Re: [libvirt] [PATCH] qemu: eliminate "Ignoring open failure" message when using root-squash NFS

This eliminates the warning message reported in: https://bugzilla.redhat.com/show_bug.cgi?id=624447 It was caused by a failure to open an image file that is not accessible by root (the uid libvirtd is running as) because it's on a root-squash NFS share, owned by a different user, with permissions of 660 (or maybe 600). The solution is to re-try the open using virFileOpenAs() when appropriate. The codepath that generates the error is during qemuSetupDiskCGroup(), but the actual open() is in a lower-level generic function called from many places (virDomainDiskDefForeachPath), so some other pieces of the code were touched just to add dummy (or possibly useful) uid and gid arguments. Eliminating this warning message has the nice side effect that the requested opearation may even succeed (which in this case isn't

necessary, but shouldn't hurt anything either). --- src/conf/domain_conf.c | 13 ++++++++++++- src/conf/domain_conf.h | 1 + src/qemu/qemu_cgroup.c | 2 ++ src/security/security_dac.c | 1 + src/security/security_selinux.c | 7 +++++++ src/security/virt-aa-helper.c | 6 +++++- 6 files changed, 28 insertions(+), 2 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 180dd2b..2b7ec91 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -13370,6 +13370,7 @@ done: int virDomainDiskDefForeachPath(virDomainDiskDefPtr disk, bool allowProbing, bool ignoreOpenFailure, + uid_t uid, gid_t gid, virDomainDiskDefPathIterator iter, void *opaque) { @@ -13425,8 +13426,18 @@ int virDomainDiskDefForeachPath(virDomainDiskDefPtr disk, disk->src); goto cleanup; } + fd = open(path, O_RDONLY); + if ((fd < 0) && (errno == EACCES || errno == EPERM) && + (uid > 0 || gid > 0)) {