From 7fa7f7eeb6e969e002845928e155914da2fc8cd0 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20P=2E=20Berrang=C3=A9?= Date: Wed, 1 Jul 2020 17:36:51 +0100 Subject: [PATCH] util: add access check for hooks to fix running as non-root MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Since feb83c1e710b9ea8044a89346f4868d03b31b0f1 libvirtd will abort on startup if run as non-root 2020-07-01 16:30:30.738+0000: 1647444: error : virDirOpenInternal:2869 : cannot open directory '/etc/libvirt/hooks/daemon.d': Permission denied The root cause flaw is that non-root libvirtd is using /etc/libvirt for its hooks. Traditionally that has been harmless though since we checked whether we could access the hook file and degraded gracefully. We need the same access check for iterating over the hook directory. Long term we should make it possible to have an unprivileged hook dir under $HOME. Reviewed-by: Daniel Henrique Barboza Signed-off-by: Daniel P. Berrangé --- src/util/virhook.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/util/virhook.c b/src/util/virhook.c index 3e025fd3a6..d1ac518c24 100644 --- a/src/util/virhook.c +++ b/src/util/virhook.c @@ -171,6 +171,12 @@ virHookCheck(int no, const char *driver) } dir_path = g_strdup_printf("%s.d", path); + + if (!virFileIsExecutable(dir_path)) { + VIR_DEBUG("Hook dir %s is not accessible", dir_path); + return 1; + } + if ((ret = virDirOpenIfExists(&dir, dir_path)) < 0) return -1; @@ -415,6 +421,10 @@ virHookCall(int driver, } dir_path = g_strdup_printf("%s.d", path); + + if (!virFileIsExecutable(dir_path)) + return script_ret; + if ((ret = virDirOpenIfExists(&dir, dir_path)) < 0) return -1; -- 2.47.2