On Sun, Oct 11, 2009 at 02:27:22PM +0200, Dan Kenigsberg wrote: There was no good answer to this - either you force the admin to change all the permissions, or libvirt changes them. We went for the latter because it was the only way to avoid breaking everyones VMs upon upgrade of libvirt. We probably need to make this more flexible, by adding ability to say whether permissions should be managed automatically, or manually as we did with SELinux labels. Figuring out whether an image is accessible though is a non-trivial problem - you'll have to do many checks against the file & parent directories, and groups. The ultimate plan though is that if an app uses the storage APIs for creating volumes to back guest VMs, it should be able to specify the correct ownership/permission against the storage pool. All volumes would then inherit this when created, and everything be correct when time comes to start the VM, avoiding the need for any modification at that point Restoring is something that needs to be improved upon because it impacts SELinux labelling too. We can't simply track the original perms against the VM though, because this doesn't work with shared disks where you only want to restore when the last VM shuts down, and you don't want to neccessarily use the original permissions that VM saw. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|