On Thu, Feb 10, 2022 at 12:13:24PM +0100, Michal Privoznik wrote: > Currently, due to the way virFileRewrite() works, the rewritten > file is owned by user and group that the daemon runs under. So > far, this is not a problem, because the function is used to write > XML files or secrets for persistent objects (domains, networks, > etc.) and we don't need other users to read/write those files. > > But shortly, this function is going to be used for creating files > for QEMU domains. There we want the QEMU process (i.e. different > user) to read the file. > > Therefore, introduce two new arguments: @uid and @gid that allow > setting desired owner of the file. Pass -1 to preserve current > behaviour (i.e. create the file owned by the user running the > daemon). > > Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> > --- > src/util/virfile.c | 28 +++++++++++++++++++++++++--- > src/util/virfile.h | 1 + > src/util/virxml.c | 3 ++- > 3 files changed, 28 insertions(+), 4 deletions(-) Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
