| Summary: | virsh console should be forbidden under readonly mode | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | koka xiong <kxiong> |
| Component: | libvirt | Assignee: | Daniel Veillard <veillard> |
| Status: | CLOSED NOTABUG | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 5.6 | CC: | dyuan, eblake, jdenemar, kxiong, mliu |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-04-06 07:41:57 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
For kvm-83-224.el5, there is the same problem. Console APIs, which do not allow console access through readonly connection, were added to libvirt in 0.8.6. In 0.8.2, guest's console is accessed by directly opening appropriate /dev/pts/* device and access to it is controlled by file permissions. |
Description of problem: virsh console was allowed to connect guest console under readonly mode Version-Release number of selected component (if applicable): libvirt-0.8.2-15.el5_6.3 xen-3.0.3-120.el5_6.1 kernel-2.6.18-238.8.1.el5 How reproducible: always Steps to Reproduce: # virsh -r Welcome to virsh, the virtualization interactive terminal. Type: 'help' for help with commands 'quit' to quit virsh > console local Connected to domain local Escape character is ^] Actual results: was allowed to connect guest console under readonly mode Expected results: Forbidden to connect guest console under readonly mode Additional info: