[Virtio-fs] [RFC] About non-root virtiofsd(1) process
P J P
ppandit at redhat.com
Fri Jan 15 07:09:13 UTC 2021
Hello,
+-- On Thu, 14 Jan 2021, Stefan Hajnoczi wrote --+
| On Thu, Jan 14, 2021 at 02:11:28PM +0530, P J P wrote:
| > Ex. By default offer only read access to guest VM.
|
| That's not useful. Most users require read-write.
* Agreed. I meant let 'rw' access be user's choice than the default for
virtiofsd(1).
| The fundamental issue is that the server must be able to create, access, and
| modify files with arbitrary uids/gids.
* Why arbitrary uids/gids? Once a directory is shared with a guest, its
uids/gids would stay same, no?
* We also start separate virtiofsd(1) process for each share/guest too. ie.
single virtiofsd(1) daemon is not catering to multiple guests and their
respective shared directories, right?
| If you have specific ideas, let's discuss them.
* One was to have a command line switch similar to 'qemu -runas <user>'
$ ./virtiofsd -runas test -o source=...
If a user wants to run virtiofsd(1) with non-root privileges, it'll be
handy.
| https://gitlab.com/virtio-fs/qemu/-/merge_requests/6/diffs?commit_id=718c71fa44f6b92ac27558c903d27935236b08ef
* I'll go through it.
Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D
More information about the Virtio-fs
mailing list