[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

[libvir] [PATCH] Bad permissions on /var/run/libvirt/

From: "Anton Protopopov" <aspsk2 gmail com>
To: libvir-list redhat com
Subject: [libvir] [PATCH] Bad permissions on /var/run/libvirt/
Date: Mon, 14 Apr 2008 19:37:56 +0400

Hi,

Non-root can't use /var/run/libvirt/libvirt-sock even in the case
"unix_sock_group" and "unix_sock_rw_perms" are set properly.

The reason:
   # ls -l /var/run /var/run/libvirt | grep libvirt | grep -v pid
   drwx------ 2 root root 4096 Apr 14 19:14 libvirt
   srwxrwx--- 1 root libvirt 0 Apr 14 19:14 libvirt-sock
   srwxrwxrwx 1 root libvirt 0 Apr 14 19:14 libvirt-sock-ro

i.e., bad permissions on /var/run/libvirt

One possible solution (implied in the attached patch) is the following:

Every time libvirtd starts
* it implicitly sets the group id of /var/run/libvirt:
        chown(/var/run/libvirt, -1, unix_sock_gid).
* if "unix_sock_group" defined in /etc/libvirt/libvirtd.conf, libvirtd does
   chmod g+x /var/run/libvirt
   otherwise,
         chmod g-x /var/run/libvirt

A.

Attachment: fix_libvir_qemud_bad_permissions.patch
Description: Binary data

Follow-Ups:
- Re: [libvir] [PATCH] Bad permissions on /var/run/libvirt/
  - From: Daniel Veillard

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]