[libvirt] [PATCH 00/11] Avoid numerous calls of virQEMUCapsCacheLookup
Daniel P. Berrangé
berrange at redhat.com
Thu Oct 25 17:32:09 UTC 2018
On Thu, Oct 25, 2018 at 01:47:26PM +0200, Bjoern Walk wrote:
> Daniel P. Berrangé <berrange at redhat.com> [2018-10-24, 10:43PM +0100]:
> > We could optimize this by jcalling virFileAccessibleAs
> > once and storing the result in a global. Then just do a
> > plain stat() call in process to check the st_ctime field
> > for changes. We only need re-run the heavy virFileAccessibleAs
> > check if st_ctime has changed (indicating a owner/group/acl
> > change).
>
> But can't access permission change outside of changing the actual device
> file (e.g. cgroups or other OS capabilities)? Isn't that the whole
> purpose of the virFileAccessibleAs gymnastics?
Yes, cgroups could restrict access to /dev/kvm, but virFileAccessibleAs
does not use cgroups, it only cares about using the correct user + group
membership.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list