Bug 690036 - virsh console should be forbidden under readonly mode
Summary: virsh console should be forbidden under readonly mode
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: libvirt
Version: 5.6
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: ---
Assignee: Daniel Veillard
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-03-23 05:09 UTC by koka xiong
Modified: 2011-04-06 07:41 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-04-06 07:41:57 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description koka xiong 2011-03-23 05:09:28 UTC 
Description of problem:
virsh console was allowed to connect guest console under readonly mode

Version-Release number of selected component (if applicable):
libvirt-0.8.2-15.el5_6.3
xen-3.0.3-120.el5_6.1
kernel-2.6.18-238.8.1.el5

How reproducible:
always

Steps to Reproduce:
# virsh -r
Welcome to virsh, the virtualization interactive terminal.

Type:  'help' for help with commands
       'quit' to quit

virsh > console local
Connected to domain local
Escape character is ^]

  
Actual results:
was allowed to connect guest console under readonly mode

Expected results:
Forbidden to connect guest console under readonly mode 

Additional info:
Comment 1 mliu 2011-03-23 10:53:28 UTC 
For kvm-83-224.el5, there is the same problem.
Comment 2 Jiri Denemark 2011-04-06 07:41:57 UTC 
Console APIs, which do not allow console access through readonly connection, were added to libvirt in 0.8.6. In 0.8.2, guest's console is accessed by directly opening appropriate /dev/pts/* device and access to it is controlled by file permissions.
Note You need to log in before you can comment on or make changes to this bug.