Ubuntu Pastebin

Paste from rharper at Tue, 28 Jun 2016 14:40:38 +0000

Download as text 
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
diff -Nru libvirt-1.3.1/debian/changelog libvirt-1.3.1/debian/changelog
--- libvirt-1.3.1/debian/changelog	2016-03-11 17:01:29.000000000 -0600
+++ libvirt-1.3.1/debian/changelog	2016-04-07 09:05:31.000000000 -0500
@@ -1,3 +1,11 @@
+libvirt (1.3.1-1ubuntu9) xenial; urgency=medium
+
+  * fix file removal in storage pools (LP: #XXXXXX)
+    - debian/patches/fix-vol-remove-only-setuid-for-virFileRemove-if-on-NFS.patch
+    - debian/patches/fix-vol-remove-vir-file-breakout.patch
+
+ -- Ryan Harper <ryan.harper@canonical.com>  Thu, 07 Apr 2016 09:04:24 -0500
+
 libvirt (1.3.1-1ubuntu8) xenial; urgency=medium
 
   * d/p/u/virt-aa-helper-add-guest-agent-rule.patch: this actually solves
diff -Nru libvirt-1.3.1/debian/patches/fix-vol-remove-only-setuid-for-virFileRemove-if-on-NFS.patch libvirt-1.3.1/debian/patches/fix-vol-remove-only-setuid-for-virFileRemove-if-on-NFS.patch
--- libvirt-1.3.1/debian/patches/fix-vol-remove-only-setuid-for-virFileRemove-if-on-NFS.patch	1969-12-31 18:00:00.000000000 -0600
+++ libvirt-1.3.1/debian/patches/fix-vol-remove-only-setuid-for-virFileRemove-if-on-NFS.patch	2016-04-07 09:03:13.000000000 -0500
@@ -0,0 +1,62 @@
+Description: fix file removal in storage volumes
+ Subject: [PATCH] util: virfile: Only setuid for virFileRemove if on NFS
+
+ NFS with root-squash is the only reason we need to do setuid/setgid
+ crazyness in virFileRemove, so limit that behavior to the NFS case.
+Author: Cole Robinson <crobinso@redhat.com>
+Origin: https://libvirt.org/git/?p=libvirt.git;a=patch;h=adefc561cc4c6a007529769c3df286f2ed461684
+Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=1293804
+Bug-Ubuntu:
+Applied-Upstream: https://libvirt.org/git/?p=libvirt.git;a=patch;h=adefc561cc4c6a007529769c3df286f2ed461684
+Last-Update: 20160407
+
+---
+ src/util/virfile.c |   11 +++++++++--
+ 1 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/src/util/virfile.c b/src/util/virfile.c
+index a913903..0bba850 100644
+--- a/src/util/virfile.c
++++ b/src/util/virfile.c
+@@ -2315,6 +2315,7 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
+ 
+ 
+ /* virFileRemoveNeedsSetuid:
++ * @path: file we plan to remove
+  * @uid: file uid to check
+  * @gid: file gid to check
+  *
+@@ -2322,7 +2323,7 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
+  * owned by the passed uid/gid pair. Needed for NFS with root-squash
+  */
+ static bool
+-virFileRemoveNeedsSetuid(uid_t uid, gid_t gid)
++virFileRemoveNeedsSetuid(const char *path, uid_t uid, gid_t gid)
+ {
+     /* If running unprivileged, setuid isn't going to work */
+     if (geteuid() != 0)
+@@ -2336,6 +2337,12 @@ virFileRemoveNeedsSetuid(uid_t uid, gid_t gid)
+     if (uid == geteuid() && gid == getegid())
+         return false;
+ 
++    /* Only perform the setuid stuff for NFS, which is the only case
++       that may actually need it. This can error, but just be safe and
++       only check for a clear negative result. */
++    if (virFileIsSharedFSType(path, VIR_FILE_SHFS_NFS) == 0)
++        return false;
++
+     return true;
+ }
+ 
+@@ -2361,7 +2368,7 @@ virFileRemove(const char *path,
