[libvirt] [PATCH] Set owner and group for file used for saving domain
Daniel P. Berrange
berrange at redhat.com
Wed Nov 11 12:19:08 UTC 2009
On Wed, Nov 11, 2009 at 04:10:37PM +0530, Anoop Vijayan wrote:
> virsh save a domain created by libvirt and it hangs with the log message "sh: /home/newguest: Permission denied".
>
> ---
> src/qemu/qemu_driver.c | 5 +++++
> 1 files changed, 5 insertions(+), 0 deletions(-)
>
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 30003e6..a2d9534 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -3415,6 +3415,11 @@ static int qemudDomainSave(virDomainPtr dom,
> goto endjob;
> }
>
> + if (qemuDomainSetFileOwnership(dom->conn, path, driver->user,
> + driver->group) < 0 ) {
> + goto endjob;
> + }
> +
> if (safewrite(fd, &header, sizeof(header)) != sizeof(header)) {
> qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
> "%s", _("failed to write save header"));
That isn't quit correct because it should not change ownership if libvirtd
is running unprivileged. Also it doesn't take care of SELinux labelling.
I've just posted the more complete fix here
http://www.redhat.com/archives/libvir-list/2009-November/msg00376.html
Regards,
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the libvir-list
mailing list