[libvirt] [PATCH] doc: Add statment about permissions needed to do a core dump
Peter Krempa
pkrempa at redhat.com
Thu Sep 15 21:00:23 UTC 2011
Dňa 15.9.2011 21:32, Eric Blake wrote / napísal(a):
> That sounds wrong to me. We already have the ability to relabel files
> and directories so that qemu can access them; why should the core file
> be any different than any other image file where libvirt is able to
> grant proper permissions?
Well, I looked through the code and it seemed to me that it's done that
way. I couldn't reproduce that because my qemu runs with uid 0.
>
> Also, the wording is misleading - you are talking about 'search'
> permissions on the parent directories, not 'execute' on the file
> itself (the x bit is double-duty, execute for files and search for
> directories). So we should not be mentioning execute permissions. If
> we can't fix the real bug (that is, that libvirt is not granting
> proper permissions to qemu to be able to create the core dump), then
> I'd favor wording more like:
>
Yes, search permission. I somehow still call it execute even on
directories even though I am aware of the difference :/ ... I'll fix it.
> Hypervisors may require the user to manually ensure proper permissions
> on the file named by @to.
>
That's elegant, thanks :).
Peter
More information about the libvir-list
mailing list