[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] Don't chown qemu saved image back to root after save if dynamic_ownership=0

On 01/05/2011 03:03 PM, Laine Stump wrote:
> When dynamic_ownership=0, saved images must be owned by the same uid
> as is used to run the qemu process, otherwise restore won't work. To
> accomplish this, qemuSecurityDACRestoreSavedStateLabel() needs to
> simply return when it's called.
> This fix is in response to:
>   https://bugzilla.redhat.com/show_bug.cgi?id=661720


> ---
> Note that this still leaves open the issue discovered in this bug - if
> the saved image file already exists when it is "created" for the new
> save, whatever mode it has will be maintained, rather than forcing
> 0600. It would be simple to force the mode to 0600 (just add a flag to
> virFileOperation(), but I'm not sure if it would be safe to do so
> right now without a *lot* of testing (I'm concerned about possible
> scenarios where the chmod() that's done when the FORCE_PERMISSIONS
> flag is set might fail, making a previously working case fail). Any
> opinions on that? (At any rate, it should be done in a separate patch
> if we decide to do it).

For that matter, we could argue that the bug is in whatever code created
the file with the overly-permissive permissions in the first place, and
that libvirt should not change (what gives libvirt the right to decide
to lock down permissions on an already existing file?).  So _if_ we
decide that libvirt needs to do anything at all, then it's definitely
material for a separate patch.

Eric Blake   eblake redhat com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]