[libvirt] [PATCH 1/2] qemu: Do not allow others into per-VM subdirectories

Martin Kletzander mkletzan at redhat.com
Sat Sep 12 14:31:58 UTC 2015


Signed-off-by: Martin Kletzander <mkletzan at redhat.com>
---
 src/qemu/qemu_process.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index d9a0942c4dfd..ce2c70cb3fd1 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -4734,7 +4734,7 @@ int qemuProcessStart(virConnectPtr conn,
     if (virAsprintf(&tmppath, "%s/domain-%s", cfg->libDir, vm->def->name) < 0)
         goto cleanup;

-    if (virFileMakePath(tmppath) < 0) {
+    if (virFileMakePathWithMode(tmppath, 0750) < 0) {
         virReportSystemError(errno, _("Cannot create directory '%s'"), tmppath);
         goto cleanup;
     }
@@ -4749,7 +4749,7 @@ int qemuProcessStart(virConnectPtr conn,
                     cfg->channelTargetDir, vm->def->name) < 0)
         goto cleanup;

-    if (virFileMakePath(tmppath) < 0) {
+    if (virFileMakePathWithMode(tmppath, 0750) < 0) {
         virReportSystemError(errno, _("Cannot create directory '%s'"), tmppath);
         goto cleanup;
     }
-- 
2.5.2




More information about the libvir-list mailing list