On 05.02.2013 16:47, Daniel P. Berrange wrote: > On Tue, Feb 05, 2013 at 04:45:18PM +0100, Michal Privoznik wrote: >> On 05.02.2013 12:32, Christophe Fergeau wrote: >>> Similarly to 790f912b4 which rejects snapshots names containing, >>> this commit changes virDomainSaveXML to reject domains with a '/' >>> in their name. The domain name is used as a filename, so this >>> leads to unexpected results when used in combination with '..' >>> --- >>> >>> If someone is using domains with '/' in their name, this will cause a >>> regression for them as libvirt will no longer be able to re-write the >>> domain XML and will just fail. However, if someone is (ab)using this, >>> the domain must end up in an already existing directory as libvirt will >>> not create it so this is hopefully unconvenient enough that noone is >>> doing that. >>> If we only want to error out on new domain creation, this may be doable >>> by introducing a virDomainSaveXMLFlags, but will be more invasive. >>> >>> Christophe >>> >> >> The more problems with naming XML files I see the more I think we should >> not tie it to domain names. Basically there's no need to save domain >> named XYZ to XYZ.xml. Yes, it's helpful when the names match, however if >> domain name contains forbidden characters (e.g. '/'), we can use UUID >> for instance for the name of XML file. To keep track which domain is >> associated witch which file we can store that kind of information in >> virDomainObj. > > I think you understate the benefits here. UUID based filenames are just > absolutely *ing horrific for an admin to see and work work and I am very > glad libvirt does not use such a naming scheme. > > Daniel > But we discourage users to touch /etc/libvirt/qemu/*.xml files anyway. Moreover, we advise to define domain by not copying the files but using libvirt APIs. But then again - I am not telling we should switch to my approach for good for all domains. We should use it only for those names, where admin is stupid enough to name a domain using shell escape sequences or with '/' contained, etc. These admins don't want to take look under /etc/libvirt/ anyway. Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list