2008/4/17, Daniel Veillard <[EMAIL PROTECTED]>: > > On Mon, Apr 14, 2008 at 07:37:56PM +0400, Anton Protopopov wrote: > > Hi, > > > > Non-root can't use /var/run/libvirt/libvirt-sock even in the case > > "unix_sock_group" and "unix_sock_rw_perms" are set properly. > > > > The reason: > > # ls -l /var/run /var/run/libvirt | grep libvirt | grep -v pid > > drwx------ 2 root root 4096 Apr 14 19:14 libvirt > > srwxrwx--- 1 root libvirt 0 Apr 14 19:14 libvirt-sock > > srwxrwxrwx 1 root libvirt 0 Apr 14 19:14 libvirt-sock-ro > > > > i.e., bad permissions on /var/run/libvirt > > > Hum, how did you get this ? Maybe this is more a packaging problem than > anything else
Yes, it was, sorry... , I have this here: > > [EMAIL PROTECTED] ~]# rpm -qf /var/run/libvirt > libvirt-0.4.1-3.fc8 > [EMAIL PROTECTED] ~]# rpm -V libvirt > [EMAIL PROTECTED] ~]# ls -ld /var/run/libvirt > drwxr-xr-x 2 root root 4096 2008-04-04 18:00 /var/run/libvirt > [EMAIL PROTECTED] ~]# ls -l /var/run/libvirt > total 0 > srwxrwxrwx 1 root root 0 2008-03-29 14:56 libvirt-sock > srwxrwxrwx 1 root root 0 2008-03-29 14:56 libvirt-sock-ro > [EMAIL PROTECTED] ~]# > > > > One possible solution (implied in the attached patch) is the following: > > > > Every time libvirtd starts > > * it implicitly sets the group id of /var/run/libvirt: > > chown(/var/run/libvirt, -1, unix_sock_gid). > > * if "unix_sock_group" defined in /etc/libvirt/libvirtd.conf, libvirtd > does > > chmod g+x /var/run/libvirt > > otherwise, > > chmod g-x /var/run/libvirt > > > I don't know, that's doable too, but if there is a packaging problem > maybe it's good to have it fixed instead of changing permissions at > runtime. But the configuration data should override this, that's true. > What do others think ? > > Daniel > > > -- > Red Hat Virtualization group http://redhat.com/virtualization/ > Daniel Veillard | virtualization library http://libvirt.org/ > [EMAIL PROTECTED] | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ > http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/ >
-- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list