[libvirt] [PATCH] Don't chown qemu saved image back to root after save if dynamic_ownership=0
Eric Blake
eblake at redhat.com
Wed Jan 5 22:26:02 UTC 2011
On 01/05/2011 03:03 PM, Laine Stump wrote:
> When dynamic_ownership=0, saved images must be owned by the same uid
> as is used to run the qemu process, otherwise restore won't work. To
> accomplish this, qemuSecurityDACRestoreSavedStateLabel() needs to
> simply return when it's called.
>
> This fix is in response to:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=661720
ACK.
> ---
>
> Note that this still leaves open the issue discovered in this bug - if
> the saved image file already exists when it is "created" for the new
> save, whatever mode it has will be maintained, rather than forcing
> 0600. It would be simple to force the mode to 0600 (just add a flag to
> virFileOperation(), but I'm not sure if it would be safe to do so
> right now without a *lot* of testing (I'm concerned about possible
> scenarios where the chmod() that's done when the FORCE_PERMISSIONS
> flag is set might fail, making a previously working case fail). Any
> opinions on that? (At any rate, it should be done in a separate patch
> if we decide to do it).
For that matter, we could argue that the bug is in whatever code created
the file with the overly-permissive permissions in the first place, and
that libvirt should not change (what gives libvirt the right to decide
to lock down permissions on an already existing file?). So _if_ we
decide that libvirt needs to do anything at all, then it's definitely
material for a separate patch.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110105/4d8942fd/attachment-0001.sig>
More information about the libvir-list
mailing list