[Ovirt-devel] root access required?
Perry N. Myers
pmyers at redhat.com
Mon Sep 8 16:03:21 UTC 2008
Ben Guthro wrote:
> In my endeavor to set up a build environment for our developers
> experimenting with oVirt / libvirt, I have come across a general dislike
> that the build of the ovirt managed node requires the user to be root.
> In looking into this we have found 2 areas that I am unable to work out
> a solution for:
> 1. livecd-tools must mount a filesystem image, requiring:
> (a) losetup /dev/loopX fs-image
> Where the user must have write access to /dev/loopX (which by
> default is writable only by root, readable by group 'disk').
> Could be
> worked around by changing /dev/loopX permissions (once, as root).
> (b) mount /dev/loopX /mnt/point
> Also requires root. Can be worked around with /etc/fstab entry
> allowing user mount.
> 2. 'rpm --root ...' is used to build the image.
> --root must chroot to the specified directory to run the various RPM
> chroot can't run under 'fakeroot' (AFAIK).
> I don't know how to avoid or workaround this.
> So -
> Does anyone here have any suggestions/recommended practices on how to go
> about working around these so that root access is not required?
> Or - are we stuck with "that's just the way it is" for building the
> managed node image?
The dependency on needing root is inherited from livecd-tools. So for us
to remove root as a requirement for building this needs to be changed
upstream. I'd start by posting questions/requests to the livecd mailing
lists and see if the developers there can easily fix this.
Once root is not longer required for livecd-tools, we will be able to
build everything in ovirt as non-root.
We've been working on some refactoring of the ovirt repositories to help
reduce the requirement to build as root. But it is still required
specifically for building the oVirt Appliance and the oVirt Node. The
remainder of the items can be built as non-root. Look for an email with
details on this from me shortly.
More information about the ovirt-devel