+     gid_t *groups;
+     int ngroups;
+ 
+-    if (!virFileRemoveNeedsSetuid(uid, gid)) {
++    if (!virFileRemoveNeedsSetuid(path, uid, gid)) {
+         if (virFileIsDir(path))
+             return rmdir(path);
+         else
+-- 
+1.7.1
+
diff -Nru libvirt-1.3.1/debian/patches/fix-vol-remove-vir-file-breakout.patch libvirt-1.3.1/debian/patches/fix-vol-remove-vir-file-breakout.patch
--- libvirt-1.3.1/debian/patches/fix-vol-remove-vir-file-breakout.patch	1969-12-31 18:00:00.000000000 -0600
+++ libvirt-1.3.1/debian/patches/fix-vol-remove-vir-file-breakout.patch	2016-04-07 09:03:04.000000000 -0500
@@ -0,0 +1,63 @@
+From: Cole Robinson <crobinso@redhat.com>
+Date: Wed, 9 Mar 2016 15:53:54 +0000 (-0500)
+Subject: util: virfile: Clarify setuid usage for virFileRemove
+X-Git-Tag: v1.3.3-rc1~249
+X-Git-Url: https://libvirt.org/git/?p=libvirt.git;a=commitdiff_plain;h=7cf5343709935694b76af7b134447a2c555400b6
+
+util: virfile: Clarify setuid usage for virFileRemove
+
+Break these checks out into their own function, and clearly document
+each one. This shouldn't change behavior
+---
+
+diff --git a/src/util/virfile.c b/src/util/virfile.c
+index f45e18f..a913903 100644
+--- a/src/util/virfile.c
++++ b/src/util/virfile.c
+@@ -2314,6 +2314,32 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
+ }
+ 
+ 
++/* virFileRemoveNeedsSetuid:
++ * @uid: file uid to check
++ * @gid: file gid to check
++ *
++ * Return true if we should use setuid/setgid before deleting a file
++ * owned by the passed uid/gid pair. Needed for NFS with root-squash
++ */
++static bool
++virFileRemoveNeedsSetuid(uid_t uid, gid_t gid)
++{
++    /* If running unprivileged, setuid isn't going to work */
++    if (geteuid() != 0)
++        return false;
++
++    /* uid/gid weren't specified */
++    if ((uid == (uid_t) -1) && (gid == (gid_t) -1))
++        return false;
++
++    /* already running as proper uid/gid */
++    if (uid == geteuid() && gid == getegid())
++        return false;
++
++    return true;
++}
++
++
+ /* virFileRemove:
+  * @path: file to unlink or directory to remove
+  * @uid: uid that was used to create the file (not required)
+@@ -2335,12 +2361,7 @@ virFileRemove(const char *path,
+     gid_t *groups;
+     int ngroups;
+ 
+-    /* If not running as root or if a non explicit uid/gid was being used for
+-     * the file/volume or the explicit uid/gid matches, then use unlink directly
+-     */
+-    if ((geteuid() != 0) ||
+-        ((uid == (uid_t) -1) && (gid == (gid_t) -1)) ||
+-        (uid == geteuid() && gid == getegid())) {
++    if (!virFileRemoveNeedsSetuid(uid, gid)) {
+         if (virFileIsDir(path))
+             return rmdir(path);
+         else
diff -Nru libvirt-1.3.1/debian/patches/series libvirt-1.3.1/debian/patches/series
--- libvirt-1.3.1/debian/patches/series	2016-03-11 16:53:54.000000000 -0600
+++ libvirt-1.3.1/debian/patches/series	2016-04-07 09:04:07.000000000 -0500
@@ -52,3 +52,5 @@
 ubuntu/virt-aa-helper-no-explicity-deny-for-basefiles.patch
 ubuntu/virt-aa-helper-helpfix.patch
 ubuntu/virt-aa-helper-add-guest-agent-rule.patch
+fix-vol-remove-vir-file-breakout.patch
+fix-vol-remove-only-setuid-for-virFileRemove-if-on-NFS.patch
Download as text