[libvirt] [PATCH] Don't reset user/group/security label on shared filesystems during migrate

Daniel P. Berrange berrange at redhat.com
Thu May 13 16:43:18 UTC 2010


On Thu, May 13, 2010 at 10:37:19AM -0600, Eric Blake wrote:
> On 05/13/2010 09:52 AM, Daniel P. Berrange wrote:
> > When QEMU runs with its disk on NFS, and as a non-root user, the
> > disk is chownd to that non-root user. When migration completes
> > the last step is shutting down the QEMU on the source host. THis
> > normally resets user/group/security label. This is bad when the
> > VM was just migrated because the file is still in use on the dest
> > host. It is thus neccessary to skip the reset step for any files
> > found to be on a shared filesystem
> > 
> > * src/libvirt_private.syms: Export virStorageFileIsSharedFS
> > * src/util/storage_file.c, src/util/storage_file.h: Add a new
> >   method virStorageFileIsSharedFS() to determine if a file is
> >   on a shared filesystem (NFS, GFS, OCFS2, etc)
> 
> Is this sufficient?  Suppose I have the situation where on hypervisor A,
> the disk image is on a local drive, but that machine A also exports that
> directory via NFS.  Then on hypervisor B, the disk image is viewed via
> NFS.  When migrating a guest from machine A to B, the shutdown path on
> machine A will see that the file is on local storage, not NFS, and will
> not get your code exemption that avoids the relabel.

I'm calling that a crazy config & ignoring that problem since it isn't
practical to solve edge cases like that. This patch doesn't make that
problem anyway - it was broken before & is broken afterwards :-)

Regards,
Daniel
-- 
|: Red Hat, Engineering, London    -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org        -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|




More information about the libvir-list mailing list