Re: Fwd: libvirtd failing on MacOS in setgroups

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Daniel P. Berrangé wrote:
> > > FWIW I compiled libvirt without the setgroups code on Mac and it
> > > worked as expected. Not sure what the implications of that are though?
> > 
> > OK, then the fix would be to not use setgroups on Mac, and nothing to do
> > in gnulib. Right?
> 
> Not calling setgroups means the QEMU process doesn't run with any of
> the supplementary groups associated with its user account, so this is
> not really a working solution. It re-introduces the bug that the
> setgroups call was added to fix.

For what purpose is libvirt or QEMU using setgroups()? What goes wrong if
setgroups() fails?

The problem is that the Darwin kernel does not support setting more than
NGROUPS_MAX (= 16) groups. So
  - What happens when you have a user account which is in more than 16
    groups? What do other processes do in this sitation?
  - Is using the first 16 groups and ignoring the extra ones an acceptable
    solution?

Bruno


--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux