Re: [libvirt] [PATCH v2 2/6] tpm: Add support for external swtpm TPM emulator

[...] Probably just an API naming thing as I was reading forward... Lot of context to plow through on the first pass for me! [...] I wonder if this is something where using the /var/run/libvirt (or whatever the temporary running domain path is - my brain is fried from so many reviews)... Using this would cause/allow cleanup when the process eventually dies [...] -c qemu:///session When using the virFile* API's if the incoming uid/gid is -1, then it's not specifically and it IIRC it takes whatever the current default running mode is. If it is set, then it's set specifically to the value. Been a while since I traversed through all that code. [...] Perhaps "stateDir" - it just came to me - hopefully it's what I was thinking about ;-) [...] The NFS thing is something that came to mind while thinking of uid/gid mgmt and rootsquash mode (or something like that) which absolutely causes nightmares w/r/t using root... >>> + >>> +    while ((ret = virDirRead(dir, &ent, name)) > 0) { >>> +        if (ent->d_type != DT_REG) >>> +            continue; >>> + >>> +        if (virAsprintf(&path, "%s/%s", name, ent->d_name) < 0) { >>> +            ret = -1; >>> +            break; >>> +        } >>> +        if (chown(path, uid, gid) < 0) { >> If uid/gid change from non root user X to user Y, then wouldn't this >> just fail anyway? > > Why would it fail if root does that? libvirtd runs as root. > Guess I was thinking of session mode or unprivileged mode. >> Still using the -1, -1 logic like other chown/chmod consumers may >> actually be a benefit here at least w/r/t not failing. > > Not sure what you mean. uid = -1 passed to chown() means, don't change > it. Same for gid = -1. > > I think I redescribed that a bit above. It wasn't fresh in my mind, but essentially looking at the various virFile API's that would check uid/gid vs. -1 and thinking how qemu.conf and storage pool <permissions> used -1, -1... Again the details escape me at the moment. [...] >>> +static int >>> +virTPMCreateEmulatorStorage(const char *storagepath, >>> +                            bool *created, >>> +                            uid_t swtpm_user) >>> +{ >>> +    int ret = -1; >>> +    char *swtpmStorageDir = virTPMGetTPMStorageDir(storagepath); >>> + >>> +    if (!swtpmStorageDir) >>> +        return -1; >>> + >>> +    if (virTPMEmulatorInitStorage(swtpmStorageDir) < 0) >>> +        return -1; >>> + >>> +    *created = false; >>> + >>> +    if (!virFileExists(storagepath)) >>> +        *created = true;> + >>> +    if (virDirCreate(storagepath, 0700, swtpm_user, swtpm_user, >> IIRC: We only checked if swtpm_user was a user - we did not check if it >> was also a gid... You cannot use the same value for both, can you? > > You are right. I need a swtpm_group, eh ? On my system tss happens to be > mapped to 59 for uid and gid. > >> Still may want to consider using the -1, -1 because it is handled via >> the File API's. > > -1 uid and -1 gid passed to chown() would mean don't change it. > One problem is that a user may edit  /etc/libvirt/qemu.conf and change > this line here from root to tss: > > swtpm_user = "tss" > > In that case all file ownerships have to be adjusted so that the swtpm > can access the files. That's why I am always adjusting the ownerships > before swtpm or the other tools are started. > I suspect by this time you've dug in a bit more and perhaps have more details than I can recall at the moment. [...] Thanks... I know it's painful from experience ;-) John