[libvirt] [PATCH v2 5/7] nss: Implement _nss_libvirt_gethostbyname3_r
Daniel P. Berrange
berrange at redhat.com
Fri Feb 26 17:59:57 UTC 2016
On Thu, Feb 18, 2016 at 03:21:05PM +0100, Michal Privoznik wrote:
> The implementation is pretty straightforward. Moreover, because
> of the nature of things, gethostbyname_r and gethostbyname2_r can
> be implemented at the same time too.
>
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
> tools/Makefile.am | 7 +-
> tools/nss/libvirt_nss.c | 354 ++++++++++++++++++++++++++++++++++++++++++++-
> tools/nss/libvirt_nss.h | 14 +-
> tools/nss/libvirt_nss.syms | 4 +-
> 4 files changed, 373 insertions(+), 6 deletions(-)
>
> diff --git a/tools/Makefile.am b/tools/Makefile.am
> index a850adb..e938e80 100644
> --- a/tools/Makefile.am
> +++ b/tools/Makefile.am
> @@ -433,7 +433,12 @@ nss_libnss_libvirt_impl_la_CFLAGS = \
> $(AM_CFLAGS) \
> $(WARN_CFLAGS) \
> $(PIE_CFLAGS) \
> - $(COVERAGE_CFLAGS)
> + $(COVERAGE_CFLAGS) \
> + $(LIBXML_CFLAGS)
> +
> +nss_libnss_libvirt_impl_la_LIBADD = \
> + $(LIBXML_LIBS) \
> + ../src/libvirt.la
I'm thinking that linking to libvirt.la is probably not the
best idea.
We link libvirt.so with '-z nodelete', so once it is resident
in a process it can never be unmapped. In addition libvirt.so
will whine if you try to use it from a setuid program.
Since the nss modules can be loaded into any program on the
system, I think we want to take a similar approach to that
done for virt-login-shell, and explicitly link to the smallest
possible set of files we can, and not link to any 3rd party
shared libraries, with exception of yajl which you need for
the json parsing.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list