Move runas handling from vl.c to OS specific files.

Move code to handle runas, ie. change of user id of QEMU process to OS specific files and provide dummy stub for Win32. Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com> Acked-by: Juan Quintela <quintela@redhat.com> Acked-by: Richard Henderson <rth@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2025-08-03 15:53:54 -06:00 · 2010-06-10 11:42:26 +02:00 · 2010-06-10 11:42:26 +02:00 · 8847cfe8aa
commit 8847cfe8aa
parent 59a5264b99
4 changed files with 31 additions and 28 deletions
--- a/os-posix.c
+++ b/os-posix.c
@ -28,6 +28,7 @@
 #include <signal.h>
 #include <sys/types.h>
 #include <sys/wait.h>
+#include <pwd.h>
 #include <libgen.h>

 /* Needed early for CONFIG_BSD etc. */
@ -36,6 +37,8 @@
 #include "net/slirp.h"
 #include "qemu-options.h"

+static struct passwd *user_pwd;
+
 void os_setup_early_signal_handling(void)
 {
    struct sigaction act;
@ -146,6 +149,31 @@ void os_parse_cmd_args(int index, const char *optarg)
            exit(1);
        break;
 #endif
+    case QEMU_OPTION_runas:
+        user_pwd = getpwnam(optarg);
+        if (!user_pwd) {
+            fprintf(stderr, "User \"%s\" doesn't exist\n", optarg);
+            exit(1);
+        }
+        break;
    }
    return;
 }
+
+void os_change_process_uid(void)
+{
+    if (user_pwd) {
+        if (setgid(user_pwd->pw_gid) < 0) {
+            fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid);
+            exit(1);
+        }
+        if (setuid(user_pwd->pw_uid) < 0) {
+            fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid);
+            exit(1);
+        }
+        if (setuid(0) != -1) {
+            fprintf(stderr, "Dropping privileges failed\n");
+            exit(1);
+        }
+    }
+}