Move the runas user at execution time

Everything still works the same way, but the user is calculated each
time we start kvm, rather than stored in the config file. This makes it
easier to implement the "pool" security model.

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

diff --git a/lib/hypervisor/hv_kvm.py b/lib/hypervisor/hv_kvm.py
index b9f20f3..a8a5c38 100644 (file)
--- a/lib/hypervisor/hv_kvm.py
+++ b/lib/hypervisor/hv_kvm.py
@@ -366,10 +366,6 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     boot_cdrom = hvp[constants.HV_BOOT_ORDER] == constants.HT_BO_CDROM
     boot_network = hvp[constants.HV_BOOT_ORDER] == constants.HT_BO_NETWORK
 
-    security_model = hvp[constants.HV_SECURITY_MODEL]
-    if security_model == constants.HT_SM_USER:
-      kvm_cmd.extend(['-runas', hvp[constants.HV_SECURITY_DOMAIN]])
-
     if boot_network:
       kvm_cmd.extend(['-boot', 'n'])
 
@@ -542,6 +538,10 @@ class KVMHypervisor(hv_base.BaseHypervisor):
 
     kvm_cmd, kvm_nics, hvparams = kvm_runtime
 
+    security_model = hvp[constants.HV_SECURITY_MODEL]
+    if security_model == constants.HT_SM_USER:
+      kvm_cmd.extend(["-runas", hvp[constants.HV_SECURITY_DOMAIN]])
+
     if not kvm_nics:
       kvm_cmd.extend(['-net', 'none'])
     else: