[Libvir] [PATCH] add global --readonly flag to virsh

Richard W.M. Jones rjones at redhat.com
Tue Mar 6 17:16:56 UTC 2007

Daniel P. Berrange wrote:
> On Mon, Mar 05, 2007 at 05:22:28PM +0000, Richard W.M. Jones wrote:
>> The current vshInit function in virsh tries some dodgy heuristics to see 
>> if it should connect readonly or read/write to the hypervisor. 
>> Unfortunately these heuristics fail, eg. when you have a root-owned 
>> system-wide qemud, and a user trying to run virsh as non-root.
>> This patch removes the heuristics and replaces them with a simple -r | 
>> --readonly flag on the command line.  If omitted, we try to connect 
>> read/write, otherwise we try to connect readonly.
> I like this patch, but I don't think we can apply it in exactly the
> form it is now. There may well be people already using virsh in a
> non-root context with Xen, and this will break them requiring them
> to add a --readonly arg in. I think we should add the explicit
> --readonly flag patch attached, but also put in a simplified 
> heuristic for the Xen non-root case. I'd think I'd add in a snippet 
> of code looking like:
>     if (ctl->uid != 0 && (ctl->name == NULL || 
>                           !strcmp(ctl->name, "Xen"))
>         ctl->readonly = TRUE;
> If people agree, I'll apply Rich's patch with this addition ?

Agreed, unless we want an explicit --readwrite to override this 
heuristic :-)


Emerging Technologies, Red Hat  http://et.redhat.com/~rjones/
64 Baker Street, London, W1U 7DF     Mobile: +44 7866 314 421
  "[Negative numbers] darken the very whole doctrines of the equations
  and make dark of the things which are in their nature excessively
  obvious and simple" (Francis Maseres FRS, mathematician, 1759)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3237 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20070306/108a533c/attachment-0001.bin>

More information about the libvir-list mailing list