[libvirt] [PATCH 10/12] Add configuration option to turn off dynamic permissions management
Daniel Veillard
veillard at redhat.com
Wed Jan 20 17:42:53 UTC 2010
On Wed, Jan 20, 2010 at 03:15:07PM +0000, Daniel P. Berrange wrote:
> Add the ability to turn off dynamic management of file permissions
> for libvirt guests.
>
> * qemu/libvirtd_qemu.aug: Support 'dynamic_ownership' flag
> * qemu/qemu.conf: Document 'dynamic_ownership' flag.
> * qemu/qemu_conf.c: Load 'dynamic_ownership' flag
> * qemu/test_libvirtd_qemu.aug: Test 'dynamic_ownership' flag
> ---
> src/qemu/libvirtd_qemu.aug | 1 +
> src/qemu/qemu.conf | 5 +++++
> src/qemu/qemu_conf.c | 13 ++++++++++---
> src/qemu/test_libvirtd_qemu.aug | 4 ++++
> 4 files changed, 20 insertions(+), 3 deletions(-)
>
> diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
> index f0b2a5e..b71e4cf 100644
> --- a/src/qemu/libvirtd_qemu.aug
> +++ b/src/qemu/libvirtd_qemu.aug
> @@ -32,6 +32,7 @@ module Libvirtd_qemu =
> | str_entry "security_driver"
> | str_entry "user"
> | str_entry "group"
> + | bool_entry "dynamic_ownership"
> | str_array_entry "cgroup_controllers"
> | str_array_entry "cgroup_device_acl"
> | str_entry "save_image_format"
> diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
> index 2129bae..c662893 100644
> --- a/src/qemu/qemu.conf
> +++ b/src/qemu/qemu.conf
> @@ -96,6 +96,11 @@
> # The group ID for QEMU processes run by the system instance
> #group = "root"
>
> +# Whether libvirt should dynamically change file ownership
> +# to match the configured user/group above. Defaults to 1.
> +# Set to 0 to disable file ownership changes.
> +#dynamic_ownership = 1
> +
>
> # What cgroup controllers to make use of with QEMU guests
> #
> diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
> index 2cefa6a..34c6fdb 100644
> --- a/src/qemu/qemu_conf.c
> +++ b/src/qemu/qemu_conf.c
> @@ -102,7 +102,9 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
> char *group;
> int i;
>
> - /* Setup 2 critical defaults */
> + /* Setup critical defaults */
> + driver->dynamicOwnership = 1;
> +
> if (!(driver->vncListen = strdup("127.0.0.1"))) {
> virReportOOMError(NULL);
> return -1;
> @@ -224,6 +226,7 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
> }
> VIR_FREE(user);
>
> +
> p = virConfGetValue (conf, "group");
> CHECK_TYPE ("group", VIR_CONF_STRING);
> if (!(group = strdup(p && p->str ? p->str : QEMU_GROUP))) {
> @@ -231,8 +234,6 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
> virConfFree(conf);
> return -1;
> }
> -
> -
> if (virGetGroupID(NULL, group, &driver->group) < 0) {
> VIR_FREE(group);
> virConfFree(conf);
> @@ -240,6 +241,12 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
> }
> VIR_FREE(group);
>
> +
> + p = virConfGetValue (conf, "dynamic_ownership");
> + CHECK_TYPE ("dynamic_ownership", VIR_CONF_LONG);
> + if (p) driver->dynamicOwnership = p->l;
> +
Hum, I was wondering about the value space for dynamicOwnership, it's
defined as an int but so far we just use the !driver->dynamicOwnership
test. So that looks fine, but I wonder if in the future we may not
extend this to take more values for example depending on the type of
devices.
ACK
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel at veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
More information about the libvir-list
mailing list