[libvirt] [PATCHv2] rpm: fix /var/lib/libvirt permissions
https://bugzilla.redhat.com/show_bug.cgi?id=649511 Regression of forcing 0700 permissions (which breaks guest startup because the qemu user can't see /var/lib/libvirt/*.monitor) was introduced in commit 66823690e, as part of libvirt 0.8.2. * libvirt.spec.in (%files): Drop %{_localstatedir}/lib/libvirt, since libvirt depends on libvirt-client. (%files client): Guarantee 755 permissions on %(_localstatedir}/lib/libvirt, since the qemu user must be able to do pathname resolution to a subdirectory. --- v2 changes: don't declare directory twice (v1 at https://www.redhat.com/archives/libvir-list/2010-November/msg00238.html) libvirt.spec.in | 3 +-- 1 files changed, 1 insertions(+), 2 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 813e0c0..f77626e 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -793,7 +793,6 @@ fi %dir %{_localstatedir}/run/libvirt/ -%dir %{_localstatedir}/lib/libvirt/ %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/images/ %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/boot/ %dir %attr(0700, root, root) %{_localstatedir}/cache/libvirt/ @@ -883,7 +882,7 @@ fi %{_sysconfdir}/rc.d/init.d/libvirt-guests %config(noreplace) %{_sysconfdir}/sysconfig/libvirt-guests -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt +%dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/ %if %{with_sasl} %config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf -- 1.7.3.2
On Tue, Nov 09, 2010 at 04:16:47PM -0700, Eric Blake wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=649511
Regression of forcing 0700 permissions (which breaks guest startup because the qemu user can't see /var/lib/libvirt/*.monitor) was introduced in commit 66823690e, as part of libvirt 0.8.2.
* libvirt.spec.in (%files): Drop %{_localstatedir}/lib/libvirt, since libvirt depends on libvirt-client. (%files client): Guarantee 755 permissions on %(_localstatedir}/lib/libvirt, since the qemu user must be able to do pathname resolution to a subdirectory. ---
v2 changes: don't declare directory twice (v1 at https://www.redhat.com/archives/libvir-list/2010-November/msg00238.html)
libvirt.spec.in | 3 +-- 1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in index 813e0c0..f77626e 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -793,7 +793,6 @@ fi
%dir %{_localstatedir}/run/libvirt/
-%dir %{_localstatedir}/lib/libvirt/ %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/images/ %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/boot/ %dir %attr(0700, root, root) %{_localstatedir}/cache/libvirt/ @@ -883,7 +882,7 @@ fi
%{_sysconfdir}/rc.d/init.d/libvirt-guests %config(noreplace) %{_sysconfdir}/sysconfig/libvirt-guests -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt +%dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/
%if %{with_sasl} %config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
ACK, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/
On 11/10/2010 03:04 AM, Daniel Veillard wrote:
On Tue, Nov 09, 2010 at 04:16:47PM -0700, Eric Blake wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=649511
Regression of forcing 0700 permissions (which breaks guest startup because the qemu user can't see /var/lib/libvirt/*.monitor) was introduced in commit 66823690e, as part of libvirt 0.8.2.
* libvirt.spec.in (%files): Drop %{_localstatedir}/lib/libvirt, since libvirt depends on libvirt-client. (%files client): Guarantee 755 permissions on %(_localstatedir}/lib/libvirt, since the qemu user must be able to do pathname resolution to a subdirectory.
ACK,
Thanks; pushed. -- Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org
participants (2)
-
Daniel Veillard -
Eric Blake