This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] Re: [PATCH] provide real error message when trying to run xm

To: Andrew Thompson <andrewkt@xxxxxxxxxxx>
Subject: [Xen-devel] Re: [PATCH] provide real error message when trying to run xm as non root
From: Sean Dague <sean@xxxxxxxxx>
Date: Tue, 26 Jul 2005 11:09:52 -0400
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 26 Jul 2005 15:08:23 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <42E64E33.5030507@xxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Mail-followup-to: Andrew Thompson <andrewkt@xxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx
References: <20050726144156.GA22926@xxxxxxxxxxxxxxxxxxx> <42E64E33.5030507@xxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.6i
On Tue, Jul 26, 2005 at 10:52:35AM -0400, Andrew Thompson wrote:
> Sean Dague wrote:
> >This patch prevents you from getting a screen full of stack trace when
> >trying to run commands like xm list as a normal user, and instead provides 
> >a
> >helpful error message.
> +1, Admirable. (non-binding/non-voter/non-commiter)
> >Signed-off-by: Sean Dague <sean@xxxxxxxxx>
> >
> >Diffstat output:
> > main.py |    7 +++++++
> > 1 files changed, 7 insertions(+)
> >
> >diff -r 48aed1403fe3 tools/python/xen/xm/main.py
> >--- a/tools/python/xen/xm/main.py    Fri Jul 22 16:44:33 2005
> >+++ b/tools/python/xen/xm/main.py    Tue Jul 26 10:31:24 2005
> >@@ -11,6 +11,13 @@
> > 
> > from xen.xend import PrettyPrint
> > from xen.xend import sxp
> >+# this is a nasty place to stick this in, but required because
> >+# log file access is set up via a 5 deep import chain.  This
> >+# ensures the user sees a useful message instead of a stack trace
> >+if os.getuid() != 0:
> >+    print "xm requires root access to execute, please try again as root"
> >+    sys.exit(1)
> >+
> > from xen.xend.XendClient import XendError, server
> > from xen.xend.XendClient import main as xend_client_main
> > from xen.xm import create, destroy, migrate, shutdown, sysrq
> Please allow me to show my possible ignorance...
> Is there no better way to test for elevated privileges?
> Would it be unreasonable to think xm maintenance tasks could be handed 
> off to members of a non-root group?

Unfortunately the root problem comes from the fact that xm writes to the
xend log file directly, and in unprivileged state, throws an exception
because it doesn't have write access to that file.  The 2nd part of this
problem is that this exception is buried down a whole series of 5 level
magical import object creation paths, and hence is very hard to reasonably
get to from the xm main().

I'm sure you *could* reorder xm code to make this a strict perms check, but
the level of spagetti sorting to get there may not really be worth it.  I
also think you'd have to remove the direct logging from xm to be able to do
priv seperate between xm and xend, and that is really strewn throughout all
the code.



Sean Dague                                       Mid-Hudson Valley
sean at dague dot net                            Linux Users Group
http://dague.net                                 http://mhvlug.org

There is no silver bullet.  Plus, werewolves make better neighbors
than zombies, and they tend to keep the vampire population down.

Attachment: pgpV4XphDkH2v.pgp
Description: PGP signature

Xen-devel mailing list