[libvirt] [PATCH 00/11] Avoid numerous calls of virQEMUCapsCacheLookup
Bjoern Walk
bwalk at linux.ibm.com
Fri Oct 26 04:57:54 UTC 2018
Daniel P. Berrangé <berrange at redhat.com> [2018-10-25, 06:32PM +0100]:
> On Thu, Oct 25, 2018 at 01:47:26PM +0200, Bjoern Walk wrote:
> > Daniel P. Berrangé <berrange at redhat.com> [2018-10-24, 10:43PM +0100]:
> > > We could optimize this by jcalling virFileAccessibleAs
> > > once and storing the result in a global. Then just do a
> > > plain stat() call in process to check the st_ctime field
> > > for changes. We only need re-run the heavy virFileAccessibleAs
> > > check if st_ctime has changed (indicating a owner/group/acl
> > > change).
> >
> > But can't access permission change outside of changing the actual device
> > file (e.g. cgroups or other OS capabilities)? Isn't that the whole
> > purpose of the virFileAccessibleAs gymnastics?
>
> Yes, cgroups could restrict access to /dev/kvm, but virFileAccessibleAs
> does not use cgroups, it only cares about using the correct user + group
> membership.
Sorry, but then I don't understand the purpose of this function at all.
Why would you EVER check permissions like that? A simple stat(2) call
should give you the exact same information, no?
--
IBM Systems
Linux on Z & Virtualization Development
--------------------------------------------------
IBM Deutschland Research & Development GmbH
Schönaicher Str. 220, 71032 Böblingen
Phone: +49 7031 16 1819
--------------------------------------------------
Vorsitzende des Aufsichtsrats: Martina Koederitz
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 902 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20181026/09163b7a/attachment-0001.sig>
More information about the libvir-list
mailing list