Bug 1346100
Summary: | "permission denied" passthrough 9p filesystem share | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Adam Chasen <adam> |
Component: | libvirt | Assignee: | Libvirt Maintainers <libvirt-maint> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 23 | CC: | adam, agedosier, berrange, clalancette, crobinso, itamar, laine, libvirt-maint, veillard, virt-maint |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-06-15 01:37:46 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Adam Chasen
2016-06-14 01:58:24 UTC
does accessmode=mapped make any difference? passthrough tries to do a setuid($VMUSER) on the host side, which requires admin access on the host which default configured libvirt VMs usually don't have. mapped will have the files owned as 'qemu:qemu' on the host, but at least you can read/write Initially the directory was root:root which resulted in permission denied erros. After setting directory ownership of /share to qemu:qemu, I was able to write to the directory from inside the domain(yay!), but not until I powered off the guest and powered it back on. Note, the created file has selinux user of "system_u" files created my me manually on the host with qemu:qemu 644 are "unconfined_u". Not sure if this matters. Thank you for the pointer to "mapped" mode! For some reason I thought the libvirt VMs had admin access (but were limited by selinux), good to hear they are limited both ways. |