Bug 1266628 - libvirt 1.2.18.1 tries to change ownership of ISOs even though dynamic_ownership is set to 0
libvirt 1.2.18.1 tries to change ownership of ISOs even though dynamic_owners...
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: libvirt (Show other bugs)
23
All All
unspecified Severity high
: ---
: ---
Assigned To: Libvirt Maintainers
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-25 18:01 EDT by Adam Williamson
Modified: 2015-10-09 02:14 EDT (History)
10 users (show)

See Also:
Fixed In Version: libvirt-1.2.18.1-2.fc23
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1267154 (view as bug list)
Environment:
Last Closed: 2015-10-09 02:14:44 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Adam Williamson 2015-09-25 18:01:04 EDT
[root@adam libvirt]# grep dynamic /etc/libvirt/qemu.conf
# Whether libvirt should dynamically change file ownership
dynamic_ownership = 0

yet, with libvirt 1.2.18.1, when I start a VM, it tries to change ownership of the ISO file attached to it (and fails, as it's on a network share). This prevents me running any VMs, in my setup.

Downgraded to 1.2.18, it works fine.

I kinda suspect this change:

https://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=f4c60dfbf2ec606a5fc148b4c6ff1cd17ffd79ec

which adds a virSecurityDACSetOwnership call which is not protected by a block like this:

    if (!priv->dynamicOwnership)
        return 0;

which several of the others are. But not *all* of them are, and I'm not 100% sure exactly what that virSecurityDACDomainSetDirLabel() is for or what it operates on, so IMBW.
Comment 1 Cole Robinson 2015-09-28 19:55:07 EDT
Thanks for the report... you were in the right ballpark but the breakage is a bit more subtle. Patch posted upstream:

https://www.redhat.com/archives/libvir-list/2015-September/msg01000.html
Comment 2 Adam Williamson 2015-09-28 20:16:58 EDT
Haha, whoops. :)
Comment 3 Fedora Update System 2015-10-06 17:11:29 EDT
libvirt-1.2.18.1-2.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-94b173da51
Comment 4 Fedora Update System 2015-10-07 12:27:40 EDT
libvirt-1.2.18.1-2.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update libvirt'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-94b173da51
Comment 5 Fedora Update System 2015-10-09 02:14:39 EDT
libvirt-1.2.18.1-2.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.