When running a KVM sandbox as root, the qemu process will run as
another user (likely qemu). We need to make sure this user can access
the vmlinux and initrd.img, sandbox.cfg and mounts.cfg files.
---
libvirt-sandbox/libvirt-sandbox-config.c | 2 +-
libvirt-sandbox/libvirt-sandbox-context-interactive.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c
index 087b5ce..8991043 100644
--- a/libvirt-sandbox/libvirt-sandbox-config.c
+++ b/libvirt-sandbox/libvirt-sandbox-config.c
@@ -2258,7 +2258,7 @@ gboolean gvir_sandbox_config_save_to_path(GVirSandboxConfig *config,
if (!(data = g_key_file_to_data(file, &len, error)))
goto cleanup;
- if (!(os = G_OUTPUT_STREAM(g_file_create(f, G_FILE_CREATE_PRIVATE, NULL, error))))
+ if (!(os = G_OUTPUT_STREAM(g_file_create(f, G_FILE_CREATE_NONE, NULL, error))))
goto cleanup;
if (!g_output_stream_write_all(os, data, len, NULL, NULL, error))
diff --git a/libvirt-sandbox/libvirt-sandbox-context-interactive.c b/libvirt-sandbox/libvirt-sandbox-context-interactive.c
index cec7965..78b2fbd 100644
--- a/libvirt-sandbox/libvirt-sandbox-context-interactive.c
+++ b/libvirt-sandbox/libvirt-sandbox-context-interactive.c
@@ -217,8 +217,8 @@ static gboolean gvir_sandbox_context_interactive_start(GVirSandboxContext *ctxt,
error)))
goto cleanup;
- g_mkdir_with_parents(statedir, 0700);
- g_mkdir_with_parents(configdir, 0700);
+ g_mkdir_with_parents(statedir, 0755);
+ g_mkdir_with_parents(configdir, 0755);
unlink(configfile);
if (!gvir_sandbox_config_save_to_path(config, configfile, error))
--
2.1.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list