On Tue, Feb 26, 2013 at 05:23:18PM -0700, Eric Blake wrote:
On 02/26/2013 09:08 AM, Michal Privoznik wrote:
Currently, if we label a file to match qemu process DAC label, we do not store the original owner anywhere. So when relabeling back, the only option we have is to relabel to root:root which is obviously wrong.
However, bare remembering is not enough. We need to keep track of how many times we labeled a file so only the last restore chown()-s file back to the original owner.
Definitely important for a read-only file shared by more than one domain.
In order to not pollute domain XML, this info is kept in driver's private data in a hash table with path being key and pair <oldLabel, refcount> being value.
Makes sense.
Have you looked at what it would take to use ACLs to grant access to qemu without having to do a full-blown chown? That would also need to use the hash table to undo the ACL at the end of the day, and we would need to fall back to chown() on file systems where ACL doesn't work, but it certainly sounds like that would be sharing some of the work in this patch.
Yep, independantly this patch we ought to make use of ACLs. It would remove a whole class of problems users experiance and make udev happier since it hates things chown'ing device nodes behind its back and has a tendancy to change them back at any moment. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|