aboutsummaryrefslogtreecommitdiffstats
path: root/tools/xenstore/xenstored_core.c
diff options
context:
space:
mode:
authoremellor@leeni.uk.xensource.com <emellor@leeni.uk.xensource.com>2005-12-02 01:34:39 +0000
committeremellor@leeni.uk.xensource.com <emellor@leeni.uk.xensource.com>2005-12-02 01:34:39 +0000
commitd3079e26113a4cd1ebcdd7fd5fad8d65c7081f34 (patch)
tree793405b025300392e4bad8b1b3cbd5c7a79e8e5b /tools/xenstore/xenstored_core.c
parent3ceb6ce6b7bff36c32f852aafd305cad1008e1d3 (diff)
downloadxen-d3079e26113a4cd1ebcdd7fd5fad8d65c7081f34.tar.gz
xen-d3079e26113a4cd1ebcdd7fd5fad8d65c7081f34.tar.bz2
xen-d3079e26113a4cd1ebcdd7fd5fad8d65c7081f34.zip
Initialise the connection ID when a domain is introduced. This (re)enables
the permission checking in xenstored. Default the store permissions to read/write nobody (apart from the privileged domain). Create a /local node with these permissions, ready for inheriting by children. In Xend, create a /vm node with these permissions too, for the same reason, and set the permissions on /local/domain/<domid> and each device backend path to allow the guest domain to access these paths appropriately. Added xstransact.{set_permissions,SetPermissions,mkdir,Mkdir,complete} as support facilities. This closes bug #290. Signed-off-by: Ewan Mellor <ewan@xensource.com>
Diffstat (limited to 'tools/xenstore/xenstored_core.c')
-rw-r--r--tools/xenstore/xenstored_core.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
index 012a420197..863250941a 100644
--- a/tools/xenstore/xenstored_core.c
+++ b/tools/xenstore/xenstored_core.c
@@ -1401,7 +1401,7 @@ void dump_connection(void)
static void manual_node(const char *name, const char *child)
{
struct node *node;
- struct xs_permissions perms = { .id = 0, .perms = XS_PERM_READ };
+ struct xs_permissions perms = { .id = 0, .perms = XS_PERM_NONE };
node = talloc(NULL, struct node);
node->name = name;
@@ -1442,6 +1442,7 @@ static void setup_structure(void)
the balloon driver, this can be fatal.
*/
internal_rm("/local");
+ manual_node("/", "local");
}
else {
tdb_ctx = tdb_open(tdbname, 7919, TDB_FLAGS, O_RDWR|O_CREAT,
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 15:35:12 +0000