[libvirt-users] virDomainCoreDumpWithFormat files created as root
Michal Privoznik
mprivozn at redhat.com
Thu May 28 09:04:41 UTC 2015
On 28.05.2015 09:29, NoxDaFox wrote:
> Greetings,
>
> I am dumping a guest VM memory for inspection using the command
> "virDomainCoreDumpWithFormat" and the created files appear to belong to
> root (both user and group).
>
> I have searched around but didn't find any answer. Is there a way to
> instruct QEMU to create those files under a different user?
>
The coredump should belong to the user:group that the domain in question
is running under. If (by default) your qemu processes run under
root:root so will the coredump.
Although, I'm wondering if we should not disregard this and make
coredump be always owned by root:root since a coredump may contain
sensitive info, e.g. all kinds of cipher keys. We do that with disk
images, so maybe we should reconsider our politics with coredumps.
Michal
More information about the libvirt-users
mailing list