[libvirt] [PATCH] spec: Yet another permission fix for qemu dirs

Martin Kletzander mkletzan at redhat.com
Wed Feb 25 13:53:02 UTC 2015 

On Wed, Feb 25, 2015 at 08:00:45AM -0500, John Ferlan wrote:
>
>
>On 02/25/2015 03:50 AM, Martin Kletzander wrote:
>> Since we autogenerate path for QEMU guest agent into
>> LOCALSTATEDIR /lib/libvirt/qemu/channel/target/, the process should be
>> able to access that socket no matter under what user/group it is
>> running co you can set the user/group in qemu.conf.
>
>s/co/so
>
>>
>> Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1146886
>>

Self-NACK, it doesn't even fix this one.

>> Signed-off-by: Martin Kletzander <mkletzan at redhat.com>
>> ---
>>  libvirt.spec.in | 6 +++---
>>  1 file changed, 3 insertions(+), 3 deletions(-)
>>
>
>Hmm... I have a faint recollection...  See
>
>https://bugzilla.redhat.com/show_bug.cgi?id=1044561
>

and this is the exact same one, just for Fedora.

>Does this fix that one too?  I think for that one it was the
>"difference" between using the 'yum install...' means of installation
>vs. the '[sudo ]make install' method from a git tree build.
>

One problem is this and I haven't messed with how to fix it for "make
install" type installations.

The real problem I've found out (why this doesn't help) is that the
qemu needs to *write* to the channel/target in order to bind it.
Anyway, I'll have a look at the difference to monitor socket and will
see what we can do.  Until then, this gets postponed.

>Although this seems reasonable and right, messing with libvirt.spec.in
>is not my specialty, but there's more than one entry for
>"qemu/channel/target" in the file.  Is there a reason to not modify the
>other entry (in driver subpackages)?
>

I'll have a look at that, too.  Thanks for the response.

>John
>
>FWIW: The channel was subdir was added by commit id '297c99a5', with a
>fix by commit id '297c99a5' to resolve a make rpm failure. Also commit
>id '010065d70' made sure we got the channel as well as target...
>
>
>> diff --git a/libvirt.spec.in b/libvirt.spec.in
>> index 7f8be38..f300423 100644
>> --- a/libvirt.spec.in
>> +++ b/libvirt.spec.in
>> @@ -1960,9 +1960,9 @@ exit 0
>>  %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.qemu
>>  %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/
>>  %ghost %dir %attr(0700, root, root) %{_localstatedir}/run/libvirt/qemu/
>> -%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
>> -%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/
>> -%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/target/
>> +%dir %attr(0751, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
>> +%dir %attr(0751, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/
>> +%dir %attr(0751, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/target/
>>  %dir %attr(0711, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/nvram/
>>  %dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
>>  %{_datadir}/augeas/lenses/libvirtd_qemu.aug
>>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20150225/5f84f752/attachment-0001.sig>

More information about the libvir-list mailing list