Re: [libvirt] [PATCH] qemu: turn on virtlockd by default
On Thu, Feb 02, 2017 at 12:47:30PM +0000, Richard W.M. Jones wrote:
On Wed, Feb 01, 2017 at 04:54:01PM +0000, Daniel P. Berrange wrote:
> The virtlockd daemon has existed for years now, but we have never
> turned it on by default, requiring explicit user opt-in. This leaves
> users unprotected against accidents out of the box.
>
> By turning it on by default, users will at least be protected for
> mistakes involving local files, and files on shared filesystems
> that support fcntl() (eg NFS).
What are the implications of this for passively reading
live disks? (a la tools such as virt-df)
None - at this time, a disk marked <readonly/> won't acquire any
locks. We map
<readonly/> -> no lock
<shareable/> -> fnctl read lock
default -> fcntl write lock
In future we'll likely copy the trick qemu has done to use a pair
of fcntl locks on separate bytes, in order to map all combinations
to locks. As long as you always mark disks <readonly/> though you
should be fine no matter what we do.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|