[libvirt] [PATCH] Make domain save work on root-squash NFS
Daniel P. Berrange
berrange at redhat.com
Tue Feb 23 08:04:18 UTC 2010
On Mon, Feb 22, 2010 at 01:09:52PM -0500, Laine Stump wrote:
> FYI, I just verified that the restore failures I was seeing after
> applying this patch were actually happening *without* the patch as well,
> and are unrelated to domain save (it's a race condition in domain
> restore that needs to be dealt with separately), so this patch is okay
> to put in
>
> I verified I've been testing with an unmodified form of this patch,
> *EXCEPT* that I hadn't done make syntax-check on it (since I didn't
> really think that it was working code at the time ;-)), and there is one
> occurence of white-space at the end of a line.
>
> Should I resend with that change? Or do you want to just fix it up?
No, that's fine.
>
> Also, notice that this patch saves the domain file with 0660 permission
> (umask will normally turn it into 0640) as we had thought that would be
> part of the way to allow restore from a root-squashed NFS server (just
> make sure that the reader had group read permissions). Now it seems we
> will be using the trick of running the restore code setuid instead, so
> the 0660 mode will no longer necessary. Should I revise this patch to
> create the file as 0600, or just do that as part of the upcoming domain
> restore patch?
0660 will be OK, since we setgid() too.
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the libvir-list
mailing list