On 06/18/2012 03:47 AM, Osier Yang wrote:
Per the typical use of libvirt is to fork the qemu process with qemu:qemu. Setting the pool permission mode as 0700 by default will prevent the guest start with permission reason.
Define macro for the default pool and vol permission modes incidentally. --- src/conf/storage_conf.c | 11 ++++++++--- 1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/conf/storage_conf.c b/src/conf/storage_conf.c index bf4567f..6d4987b 100644 --- a/src/conf/storage_conf.c +++ b/src/conf/storage_conf.c @@ -47,6 +47,8 @@
#define VIR_FROM_THIS VIR_FROM_STORAGE
+#define DEFAULT_POOL_PERM_MODE 0711 +#define DEFAULT_VOL_PERM_MODE 0600
Isn't 755 more typical than 711 for directory permissions? For that reason, I'd like a second opinion on whether the more relaxed permissions make sense.
VIR_ENUM_IMPL(virStoragePool, VIR_STORAGE_POOL_LAST, @@ -812,7 +814,8 @@ virStoragePoolDefParseXML(xmlXPathContextPtr ctxt) { goto cleanup;
if (virStorageDefParsePerms(ctxt, &ret->target.perms, - "./target/permissions", 0700) < 0) + "./target/permissions", + DEFAULT_POOL_PERM_MODE) < 0)
However, this rewrite into symbolic names is good. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org