Re: [libvirt] QMP Capability Detection Issues with GIT version of QEMU
On Thu, Nov 22, 2012 at 05:41:30PM +0100, Viktor Mihajlovski wrote:
I ran into trouble today trying to use the GIT level of QEMU.
In a nutshell: the capability detection with QMP is failing
and the fallback using -help isn't working with the GIT level
probably due to help text reformatting.
The failure reason is that QEMU cannot bind to the
QMP monitor socket in the /var/lib/libvirt/qemu directory.
That's because the child process is stripped of all
capabilities and this directory is chown'ed to qemu:qemu
by the QEMU driver.
Note that this is failing with the release QEMU as well,
with the difference that the fallback is working there.
I am willing to provide a patch, however I'd like
to get feedback on the approach to use:
1. Add back Linux capabilities CAP_DAC_OVERRIDE,
CAP_DAC_READ_SEARCH to allow QEMU to bind to
the monitor socket.
This seems to be hacky/dodging the problem.
2. Use a separate directory for the QMP probing
instance of QEMU.
3. Run the QMP QEMU under the configured qemu
user. This would be my favorite.
Yep, this seems like the right thing todo.
/me tries to understand why I didn't see this problem myself.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|