[PATCH 1/2] qemu_shim: Allow other users to enter the root dir

Michal Privoznik mprivozn at redhat.com
Fri Feb 28 15:56:00 UTC 2020


When virt-qemu-run is ran without any root directory specified on
the command line, a temporary directory is made and used instead.
But since we are using g_dir_make_tmp() to create the directory
it is going to have 0700 mode. So even though we create the whole
directory structure under it and label everything, QEMU is very
likely to not have the access. This is because in this case there
is no qemu.conf and thus distro default UID:GID is used to run
QEMU (e.g. qemu:kvm on Fedora). Change the mode of the temporary
directory so that everybody has eXecute permission.

Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
---
 src/qemu/qemu_shim.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/qemu/qemu_shim.c b/src/qemu/qemu_shim.c
index 5b7840e971..4f06ae952c 100644
--- a/src/qemu/qemu_shim.c
+++ b/src/qemu/qemu_shim.c
@@ -158,6 +158,12 @@ int main(int argc, char **argv)
             return 1;
         }
         tmproot = true;
+
+        if (chmod(root, S_IRWXU | S_IXGRP | S_IXOTH) < 0) {
+            g_printerr("%s: cannot chown temporary dir: %s\n",
+                       argv[0], g_strerror(errno));
+            goto cleanup;
+        }
     }
 
     virFileActivateDirOverrideForProg(argv[0]);
-- 
2.24.1




More information about the libvir-list mailing list