[libvirt-users] libvirt, selinux, moving images to ~/images does not work

Eric Blake eblake at redhat.com
Mon Apr 8 20:09:57 UTC 2013


On 04/08/2013 01:14 AM, Alexey Kardashevskiy wrote:
> Hi!
> 
> Setting security_driver to "none" (instead of "selinux") fixed the
> problem so I presumed that selinux is the problem here. But you're right
> after all, this helped:
> 
> [root at vpl2 ~]# chmod 777 /home/aik/
> [root at vpl2 ~]# chmod 777 /home/aik/virtimg/

It may have helped, but it also opened you up to a security hole.  You
generally don't want permissions to be this wide open on your home
directory.  Rather, the use of ACLs or group (but not world) permissions
should be considered, so that access is granted to the qemu group but
not to the world.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20130408/d7ad8422/attachment.sig>


More information about the libvirt-users mailing list