On 01/06/2011 05:50 AM, Daniel P. Berrange wrote:
On Wed, Jan 05, 2011 at 05:03:48PM -0500, Laine Stump wrote:
When dynamic_ownership=0, saved images must be owned by the same uid as is used to run the qemu process, otherwise restore won't work. To accomplish this, qemuSecurityDACRestoreSavedStateLabel() needs to simply return when it's called.
This fix is in response to:
https://bugzilla.redhat.com/show_bug.cgi?id=661720 ---
Note that this still leaves open the issue discovered in this bug - if the saved image file already exists when it is "created" for the new save, whatever mode it has will be maintained, rather than forcing 0600. It would be simple to force the mode to 0600 (just add a flag to virFileOperation(), but I'm not sure if it would be safe to do so right now without a *lot* of testing (I'm concerned about possible scenarios where the chmod() that's done when the FORCE_PERMISSIONS flag is set might fail, making a previously working case fail). Any opinions on that? (At any rate, it should be done in a separate patch if we decide to do it). We should unlink() the target path first, and then try to create it with O_CREAT|O_EXCL to ensure we are the ones who are creating it. Of course the unlink may well need to be re-tried as with user who owns the file, in case of root squash NFS
Do you think it's safe to put in such a change now? Or should we wait until after the upcoming release(s)?