h b/src/util/viridentity.h
index 4bae8d63d7cb900f14e7b1192c4b9ce4dafdaedb..a240c2da0543684259819aa8db4c5285b16537de 100644 (file)
--- a/src/util/viridentity.h
+++ b/src/util/viridentity.h
@@ -29,7 +29,9 @@ typedef virIdentity *virIdentityPtr;
 
 typedef enum {
       VIR_IDENTITY_ATTR_UNIX_USER_NAME,
+      VIR_IDENTITY_ATTR_UNIX_USER_ID,
       VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
+      VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
       VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
       VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
       VIR_IDENTITY_ATTR_SASL_USER_NAME,