On 01/06/2011 05:50 AM, Daniel P. Berrange wrote:
On Wed, Jan 05, 2011 at 05:03:48PM -0500, Laine Stump wrote:
> When dynamic_ownership=0, saved images must be owned by the same uid
> as is used to run the qemu process, otherwise restore won't work. To
> accomplish this, qemuSecurityDACRestoreSavedStateLabel() needs to
> simply return when it's called.
>
> This fix is in response to:
>
>
https://bugzilla.redhat.com/show_bug.cgi?id=661720
> ---
>
> Note that this still leaves open the issue discovered in this bug - if
> the saved image file already exists when it is "created" for the new
> save, whatever mode it has will be maintained, rather than forcing
> 0600. It would be simple to force the mode to 0600 (just add a flag to
> virFileOperation(), but I'm not sure if it would be safe to do so
> right now without a *lot* of testing (I'm concerned about possible
> scenarios where the chmod() that's done when the FORCE_PERMISSIONS
> flag is set might fail, making a previously working case fail). Any
> opinions on that? (At any rate, it should be done in a separate patch
> if we decide to do it).
We should unlink() the target path first, and then try to
create it with O_CREAT|O_EXCL to ensure we are the ones
who are creating it. Of course the unlink may well need
to be re-tried as with user who owns the file, in case of
root squash NFS
Do you think it's safe to put in such a change now? Or should we wait
until after the upcoming release(s)?