On Wed, Nov 18, 2015 at 20:20:38 +0200, Matteo Cafasso wrote:

When called with dynamicOwnership set, the qemuOpenFileAs function ignores it resulting in files not created with proper permissions.

The issue is reported in:

https://www.redhat.com/archives/libvirt-users/2015-November/msg00039.html

and also mentioned in:

https://www.redhat.com/archives/libvir-list/2015-November/msg00453.html

Signed-off-by: Matteo Cafasso <noxdafox@gmail.com> --- src/qemu/qemu_driver.c | 5 +++++ 1 file changed, 5 insertions(+)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 92a9961..b3b59b6 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -2932,6 +2932,11 @@ qemuOpenFileAs(uid_t fallback_uid, gid_t fallback_gid, if (path_shared <= 0 || dynamicOwnership) vfoflags |= VIR_FILE_OPEN_FORCE_OWNER;

+ if (dynamicOwnership) { + uid = fallback_uid; + gid = fallback_gid; + } + if (stat(path, &sb) == 0) { /* It already exists, we don't want to delete it on error */ need_unlink = false;

NACK, this is not the right way of fixing the issue (not to mention that the issue is not completely clear to me, yet; I'd rather clarify it first in the thread referenced by your commit message). With this patch we'd never even try creating the file as root. Thus creating a file in a directory inaccessible (for writing) to fallback_uid:fallback_gid will always fail. Jirka