On 9/13/2021 7:23 PM, Daniel P. Berrangé wrote: > On Mon, Sep 13, 2021 at 07:11:04PM +0800, Peng Liang wrote: >> The temp files of screenshot and memory peek, which are created by QEMU, >> are put in the cache directory. However, the caches of domain >> capabilities, which are created and used by libvirtd, are also put in >> the cache directory. In order to make the cache directory more secure, >> move the temp files of screenshot and memory peek to autoDumpPath. >> >> Since the temp files are just temporary files and are only used by >> libvirtd (libvirtd will delete them after use), the use of screenshot >> and memory peek will be affected. > > autoDumpPath does nt look like the right thing to be using here. > Why don't we just put these files in a subdirectory of the cache > dir to avoid the problem with capabilities ? > Ah, I just find that autoDumpPath is for watchdog event to auto-dump a guest. But I think the files libvirtd put in the cache directory (except capabilites) are just temporary files instead of cache files. So IMHO, a subdir in the cache directory is also not the perfect path for these files. How about putting these files in the pre-domain dir (e.g. /var/lib/libvirt/qemu/domain-1-test)? > > Regards, > Daniel > Thanks, Peng
