[libvirt] unable to set security context (NFSv4 problem?)

Harald Dunkel harald.dunkel at aixigo.de
Wed Apr 21 11:17:22 UTC 2010


Hi Spencer,

I could reproduce the EINVAL on the command line:

	srvl022:/storage# touch /storage/x
	srvl022:/storage# chown 110:140 /storage/x
	chown: changing ownership of `/storage/x': Invalid argument

110 and 140 are not valid UIDs and GIDs on the NFS
server. They are defined in the local passwd/group files
on the libvirt server only. After defining the user and
group on the NFS server the error message is gone.

Obviously NFSv4 is a little bit picky about remote root
users trying to change the ownership of files. This seems
to break qemuSecurityDACSetOwnership() in qemu_security_dac.c,
giving me the "unable to set security context" message.

Do you think it would be possible to introduce a configure
option '--with-dac=no'?


Regards

Harri




More information about the libvir-list mailing list