[libvirt] [PATCH] virnetsocket: fix getsockopt on FreeBSD

Ryota Ozaki ozaki.ryota at gmail.com
Sat Nov 2 16:20:00 UTC 2013 

ping?

Hope it's in the next release. It fixes libvirtd to accept virsh
accesses on localhost.

  ozaki-r

On Fri, Oct 25, 2013 at 12:48 AM, Ryota Ozaki <ozaki.ryota at gmail.com> wrote:
> aa0f099 introduced a strict error checking for getsockopt and it
> revealed that getting a peer credential of a socket on FreeBSD
> didn't work. Libvirtd hits the error:
>   error : virNetSocketGetUNIXIdentity:1198 : Failed to get valid
>   client socket identity groups
>
> SOL_SOCKET (0xffff) was used as a level of getsockopt for
> LOCAL_PEERCRED, however, it was wrong. 0 is correct as well as
> Mac OS X.
>
> So for LOCAL_PEERCRED our options are SOL_LOCAL (if defined) or
> 0 on Mac OS X and FreeBSD. According to the fact, the patch
> simplifies the code by removing ifdef __APPLE__.
>
> I tested the patch on FreeBSD 8.4, 9.2 and 10.0-BETA1.
>
> Signed-off-by: Ryota Ozaki <ozaki.ryota at gmail.com>
> ---
>  src/rpc/virnetsocket.c | 21 ++++++++++-----------
>  1 file changed, 10 insertions(+), 11 deletions(-)
>
> diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
> index 3eb5708..04bf25a 100644
> --- a/src/rpc/virnetsocket.c
> +++ b/src/rpc/virnetsocket.c
> @@ -1152,18 +1152,17 @@ cleanup:
>  /* VIR_SOL_PEERCRED - the value needed to let getsockopt() work with
>   * LOCAL_PEERCRED
>   */
> -# ifdef __APPLE__
> -#  ifdef SOL_LOCAL
> -#   define VIR_SOL_PEERCRED SOL_LOCAL
> -#  else
> -/* Prior to Mac OS X 10.7, SOL_LOCAL was not defined and users were
> - * expected to supply 0 as the second value for getsockopt() when using
> - * LOCAL_PEERCRED
> - */
> -#   define VIR_SOL_PEERCRED 0
> -#  endif
> +
> +/* Mac OS X 10.8 provides SOL_LOCAL for LOCAL_PEERCRED */
> +# ifdef SOL_LOCAL
> +#  define VIR_SOL_PEERCRED SOL_LOCAL
>  # else
> -#  define VIR_SOL_PEERCRED SOL_SOCKET
> +/* FreeBSD and Mac OS X prior to 10.7, SOL_LOCAL is not defined and
> + * users are expected to supply 0 as the second value for getsockopt()
> + * when using LOCAL_PEERCRED. NB SOL_SOCKET cannot be used instead
> + * of SOL_LOCAL
> + */
> +#  define VIR_SOL_PEERCRED 0
>  # endif
>
>  int virNetSocketGetUNIXIdentity(virNetSocketPtr sock,
> --
> 1.8.4
>

More information about the libvir-list mailing list