this is particularily important if said device is a file sitting on a
root_squashing nfs export.
my previous attempt for a patch missed 3 chowns that should be avoided.
---
src/qemu/qemu.conf | 4 ++++
src/qemu/qemu_conf.c | 3 +++
src/qemu/qemu_conf.h | 1 +
src/qemu/qemu_driver.c | 8 ++++----
4 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
index bca858a..892a50b 100644
--- a/src/qemu/qemu.conf
+++ b/src/qemu/qemu.conf
@@ -96,6 +96,10 @@
# The group ID for QEMU processes run by the system instance
#group = "root"
+# should libvirt assume that devices are accessible to the above user:group.
+# by default, libvirt tries to chown devices before starting up a domain and
+# restore ownership to root when domain comes down.
+#assume_devices_accessible = 0
# What cgroup controllers to make use of with QEMU guests
#
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index b1b9e5f..520a395 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -232,6 +232,9 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
return -1;
}
+ p = virConfGetValue (conf, "assume_devices_accessible");
+ CHECK_TYPE ("assume_devices_accessible", VIR_CONF_LONG);
+ if (p) driver->avoid_dev_chown = p->l;
if (virGetGroupID(NULL, group, &driver->group) < 0) {
VIR_FREE(group);
diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
index 675c636..3a9da73 100644
--- a/src/qemu/qemu_conf.h
+++ b/src/qemu/qemu_conf.h
@@ -87,6 +87,7 @@ struct qemud_driver {
uid_t user;
gid_t group;
+ int avoid_dev_chown;
unsigned int qemuVersion;
int nextvmid;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 2f273eb..5f02aa2 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -1968,7 +1968,7 @@ static int qemuDomainSetDeviceOwnership(virConnectPtr conn,
uid_t uid;
gid_t gid;
- if (!driver->privileged)
+ if (!driver->privileged || driver->avoid_dev_chown)
return 0;
/* short circuit case of root:root */
@@ -2002,7 +2002,7 @@ static int qemuDomainSetAllDeviceOwnership(virConnectPtr conn,
uid_t uid;
gid_t gid;
- if (!driver->privileged)
+ if (!driver->privileged || driver->avoid_dev_chown)
return 0;
/* short circuit case of root:root */
@@ -3438,7 +3438,7 @@ static int qemudDomainSave(virDomainPtr dom,
}
fd = -1;
- if (driver->privileged &&
+ if (driver->privileged && !driver->avoid_dev_chown &&
chown(path, driver->user, driver->group) < 0) {
virReportSystemError(NULL, errno,
_("unable to set ownership of '%s' to user %d:%d"),
@@ -3473,7 +3473,7 @@ static int qemudDomainSave(virDomainPtr dom,
if (rc < 0)
goto endjob;
- if (driver->privileged &&
+ if (driver->privileged && !driver->avoid_dev_chown &&
chown(path, 0, 0) < 0) {
virReportSystemError(NULL, errno,
_("unable to set ownership of '%s' to user %d:%d"),
--
1.6.5.2
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list