[Virtio-fs] How is the daemon meant to be started?
Dr. David Alan Gilbert
dgilbert at redhat.com
Mon Jun 15 09:54:06 UTC 2020
* Aa Aa (jimbothom at yandex.com) wrote:
> Hi
>
> I have a few questions about using virtiofsd. I currently have multiple vms share the same mountpoint for their rootfs using 9p, in read only (9p had a permissions issue but that was overcome). I can start qemu for each of them as non root with say only allowing access to /dev/kvm and even have some of the VM running with a different user name.
>
> If I wish to change to using virtiofsd, I can just change the init to:
> mount -t virtiofs -onoatime,nodiratime,noauto,ro rootfs /new | mount -t 9p -onoatime,nodiratime,noauto,ro,trans=virtio,cache=loose root /new
> and the qemu command line from using 9p to using a vhost-user-fs-pci device.
>
> The problem is how do I start virtiofsd. The daemon needs root
> permissions from what I can tell, to start. Thereafter, it listens on the
> socket and only accepts a single connection on the socket. In my case,
> I have a single mount point that I wish to use multiple times. You cannot
> listen on the socket multiple times, so I cannot say that /mnt/root socket
> will be exported as /run/virtiofsd/mounts/mnt-root.socket by something
> that has been started by root independently of qemu, but rather it would
> appear that I need to be root
Correct, at the moment you do need to be root; there were some
suggestions for relaxing that but they haven't been sorted out yet.
> and create a socket for each qemu task then
> drop permissions. Is this correct or is there another way to achieve this.
Yes, you need one daemon instance per mount/VM.
Dave
>
> Cheers
>
> JT
>
>
> _______________________________________________
> Virtio-fs mailing list
> Virtio-fs at redhat.com
> https://www.redhat.com/mailman/listinfo/virtio-fs
--
Dr. David Alan Gilbert / dgilbert at redhat.com / Manchester, UK
More information about the Virtio-fs
mailing list