On 08/05/2013 04:09 AM, Guido Günther wrote:
The change from initgroups to virGetGroupList/setgroups in cab36cfe71ba83b71e536ba5c98e596f02b697b0 dropped the primary group from processes group list iff the passed in group to virGetGroupList differs from the user's primary group.
So always include the primary group to bring back the old behaviour.
Debian has the kvm group as primary group but uses libvirt-qemu:libvirt-qemu as user:group to run the kvm process so without this change the /dev/kvm is inaccesible.
s/inaccesible/inaccessible/
--- src/util/virutil.c | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-)
+ + if (gid != (gid_t)-1) { + if (VIR_REALLOC_N(*list, ++ret) < 0) { + VIR_FREE(*list); + goto cleanup; + } + (*list)[ret-1] = gid; + }
This may allow gid to appear in the list more than once - I'd feel a bit more comfortable if you expanded the list only if you already validated that gid is not in the list. Also, using VIR_APPEND_ELEMENT would be nicer than VIR_REALLOC_N and manual list size manipulation. Looking forward to v2. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org