[Libvir] [PATCH] virtinst: don't expect non-root users to have block device access
Hi, attached patch drops the assumption that a non-root user has read access to the guest OSes partition - he doesn't need to since all interaction is handled via libvirt and giving the user read access for a simple MBR block read test seems like overkill. Please apply if appropriate, patch is against current hg. Cheers, -- Guido # HG changeset patch # User agx@sigxcpu.org # Date 1201618288 -3600 # Node ID 96a103cd78dc7616a2e1e54f2e100fe156bebafd # Parent 5109856f3bedf3b8eff7f78ce881b39bf8d30029 Don't fail if a non root user can't read from the block device due to insufficient permissions diff -r 5109856f3bed -r 96a103cd78dc virtinst/DistroManager.py --- a/virtinst/DistroManager.py Thu Jan 10 20:34:27 2008 -0500 +++ b/virtinst/DistroManager.py Tue Jan 29 15:51:28 2008 +0100 @@ -22,6 +22,7 @@ import logging import os +import errno import gzip import re import struct @@ -239,7 +240,14 @@ class DistroInstaller(Guest.Installer): def post_install_check(self, guest): # Check for the 0xaa55 signature at the end of the MBR - fd = os.open(guest._install_disks[0].path, os.O_RDONLY) + try: + fd = os.open(guest._install_disks[0].path, os.O_RDONLY) + except OSError, (err, msg): + logging.debug("Failed to open guest disk: %s" % msg) + if err == errno.EACCES and os.geteuid() != 0: + return True # non root might not have access to block devices + else: + raise buf = os.read(fd, 512) os.close(fd) return len(buf) == 512 and struct.unpack("H", buf[0x1fe: 0x200]) == (0xaa55,) @@ -284,7 +292,14 @@ class PXEInstaller(Guest.Installer): def post_install_check(self, guest): # Check for the 0xaa55 signature at the end of the MBR - fd = os.open(guest._install_disks[0].path, os.O_RDONLY) + try: + fd = os.open(guest._install_disks[0].path, os.O_RDONLY) + except OSError, (err, msg): + logging.debug("Failed to open guest disk: %s" % msg) + if err == errno.EACCES and os.geteuid() != 0: + return True # non root might not have access to block devices + else: + raise buf = os.read(fd, 512) os.close(fd) return len(buf) == 512 and struct.unpack("H", buf[0x1fe: 0x200]) == (0xaa55,)
On Tue, Jan 29, 2008 at 04:58:26PM +0100, Guido Guenther wrote:
Hi, attached patch drops the assumption that a non-root user has read access to the guest OSes partition - he doesn't need to since all interaction is handled via libvirt and giving the user read access for a simple MBR block read test seems like overkill. Please apply if appropriate, patch is against current hg.
A bit of a nasty hack, but until we have the storage API stuff done, this is pretty much best we can do. BTW, virt-install patches should usually go to et-mgmt-tools@redhat.com, but no need to re-post this one. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
participants (2)
-
Daniel P. Berrange -
Guido Guenther