[libvirt] [PATCH] qemu: pass "-1" as uid/gid for unprivileged qemu
Guido Günther
agx at sigxcpu.org
Sun Feb 17 17:33:08 UTC 2013
so we don't try to change uid/git to 0 when probing capabilities.
---
On Fri, Feb 15, 2013 at 11:20:17PM -0600, Doug Goldstein wrote:
> The following error bisect's down to this commit when running out of
> my local checkout for testing.
>
> 2013-02-16 05:16:55.102+0000: 29992: error : virCommandWait:2270 :
> internal error Child process (LC_ALL=C
> LD_LIBRARY_PATH=/home/cardoe/work/libvirt/src/.libs
> PATH=/usr/local/bin:/usr/bin:/bin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.6.3:/usr/games/bin
> HOME=/home/cardoe USER=cardoe LOGNAME=cardoe /usr/bin/qemu-kvm -help)
> unexpected exit status 1: libvir: error : internal error cannot apply
> process capabilities -1
This is due to:
debug : virExec:641 : Setting child uid:gid to 0:0 with caps 0
We're trying to change capabilities even on qemu:///session. This
unbreaks the libvirt-tck jenkins test suite as well.
src/qemu/qemu_driver.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 23499ef..dc35b91 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -556,6 +556,8 @@ qemuStartup(bool privileged,
char *membase = NULL;
char *mempath = NULL;
virQEMUDriverConfigPtr cfg;
+ uid_t run_uid = -1;
+ gid_t run_gid = -1;
if (VIR_ALLOC(qemu_driver) < 0)
return -1;
@@ -707,11 +709,13 @@ qemuStartup(bool privileged,
cfg->snapshotDir, cfg->user, cfg->group);
goto error;
}
+ run_uid = cfg->user;
+ run_gid = cfg->group;
}
qemu_driver->qemuCapsCache = virQEMUCapsCacheNew(cfg->libDir,
- cfg->user,
- cfg->group);
+ run_uid,
+ run_gid);
if (!qemu_driver->qemuCapsCache)
goto error;
--
1.7.10.4
More information about the libvir-list
mailing list