[Pkg-libvirt-commits] [SCM] Libvirt Debian packaging branch, wheezy, updated. debian/0.9.12-8
Guido Günther
agx at sigxcpu.org
Mon Mar 4 17:59:45 UTC 2013
The following commit has been merged in the wheezy branch:
commit 181eab16a034ee7dce50ec932d31cb051bf9dc9c
Author: Guido Günther <agx at sigxcpu.org>
Date: Tue Feb 26 06:28:30 2013 +0100
CVE-2013-1766: Use libvirt-qemu as group to run qemu/kvm instances
This makes sure we don't chown files to groups possibly used
by other programs.
Closes: #701649
diff --git a/debian/README.Debian b/debian/README.Debian
index 6248662..de12bbb 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -56,6 +56,9 @@ Access Control
Access to the libvirt socket is controlled by membership in the "libvirt" group.
If you want to manage VMs as non root you need to add a user to that group.
+System QEMU/KVM processes are run as user and group libvirt-qemu. This can be
+adjusted via /etc/libvirt/qemu.conf.
+
QEMU/KVM: Dropping Capabilties
==============================
Network interfaces of type "ethernet" use a script like /etc/qemu-ifup to set up
diff --git a/debian/libvirt-bin.NEWS b/debian/libvirt-bin.NEWS
index ee32190..9228350 100644
--- a/debian/libvirt-bin.NEWS
+++ b/debian/libvirt-bin.NEWS
@@ -1,3 +1,12 @@
+libvirt (1.0.2-3) experimental; urgency=low
+
+ For qemu:///system KVM/QEMU processes now run as group libvirt-qemu. This
+ makes sure image files and volumes aren't accessible by users in the more
+ general and previously used kvm group. To change this behaviour adjust the
+ group option in /etc/libvirt/qemu.conf.
+
+ -- Guido Günther <agx at sigxcpu.org> Tue, 26 Feb 2013 06:30:48 +0100
+
libvirt (0.8.3-2) unstable; urgency=low
Disk format probing is disabled now by default for security reasons
diff --git a/debian/libvirt-bin.postinst b/debian/libvirt-bin.postinst
index c22dd21..53119a2 100644
--- a/debian/libvirt-bin.postinst
+++ b/debian/libvirt-bin.postinst
@@ -27,6 +27,9 @@ add_users_groups()
if ! getent group kvm >/dev/null; then
addgroup --quiet --system kvm
fi
+ if ! getent group libvirt-qemu >/dev/null; then
+ addgroup --quiet --system libvirt-qemu
+ fi
if ! getent passwd libvirt-qemu >/dev/null; then
adduser --quiet \
--system \
@@ -39,6 +42,7 @@ add_users_groups()
-gecos "Libvirt Qemu" \
libvirt-qemu
fi
+ adduser libvirt-qemu libvirt-qemu
}
diff --git a/debian/libvirt-bin.postrm b/debian/libvirt-bin.postrm
index 5f67537..77e77d6 100644
--- a/debian/libvirt-bin.postrm
+++ b/debian/libvirt-bin.postrm
@@ -25,6 +25,14 @@ case "$1" in
delgroup libvirt || true
fi
+ if getent user libvirt-qemu >/dev/null; then
+ deluser libvirt || true
+ fi
+
+ if getent group libvirt-qemu >/dev/null; then
+ delgroup libvirt || true
+ fi
+
rm -rf /var/log/libvirt
;;
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
diff --git a/debian/rules b/debian/rules
index 8127900..65e35d4 100755
--- a/debian/rules
+++ b/debian/rules
@@ -58,7 +58,7 @@ DEB_CONFIGURE_EXTRA_FLAGS := \
--disable-rpath \
$(WITH_QEMU) \
--with-qemu-user=libvirt-qemu \
- --with-qemu-group=kvm \
+ --with-qemu-group=libvirt-qemu \
$(WITH_OPENVZ) \
--with-avahi \
--with-sasl \
--
Libvirt Debian packaging
More information about the Pkg-libvirt-commits
mailing list