[libvirt] [PATCH 2/2] root_squash saga: virFileOperation may fail with EPERM
Daniel Veillard
veillard at redhat.com
Tue Oct 19 13:28:45 UTC 2010
On Tue, Oct 19, 2010 at 12:11:07PM +0200, Dan Kenigsberg wrote:
> Over root-squashing nfs, when virFileOperation() is called as uid==0, it
> may fail with EACCES, but also with EPERM, due to
> virFileOperationNoFork()'s failed attemp to chown a writable file.
>
> qemudDomainSaveFlag() should expect this case, too.
> ---
> src/qemu/qemu_driver.c | 6 +++---
> 1 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 7204ac8..abd8e9d 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -5402,13 +5402,13 @@ static int qemudDomainSaveFlag(struct qemud_driver *driver, virDomainPtr dom,
> qemudDomainSaveFileOpHook, &hdata,
> 0)) < 0) {
> /* If we failed as root, and the error was permission-denied
> - (EACCES), assume it's on a network-connected share where
> - root access is restricted (eg, root-squashed NFS). If the
> + (EACCES or EPERM), assume it's on a network-connected share
> + where root access is restricted (eg, root-squashed NFS). If the
> qemu user (driver->user) is non-root, just set a flag to
> bypass security driver shenanigans, and retry the operation
> after doing setuid to qemu user */
>
> - if ((rc != -EACCES) ||
> + if (((rc != -EACCES) && (rc != -EPERM)) ||
> driver->user == getuid()) {
> virReportSystemError(-rc, _("Failed to create domain save file '%s'"),
> path);
Looks fine, ACK, applied and commited, I also pushed the new version of 1/2
thanks !
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel at veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
More information about the libvir-list
mailing list