[Libvir] [PATCH] add global --readonly flag to virsh
The current vshInit function in virsh tries some dodgy heuristics to see if it should connect readonly or read/write to the hypervisor. Unfortunately these heuristics fail, eg. when you have a root-owned system-wide qemud, and a user trying to run virsh as non-root. This patch removes the heuristics and replaces them with a simple -r | --readonly flag on the command line. If omitted, we try to connect read/write, otherwise we try to connect readonly. Note that this doesn't affect the "connect" command in the shell, which still has its own --readonly flag that is completely separate from this new global flag. Rich.
On Mon, Mar 05, 2007 at 05:22:28PM +0000, Richard W.M. Jones wrote:
The current vshInit function in virsh tries some dodgy heuristics to see if it should connect readonly or read/write to the hypervisor. Unfortunately these heuristics fail, eg. when you have a root-owned system-wide qemud, and a user trying to run virsh as non-root.
This patch removes the heuristics and replaces them with a simple -r | --readonly flag on the command line. If omitted, we try to connect read/write, otherwise we try to connect readonly.
I like this patch, but I don't think we can apply it in exactly the form it is now. There may well be people already using virsh in a non-root context with Xen, and this will break them requiring them to add a --readonly arg in. I think we should add the explicit --readonly flag patch attached, but also put in a simplified heuristic for the Xen non-root case. I'd think I'd add in a snippet of code looking like: if (ctl->uid != 0 && (ctl->name == NULL || !strcmp(ctl->name, "Xen")) ctl->readonly = TRUE; If people agree, I'll apply Rich's patch with this addition ? Regards, Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
Daniel P. Berrange wrote:
On Mon, Mar 05, 2007 at 05:22:28PM +0000, Richard W.M. Jones wrote:
The current vshInit function in virsh tries some dodgy heuristics to see if it should connect readonly or read/write to the hypervisor. Unfortunately these heuristics fail, eg. when you have a root-owned system-wide qemud, and a user trying to run virsh as non-root.
This patch removes the heuristics and replaces them with a simple -r | --readonly flag on the command line. If omitted, we try to connect read/write, otherwise we try to connect readonly.
I like this patch, but I don't think we can apply it in exactly the form it is now. There may well be people already using virsh in a non-root context with Xen, and this will break them requiring them to add a --readonly arg in. I think we should add the explicit --readonly flag patch attached, but also put in a simplified heuristic for the Xen non-root case. I'd think I'd add in a snippet of code looking like:
if (ctl->uid != 0 && (ctl->name == NULL || !strcmp(ctl->name, "Xen")) ctl->readonly = TRUE;
If people agree, I'll apply Rich's patch with this addition ?
Agreed, unless we want an explicit --readwrite to override this heuristic :-) Rich. -- Emerging Technologies, Red Hat http://et.redhat.com/~rjones/ 64 Baker Street, London, W1U 7DF Mobile: +44 7866 314 421 "[Negative numbers] darken the very whole doctrines of the equations and make dark of the things which are in their nature excessively obvious and simple" (Francis Maseres FRS, mathematician, 1759)
participants (2)
-
Daniel P. Berrange -
Richard W.M. Jones