Re: Libvirt: dynamic ownership did not work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Fr, 5. Aug, 2016 um 9:45 schrieb Michal Privoznik <mprivozn@xxxxxxxxxx>:
On 04.08.2016 20:28, Jonatan Schlag wrote:
Then the other option that comes to my mind is a race with somebody else on the system. You can attach gdb to the daemon and set breakpoint to virSecurityDACSetOwnershipInternal(). In the arguments you should see the path eventually among with uid:gid. BTW: what's the domain XML?
What did you need the xml file the domain is called test and the image file is /data/hdd1/libvirt/images/test.img
Well, in the domain XML. there's <seclabel/> section in the domain XML that can fine tune relabelling for a domain. Moreover, some devices - like disks have the <seclabel/> too. And I was wondering whether you don't have those elements in the XML. The other reason for me asking domain XML is so that I could try to reproduce locally on my system.
I did together with Michael Tremer some debugging and Michael posted our results in the bugtracker. So it seems that the chown function is not executed, because a other function return a wrong value.
Ah, reading the bz transcript, you are not passing the path directly into the XML rather than use a volume from a storage pool. This is supported but the previous case is more tested. Again, this would help me to narrow down the possible causes.
Maybe the describtion in the bug report hepls to go furhter, when not say what you need (logs) to debug the problem.
Maybe I'm misreading this, but I think I've told you what I need to debug the problem. Moreover, it's usually better to provide as many information as possible when debugging a problem. Even a tiny little thing that user think of as trivial may look crucial in eyes of experienced developer with insight in the project.

Hi, 
I am sorry this sentence causes more trouble, then he helps. 
First, I posted the domain XML and the storage XML file in Bugzilla.
I could not post this files earlier because I had no time to do this. 

I will post what I can to help you and I will not hide any information which could help, but at the moment I have really no idea what I can provide what can help. 
So the intention of this sentence was, to say that I will provide what I can to help and not that I provide only the bit what you want. 

Regards Jonatan

Anyway, I'd like to continue the discussion in the BZ.

Ok, I will post now everything in the bugtracker.
Michal 
_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users
[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux