Greg Padgett has uploaded a new change for review. Change subject: storage: validate vdsm rwx permissions for file storage ......................................................................
storage: validate vdsm rwx permissions for file storage VDSM needs permission to write to file-based storage. Presumably the existing check for qemu permissions or a subsequent failure would throw an error; however, these errors were not always clear nor did they help the user (e.g. a general Error 100, such as in the referenced bug). With an explicit check, we can ensure the failure happens up-front and gives a meaningful error message to the user. Change-Id: I8276c36042bef57c80c8920041b1f3446cdfc372 Bug-Url: https://bugzilla.redhat.com/1112171 Signed-off-by: Greg Padgett <[email protected]> --- M vdsm/storage/fileSD.py 1 file changed, 4 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/42/44442/1 diff --git a/vdsm/storage/fileSD.py b/vdsm/storage/fileSD.py index 2feb6b5..63c064e 100644 --- a/vdsm/storage/fileSD.py +++ b/vdsm/storage/fileSD.py @@ -67,6 +67,10 @@ try: getProcPool().fileUtils.validateAccess(dirPath) supervdsm.getProxy().validateAccess( + constants.VDSM_USER, + (constants.DISKIMAGE_GROUP, constants.METADATA_GROUP), dirPath, + (os.R_OK | os.W_OK | os.X_OK)) + supervdsm.getProxy().validateAccess( constants.QEMU_PROCESS_USER, (constants.DISKIMAGE_GROUP, constants.METADATA_GROUP), dirPath, (os.R_OK | os.X_OK)) -- To view, visit https://gerrit.ovirt.org/44442 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I8276c36042bef57c80c8920041b1f3446cdfc372 Gerrit-PatchSet: 1 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Greg Padgett <[email protected]> _______________________________________________ vdsm-patches mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
