[libvirt] QMP Capability Detection Issues with GIT version of QEMU
Viktor Mihajlovski
mihajlov at linux.vnet.ibm.com
Thu Nov 22 16:41:30 UTC 2012
I ran into trouble today trying to use the GIT level of QEMU.
In a nutshell: the capability detection with QMP is failing
and the fallback using -help isn't working with the GIT level
probably due to help text reformatting.
The failure reason is that QEMU cannot bind to the
QMP monitor socket in the /var/lib/libvirt/qemu directory.
That's because the child process is stripped of all
capabilities and this directory is chown'ed to qemu:qemu
by the QEMU driver.
Note that this is failing with the release QEMU as well,
with the difference that the fallback is working there.
I am willing to provide a patch, however I'd like
to get feedback on the approach to use:
1. Add back Linux capabilities CAP_DAC_OVERRIDE,
CAP_DAC_READ_SEARCH to allow QEMU to bind to
the monitor socket.
This seems to be hacky/dodging the problem.
2. Use a separate directory for the QMP probing
instance of QEMU.
3. Run the QMP QEMU under the configured qemu
user. This would be my favorite.
4. Other ideas?
--
Mit freundlichen Grüßen/Kind Regards
Viktor Mihajlovski
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
More information about the libvir-list
mailing list