When running a Kata container with virtiofs in OpenShift/k8s I get a "Operation not permitted" error from a mkdtemp() call in virtiofsd because it is trying to create a directory like /virtiofsd.11RAND
To avoid this change in virtiofsd, I've tried to set the TMPDIR environment variable for the virtiofsd process, hoping that mkdtemp() would use it, but it does not. Looking at glibc code it seems to be used by tmpfile() etc. only. I'm sending this as an RFC because: Maybe just prepending "/tmp" is not generic enough and we should make it somehow configurable or use $TMPDIR. Also there might be security implications I'm not aware of. The process is running with container_kvm_t context which also needs a change to be allowed to create files in tmpfs to make it work. Jens Freimann (1): tools/virtiofsd: create tmpdir in /tmp tools/virtiofsd/passthrough_ll.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.26.2