Hello tech@,
I noticed that vmd(8) only allows VM owners to start/stop their
VMs, but does not let them to pause/unpause those VMs.
I was just wondering if there are reasons behind that. If not, the
patch below enables pause/unpause commands for VM owners.
Regards,
Aslan
Index: control.c
===================================================================
RCS file: /cvs/src/usr.sbin/vmd/control.c,v
retrieving revision 1.22
diff -u -p -r1.22 control.c
--- control.c 8 Sep 2017 06:24:31 -0000 1.22
+++ control.c 16 Apr 2018 04:40:24 -0000
@@ -340,6 +340,8 @@ control_dispatch_imsg(int fd, short even
case IMSG_VMDOP_GET_INFO_VM_REQUEST:
case IMSG_VMDOP_TERMINATE_VM_REQUEST:
case IMSG_VMDOP_START_VM_REQUEST:
+ case IMSG_VMDOP_PAUSE_VM:
+ case IMSG_VMDOP_UNPAUSE_VM:
break;
default:
if (c->peercred.uid != 0) {
@@ -373,8 +375,6 @@ control_dispatch_imsg(int fd, short even
/* FALLTHROUGH */
case IMSG_VMDOP_RECEIVE_VM_REQUEST:
case IMSG_VMDOP_SEND_VM_REQUEST:
- case IMSG_VMDOP_PAUSE_VM:
- case IMSG_VMDOP_UNPAUSE_VM:
case IMSG_VMDOP_LOAD:
case IMSG_VMDOP_RELOAD:
case IMSG_CTL_RESET:
@@ -421,6 +421,21 @@ control_dispatch_imsg(int fd, short even
control_close(fd, cs);
return;
}
+ break;
+ case IMSG_VMDOP_PAUSE_VM:
+ case IMSG_VMDOP_UNPAUSE_VM:
+ if (IMSG_DATA_SIZE(&imsg) < sizeof(vid))
+ goto fail;
+ memcpy(&vid, imsg.data, sizeof(vid));
+ vid.vid_uid = c->peercred.uid;
+ log_debug("%s id: %d, name: %s, uid: %d",
+ __func__, vid.vid_id, vid.vid_name,
+ vid.vid_uid);
+
+ if (proc_compose_imsg(ps, PROC_PARENT, -1,
+ imsg.hdr.type, fd, imsg.fd,
+ &vid, sizeof(vid)) == -1)
+ goto fail;
break;
default:
log_debug("%s: error handling imsg %d",
Index: vm.conf.5
===================================================================
RCS file: /cvs/src/usr.sbin/vmd/vm.conf.5,v
retrieving revision 1.27
diff -u -p -r1.27 vm.conf.5
--- vm.conf.5 3 Jan 2018 05:39:56 -0000 1.27
+++ vm.conf.5 16 Apr 2018 04:40:24 -0000
@@ -206,7 +206,8 @@ Memory size of the VM, in bytes, rounded
The default is 512M.
.It Cm owner Ar user Ns Op : Ns Ar group
Set the owner of the VM to the specified user or group.
-The owner will be allowed to start or stop the VM and open the VM's console.
+The owner will be allowed to start or stop the VM, pause or unpause the VM,
+and open the VM's console.
.It Cm owner Pf : Ar group
Set the owner to the specified group.
.El
Index: vmd.c
===================================================================
RCS file: /cvs/src/usr.sbin/vmd/vmd.c,v
retrieving revision 1.82
diff -u -p -r1.82 vmd.c
--- vmd.c 29 Mar 2018 18:29:24 -0000 1.82
+++ vmd.c 16 Apr 2018 04:40:25 -0000
@@ -186,8 +186,13 @@ vmd_dispatch_control(int fd, struct priv
} else {
vid.vid_id = vm->vm_vmid;
}
- } else if (vm_getbyid(vid.vid_id) == NULL) {
+ } else if ((vm = vm_getbyid(vid.vid_id)) == NULL) {
res = ENOENT;
+ cmd = IMSG_VMDOP_PAUSE_VM_RESPONSE;
+ break;
+ }
+ if (vm_checkperm(vm, vid.vid_uid) != 0) {
+ res = EPERM;
cmd = IMSG_VMDOP_PAUSE_VM_RESPONSE;
break;
}
