From 53bd0cebd395ee08e8b45dd00677afe974310e67 Mon Sep 17 00:00:00 2001
From: Taku Izumi <izumi.taku@jp.fujitsu.com>
Date: Mon, 30 Jan 2012 23:50:00 -0500
Subject: [PATCH] util: add functions to keep capabilities

This patch introduces virSetCapabilities() function and implements
virCommandAllowCap() function.

Existing virClearCapabilities() is function to clear all capabilities.
Instead virSetCapabilities() is function to set arbitrary capabilities.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
Signed-off-by: Shota Hirae <m11g1401@hibikino.ne.jp>
---
 src/util/command.c | 44 ++++++++++++++++++++++++++++++++++++++------
 src/util/command.h |  2 --
 2 files changed, 38 insertions(+), 8 deletions(-)

diff --git a/src/util/command.c b/src/util/command.c
index dc3cfc5430..6b43584d4c 100644
--- a/src/util/command.c
+++ b/src/util/command.c
@@ -103,6 +103,8 @@ struct _virCommand {
     pid_t pid;
     char *pidfile;
     bool reap;
+
+    unsigned long long capabilities;
 };
 
 /*
@@ -168,6 +170,7 @@ virCommandFDSet(int fd,
 #ifndef WIN32
 
 # if HAVE_CAPNG
+static int virClearCapabilities(void) ATTRIBUTE_UNUSED;
 static int virClearCapabilities(void)
 {
     int ret;
@@ -182,6 +185,33 @@ static int virClearCapabilities(void)
 
     return 0;
 }
+
+/**
+ * virSetCapabilities:
+ *  @capabilities - capability flag to set.
+ *                  In case of 0, this function is identical to
+ *                  virClearCapabilities()
+ *
+ */
+static int virSetCapabilities(unsigned long long capabilities)
+{
+    int ret, i;
+
+    capng_clear(CAPNG_SELECT_BOTH);
+
+    for (i = 0; i <= CAP_LAST_CAP; i++) {
+        if (capabilities & (1ULL << i))
+            capng_update(CAPNG_ADD, CAPNG_BOUNDING_SET, i);
+    }
+
+    if ((ret = capng_apply(CAPNG_SELECT_BOTH)) < 0) {
+        virCommandError(VIR_ERR_INTERNAL_ERROR,
+                        _("cannot apply process capabilities %d"), ret);
+        return -1;
+    }
+
+    return 0;
+}
 # else
 static int virClearCapabilities(void)
 {
@@ -189,6 +219,11 @@ static int virClearCapabilities(void)
 //             "capabilities");
     return 0;
 }
+
+static int virSetCapabilities(unsigned long long capabilities)
+{
+    return 0;
+}
 # endif
 
 /**
@@ -883,26 +918,23 @@ virCommandClearCaps(virCommandPtr cmd)
     cmd->flags |= VIR_EXEC_CLEAR_CAPS;
 }
 
-#if 0 /* XXX Enable if we have a need for capability management.  */
-
 /**
  * virCommandAllowCap:
  * @cmd: the command to modify
  * @capability: what to allow
  *
- * Re-allow a specific capability
+ * Allow specific capabilities
  */
 void
 virCommandAllowCap(virCommandPtr cmd,
-                   int capability ATTRIBUTE_UNUSED)
+                   int capability)
 {
     if (!cmd || cmd->has_error)
         return;
 
-    /* XXX ? */
+    cmd->capabilities |= (1ULL << capability);
 }
 
-#endif /* 0 */
 
 
 /**
diff --git a/src/util/command.h b/src/util/command.h
index 1386d57ad5..07aa0b32e9 100644
--- a/src/util/command.h
+++ b/src/util/command.h
@@ -60,10 +60,8 @@ void virCommandSetPidFile(virCommandPtr cmd,
 
 void virCommandClearCaps(virCommandPtr cmd);
 
-# if 0
 void virCommandAllowCap(virCommandPtr cmd,
                         int capability);
-# endif
 
 void virCommandDaemonize(virCommandPtr cmd);
 
-- 
2.47.2