On 09/19/2018 12:39 PM, Milan Zamazal wrote: > Hi, I'm playing with dynamic ownership and not all objects have their > owners changed. > > Is dynamic_ownership and its scope documented somewhere, besides the > comment in qemu.conf? > > And what kinds of objects are handled by dynamic ownership? While some > objects seem to be handled, other objects are apparently unaffected. > For instance /dev/hwrng or a USB host device keep their root owners and > are inaccessible to the VM. Is that expected or do I have anything > wrong? Basically, if a file is used solely by a domain we can relabel it. However, if a file can be used by other processes (not only qemu) then we must not change its label as we would be effectively cutting of the other processes we know nothing about. In this case, /dev/hwrng might be used by some other process in the system. Also the fact that it's owned by root:root and not readable by anybody except the root user, tells me that we might not want to pass the file to any domain? Michal _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
