Since these devices are created for the container.
the owner should be the root user of the container.
Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
---
src/lxc/lxc_controller.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index f892ce3..b2ace20 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -1260,6 +1260,8 @@ static int virLXCControllerPopulateDevices(virLXCControllerPtr ctrl)
size_t i;
int ret = -1;
char *path = NULL;
+ uid_t uid = (uid_t)-1;
+ gid_t gid = (gid_t)-1;
const struct {
int maj;
int min;
@@ -1276,6 +1278,11 @@ static int virLXCControllerPopulateDevices(virLXCControllerPtr ctrl)
if (virLXCControllerSetupDev(ctrl) < 0)
goto out;
+ if (ctrl->def->idmap.uidmap) {
+ uid = ctrl->def->idmap.uidmap[0].target;
+ gid = ctrl->def->idmap.gidmap[0].target;
+ }
+
/* Populate /dev/ with a few important bits */
for (i = 0 ; i < ARRAY_CARDINALITY(devs) ; i++) {
if (virAsprintf(&path, "/%s/%s.dev/%s",
@@ -1293,6 +1300,13 @@ static int virLXCControllerPopulateDevices(virLXCControllerPtr ctrl)
devs[i].path);
goto out;
}
+
+ if (chown(path, uid, gid) < 0) {
+ virReportSystemError(errno,
+ _("Failed to change owner of %s to %u:%u"),
+ devs[i].path, uid, gid);
+ goto out;
+ }
VIR_FREE(path);
}
--
1.8.1.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list