Quoting Serge E. Hallyn (serge.hallyn@xxxxxxxxxxxxx): > isos are read-only, so libvirt doesn't need to chown them. In one of > our testing setups, libvirt uses mirrorred isos. Since libvirt chowns > the files, (and especially does not chown them back) the mirror refuses > to update the iso. > > This patch prevents libvirt from chowning files. > > Does this seem reasonable? Hi, any feedback on this? Does it seem ok? thanks, -serge > Signed-off-by: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx> > --- > src/security/security_dac.c | 2 ++ > 1 files changed, 2 insertions(+), 0 deletions(-) > > diff --git a/src/security/security_dac.c b/src/security/security_dac.c > index af02236..e7db324 100644 > --- a/src/security/security_dac.c > +++ b/src/security/security_dac.c > @@ -555,6 +555,8 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr, > /* XXX fixme - we need to recursively label the entire tree :-( */ > if (vm->def->disks[i]->type == VIR_DOMAIN_DISK_TYPE_DIR) > continue; > + if (vm->def->disks[i]->device == VIR_DOMAIN_DISK_DEVICE_CDROM) > + continue; > if (virSecurityDACSetSecurityImageLabel(mgr, > vm, > vm->def->disks[i]) < 0) > -- > 1.7.5.4 > > -- > libvir-list mailing list > libvir-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list