[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH] qemud: move check for polkit before config file check



Hi,
Without this patch and without a /etc/libvirt/libvirt.conf config file
the default policy for running the daemon as non root user is still
polkit which is bad. Please apply.
Cheers,
 -- Guido
 qemud/qemud.c |   16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/qemud/qemud.c b/qemud/qemud.c
index 30557e1..9da27d2 100644
--- a/qemud/qemud.c
+++ b/qemud/qemud.c
@@ -1912,6 +1912,14 @@ remoteReadConfigFile (struct qemud_server *server, const char *filename)
     char *unix_sock_rw_perms = NULL;
     char *unix_sock_group = NULL;
 
+#if HAVE_POLKIT
+    /* Change the default back to no auth for non-root */
+    if (getuid() != 0 && auth_unix_rw == REMOTE_AUTH_POLKIT)
+        auth_unix_rw = REMOTE_AUTH_NONE;
+    if (getuid() != 0 && auth_unix_ro == REMOTE_AUTH_POLKIT)
+        auth_unix_ro = REMOTE_AUTH_NONE;
+#endif
+
     /* Just check the file is readable before opening it, otherwise
      * libvirt emits an error.
      */
@@ -1926,14 +1934,6 @@ remoteReadConfigFile (struct qemud_server *server, const char *filename)
     GET_CONF_STR (conf, filename, tcp_port);
     GET_CONF_STR (conf, filename, listen_addr);
 
-#if HAVE_POLKIT
-    /* Change the default back to no auth for non-root */
-    if (getuid() != 0 && auth_unix_rw == REMOTE_AUTH_POLKIT)
-        auth_unix_rw = REMOTE_AUTH_NONE;
-    if (getuid() != 0 && auth_unix_ro == REMOTE_AUTH_POLKIT)
-        auth_unix_ro = REMOTE_AUTH_NONE;
-#endif
-
     if (remoteConfigGetAuth(conf, "auth_unix_rw", &auth_unix_rw, filename) < 0)
         goto free_and_fail;
 #if HAVE_POLKIT
-- 
1.5.6.3


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]