Re: [RFC] security_dac: don't chown iso file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/05/2011 06:33 AM, Daniel P. Berrange wrote:
On Tue, Oct 04, 2011 at 12:49:03PM -0500, Serge E. Hallyn wrote:
Quoting Serge E. Hallyn (serge.hallyn@xxxxxxxxxxxxx):
isos are read-only, so libvirt doesn't need to chown them.  In one of
our testing setups, libvirt uses mirrorred isos.  Since libvirt chowns
the files, (and especially does not chown them back) the mirror refuses
to update the iso.

This patch prevents libvirt from chowning files.

Does this seem reasonable?
any feedback on this?  Does it seem ok?
Unfortunately while this would fix the use case you describe, it would
also break other use cases.

What we really need todo with the DAC driver is replace all the
chown() code, with code that sets ACLs instead. Well actually we
would need to keep the chown code as a fallback for filesystems
which don't support ACLs, but as long as we prefer ACLs by default
that'd be OK.

Of course when we have ACLs, we'd only need to grant 'r' to the
file for CDROMs which would be better than what we do now.


In the meantime, I think you can solve the problem with your mirror by mounting the share read-only. When the filesystem is read-only, libvirt will attempt the chown/chgrp and fail, but notice the failure is due to a r/o (or root-squash) filesystem, and ignore the failure.

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]