When running a KVM sandbox as root, the qemu process will run as another user (likely qemu). We need to make sure this user can access the vmlinux and initrd.img, sandbox.cfg and mounts.cfg files. --- libvirt-sandbox/libvirt-sandbox-config.c | 2 +- libvirt-sandbox/libvirt-sandbox-context-interactive.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 087b5ce..8991043 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -2258,7 +2258,7 @@ gboolean gvir_sandbox_config_save_to_path(GVirSandboxConfig *config, if (!(data = g_key_file_to_data(file, &len, error))) goto cleanup; - if (!(os = G_OUTPUT_STREAM(g_file_create(f, G_FILE_CREATE_PRIVATE, NULL, error)))) + if (!(os = G_OUTPUT_STREAM(g_file_create(f, G_FILE_CREATE_NONE, NULL, error)))) goto cleanup; if (!g_output_stream_write_all(os, data, len, NULL, NULL, error)) diff --git a/libvirt-sandbox/libvirt-sandbox-context-interactive.c b/libvirt-sandbox/libvirt-sandbox-context-interactive.c index cec7965..78b2fbd 100644 --- a/libvirt-sandbox/libvirt-sandbox-context-interactive.c +++ b/libvirt-sandbox/libvirt-sandbox-context-interactive.c @@ -217,8 +217,8 @@ static gboolean gvir_sandbox_context_interactive_start(GVirSandboxContext *ctxt, error))) goto cleanup; - g_mkdir_with_parents(statedir, 0700); - g_mkdir_with_parents(configdir, 0700); + g_mkdir_with_parents(statedir, 0755); + g_mkdir_with_parents(configdir, 0755); unlink(configfile); if (!gvir_sandbox_config_save_to_path(config, configfile, error)) -- 2.1.4 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list