I believe this version addresses all the issues Eric raised in his review of V3, *except* those that we agreed should be left for a later patch. Patch 2/2 is unchanged all the way since v1. Patch 1/2 has the following changes from V3: * The "last ditch attempt to open the file in the parent process after failing with fork+setuid is done only if VIR_FILE_OPEN_NOFORK is false (meaning that it wasn't already tried). fchmod/fchown is then performed if necessary. * fchmod is only attempted after checking the file's current permissions and seeing that they don't match what is desired. * fchown and fchmod stuff is moved into a helper function that's called from 3 places. * fixed typos, added command about uid & gid no longer being "-1" Items *NOT* addressed: * eliminate log messages in child process * figure out how to have qemuOpenFile call virFileOpenAs just once * switch from use of waitpid to virPidWait() (and use of virPidAbort() to cause the child to terminate when an error is encountered while waiting for an fd from the child. * figure out when it is appropriate to unlink the file on failure. * move virFileOpenAs (and several other functions) to virfile.c -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list