qemuSecurityCommandRun() would have dealt with this (if UID and GID
had been passed). With virCommandRun() we need separate, explicit
calls.
Fixes: a56f0168d576 ("qemu: hook up passt config to qemu domains")
Signed-off-by: Stefano Brivio <sbrivio@xxxxxxxxxx>
---
src/qemu/qemu_passt.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c
index 81f48dd630..61e7047354 100644
--- a/src/qemu/qemu_passt.c
+++ b/src/qemu/qemu_passt.c
@@ -157,6 +157,7 @@ qemuPasstStart(virDomainObj *vm,
{
qemuDomainObjPrivate *priv = vm->privateData;
virQEMUDriver *driver = priv->driver;
+ g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
g_autofree char *passtSocketName = qemuPasstCreateSocketPath(vm, net);
g_autoptr(virCommand) cmd = NULL;
g_autofree char *pidfile = qemuPasstCreatePidFilename(vm, net);
@@ -174,6 +175,11 @@ qemuPasstStart(virDomainObj *vm,
virCommandClearCaps(cmd);
virCommandSetErrorBuffer(cmd, &errbuf);
+ if (cfg->user != (uid_t) -1)
+ virCommandSetUID(cmd, cfg->user);
+ if (cfg->group != (gid_t) -1)
+ virCommandSetGID(cmd, cfg->group);
+
virCommandAddArgList(cmd,
"--one-off",
"--socket", passtSocketName,
--
2.39.1
