Add the ability to turn off dynamic management of file permissions
for libvirt guests.
* qemu/libvirtd_qemu.aug: Support 'dynamic_ownership' flag
* qemu/qemu.conf: Document 'dynamic_ownership' flag.
* qemu/qemu_conf.c: Load 'dynamic_ownership' flag
* qemu/test_libvirtd_qemu.aug: Test 'dynamic_ownership' flag
---
src/qemu/libvirtd_qemu.aug | 1 +
src/qemu/qemu.conf | 5 +++++
src/qemu/qemu_conf.c | 13 ++++++++++---
src/qemu/test_libvirtd_qemu.aug | 4 ++++
4 files changed, 20 insertions(+), 3 deletions(-)
diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
index f0b2a5e..b71e4cf 100644
--- a/src/qemu/libvirtd_qemu.aug
+++ b/src/qemu/libvirtd_qemu.aug
@@ -32,6 +32,7 @@ module Libvirtd_qemu =
| str_entry "security_driver"
| str_entry "user"
| str_entry "group"
+ | bool_entry "dynamic_ownership"
| str_array_entry "cgroup_controllers"
| str_array_entry "cgroup_device_acl"
| str_entry "save_image_format"
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
index 2129bae..c662893 100644
--- a/src/qemu/qemu.conf
+++ b/src/qemu/qemu.conf
@@ -96,6 +96,11 @@
# The group ID for QEMU processes run by the system instance
#group = "root"
+# Whether libvirt should dynamically change file ownership
+# to match the configured user/group above. Defaults to 1.
+# Set to 0 to disable file ownership changes.
+#dynamic_ownership = 1
+
# What cgroup controllers to make use of with QEMU guests
#
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 2cefa6a..34c6fdb 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -102,7 +102,9 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
char *group;
int i;
- /* Setup 2 critical defaults */
+ /* Setup critical defaults */
+ driver->dynamicOwnership = 1;
+
if (!(driver->vncListen = strdup("127.0.0.1"))) {
virReportOOMError(NULL);
return -1;
@@ -224,6 +226,7 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
}
VIR_FREE(user);
+
p = virConfGetValue (conf, "group");
CHECK_TYPE ("group", VIR_CONF_STRING);
if (!(group = strdup(p && p->str ? p->str : QEMU_GROUP))) {
@@ -231,8 +234,6 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
virConfFree(conf);
return -1;
}
-
-
if (virGetGroupID(NULL, group, &driver->group) < 0) {
VIR_FREE(group);
virConfFree(conf);
@@ -240,6 +241,12 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
}
VIR_FREE(group);
+
+ p = virConfGetValue (conf, "dynamic_ownership");
+ CHECK_TYPE ("dynamic_ownership", VIR_CONF_LONG);
+ if (p) driver->dynamicOwnership = p->l;
+
+
p = virConfGetValue (conf, "cgroup_controllers");
CHECK_TYPE ("cgroup_controllers", VIR_CONF_LIST);
if (p) {
diff --git a/src/qemu/test_libvirtd_qemu.aug b/src/qemu/test_libvirtd_qemu.aug
index ac89438..3ce47f3 100644
--- a/src/qemu/test_libvirtd_qemu.aug
+++ b/src/qemu/test_libvirtd_qemu.aug
@@ -86,6 +86,8 @@ user = \"root\"
group = \"root\"
+dynamic_ownership = 1
+
cgroup_controllers = [ \"cpu\", \"devices\" ]
cgroup_device_acl = [ \"/dev/null\", \"/dev/full\", \"/dev/zero\" ]
@@ -182,6 +184,8 @@ hugetlbfs_mount = \"/dev/hugepages\"
{ "#empty" }
{ "group" = "root" }
{ "#empty" }
+{ "dynamic_ownership" = "1" }
+{ "#empty" }
{ "cgroup_controllers"
{ "1" = "cpu" }
{ "2" = "devices" }
--
1.6.5.2
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list