The current vshInit function in virsh tries some dodgy heuristics to see
if it should connect readonly or read/write to the hypervisor.
Unfortunately these heuristics fail, eg. when you have a root-owned
system-wide qemud, and a user trying to run virsh as non-root.
This patch removes the heuristics and replaces them with a simple -r |
--readonly flag on the command line. If omitted, we try to connect
read/write, otherwise we try to connect readonly.
Note that this doesn't affect the "connect" command in the shell, which
still has its own --readonly flag that is completely separate from this
new global flag.
Rich.
diff --git a/src/virsh.c b/src/virsh.c
index 90030a8..5200c3d 100644
--- a/src/virsh.c
+++ b/src/virsh.c
@@ -171,6 +171,9 @@ typedef struct __vshControl {
int quiet; /* quiet mode */
int debug; /* print debug messages? */
int timing; /* print timing info? */
+ int readonly; /* connect readonly (first time only, not
+ * during explicit connect command)
+ */
} __vshControl;
@@ -3124,12 +3127,7 @@ vshInit(vshControl * ctl)
/* set up the library error handler */
virSetErrorFunc(NULL, virshErrorHandler);
- /* basic connection to hypervisor, for Xen connections unless
- we're root open a read only connections. Allow 'test' HV
- to be RW all the time though */
- if (ctl->uid == 0 || (ctl->name &&
- (!strncmp(ctl->name, "test", 4) ||
- !strncmp(ctl->name, "qemu", 4))))
+ if (!ctl->readonly)
ctl->conn = virConnectOpen(ctl->name);
else
ctl->conn = virConnectOpenReadOnly(ctl->name);
@@ -3286,6 +3284,7 @@ vshUsage(vshControl * ctl, const char *cmdname)
fprintf(stdout, _("\n%s [options] [commands]\n\n"
" options:\n"
" -c | --connect <uri> hypervisor connection URI\n"
+ " -r | --readonly connect readonly\n"
" -d | --debug <num> debug level [0-5]\n"
" -h | --help this help\n"
" -q | --quiet quiet mode\n"
@@ -3323,6 +3322,7 @@ vshParseArgv(vshControl * ctl, int argc, char **argv)
{"timing", 0, 0, 't'},
{"version", 0, 0, 'v'},
{"connect", 1, 0, 'c'},
+ {"readonly", 0, 0, 'r'},
{0, 0, 0, 0}
};
@@ -3365,7 +3365,7 @@ vshParseArgv(vshControl * ctl, int argc, char **argv)
end = end ? : argc;
/* standard (non-command) options */
- while ((arg = getopt_long(end, argv, "d:hqtc:v", opt, &idx)) != -1) {
+ while ((arg = getopt_long(end, argv, "d:hqtc:vr", opt, &idx)) != -1) {
switch (arg) {
case 'd':
ctl->debug = atoi(optarg);
@@ -3385,6 +3385,9 @@ vshParseArgv(vshControl * ctl, int argc, char **argv)
case 'v':
fprintf(stdout, "%s\n", VERSION);
exit(EXIT_SUCCESS);
+ case 'r':
+ ctl->readonly = TRUE;
+ break;
default:
vshError(ctl, TRUE,
_("unsupported option '-%c'. See --help."), arg);
--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
