From: Michal Privoznik <mprivozn@redhat.com>
Date: Fri, 9 Feb 2024 08:03:29 +0000 (+0100)
Subject: viraccessdriverpolkit: Add missing vtpm case
X-Git-Tag: v10.1.0-rc1~65
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=63a416f3a1f68eaf2e770be78d0aa45c866a4dfe;p=thirdparty%2Flibvirt.git

viraccessdriverpolkit: Add missing vtpm case

When adding vtpm virSecret usage type (in v5.6.0-rc1~61) we
forgot to update polkit access check. This limited user's ability
to match secrets in their rules. Add missing case into switch in
virAccessDriverPolkitCheckSecret().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---

diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdriverpolkit.c
index c7ff81ee86..b78049583c 100644
--- a/src/access/viraccessdriverpolkit.c
+++ b/src/access/viraccessdriverpolkit.c
@@ -390,6 +390,19 @@ virAccessDriverPolkitCheckSecret(virAccessManager *manager,
                                          virAccessPermSecretTypeToString(perm),
                                          attrs);
     }   break;
+    case VIR_SECRET_USAGE_TYPE_VTPM: {
+        const char *attrs[] = {
+                    "connect_driver", driverName,
+                    "secret_uuid", uuidstr,
+                    "secret_usage_name", secret->usage_id,
+                    NULL,
+                };
+
+        return virAccessDriverPolkitCheck(manager,
+                                         "secret",
+                                         virAccessPermSecretTypeToString(perm),
+                                         attrs);
+    }   break;
     }
 }