Bug 868415
Summary: | Can't put a VM image on removable media | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | John Morris <jmorris> |
Component: | libvirt | Assignee: | Libvirt Maintainers <libvirt-maint> |
Status: | CLOSED CANTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | unspecified | ||
Version: | 17 | CC: | berrange, clalancette, dallan, itamar, jforbes, jyang, laine, libvirt-maint, veillard, virt-maint |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-10-20 01:18:30 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
John Morris
2012-10-19 18:46:13 UTC
You should mention this situation on the libvirt-users mailing list, as not everybody on the list follows bugzilla. What happens if you mount it where the automount magic mounts it? I'm guessing this is a permissions problem higher up the directory tree. First off, you must mount it and unmount it once via the desktop because until you do that /run/media/jmorris doesn't exist. Then I had to make MyStash again, which was kinda expected. Didn't work. Running stat on each directory going up the chain doesn't show anything odd. Odds are it is some of this new non-UNIX cruft that isn't discoverable via the UNIX command line tools. /run is mounted nosuid,nodev but I don't think you need either of those abilities for a VM image. So the questions becomes a) which package does this bug need to be reassigned to and b) how fast the desktop gods will decree it not to be a bug anyway. Nah, best to deal with it in qemu/libvirt and just make it able to run an image sans whatever capability they have removed (for our benefit) since argument with desktop people is kinda pointless these days. Sorry if I'm being pedantic, but in case I missed something, the uid/gid of the qemu process seem to have rights to the tree all the way down? Ok, I wasn't paying close enough attention. /run/media/${USER} is set to disallow any access by other than ${USER}. From the complaints I see in various mail archives it seems a lot of folks aren't exactly happy with that but it is pointless for a lowly user to argue desktop policy. And apparently at some point recently qemu stopped running this part as root so can't see into the mount point anymore. Although it does see vm images in my home that only my account and root should be able to read. Eh? Anyway, for anyone else hitting this there is a way around it. Put a small shell script into the startup of your desktop session to make the directory and ensure it has world execute. #!/bin/bash sudo mkdir /run/media/${USER} sudo chmod +x /run/media/${USER} |