Harald Dunkel wrote:
Hi Spencer, I could reproduce the EINVAL on the command line: srvl022:/storage# touch /storage/x srvl022:/storage# chown 110:140 /storage/x chown: changing ownership of `/storage/x': Invalid argument 110 and 140 are not valid UIDs and GIDs on the NFS server. They are defined in the local passwd/group files on the libvirt server only. After defining the user and group on the NFS server the error message is gone. Obviously NFSv4 is a little bit picky about remote root users trying to change the ownership of files. This seems to break qemuSecurityDACSetOwnership() in qemu_security_dac.c, giving me the "unable to set security context" message. Do you think it would be possible to introduce a configure option '--with-dac=no'?
I think that would be a little misleading ;) It sounds like part of the problem was that the error message wasn't clearly conveying the reason for the problem. It wasn't an SELinux security context that was causing issues, it was DAC user/group. I just submitted a patch to clarify the error message to reference user/group instead of "security context."
--Spencer
Regards Harri
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list