From nobody Fri Apr 26 16:26:49 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1538570683259415.53723231828485; Wed, 3 Oct 2018 05:44:43 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9736A88307; Wed, 3 Oct 2018 12:44:40 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B52DA662DB; Wed, 3 Oct 2018 12:44:39 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id BB7CF4BB79; Wed, 3 Oct 2018 12:44:38 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w93CibxG019107 for ; Wed, 3 Oct 2018 08:44:37 -0400 Received: by smtp.corp.redhat.com (Postfix) id 9FC1A106A7BB; Wed, 3 Oct 2018 12:44:37 +0000 (UTC) Received: from lpt.brq.redhat.com (unknown [10.43.2.42]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2484F1077D48 for ; Wed, 3 Oct 2018 12:44:33 +0000 (UTC) From: =?UTF-8?q?J=C3=A1n=20Tomko?= To: libvir-list@redhat.com Date: Wed, 3 Oct 2018 14:44:28 +0200 Message-Id: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH] qemu: fix up permissions for pre-created UNIX sockets X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Wed, 03 Oct 2018 12:44:41 +0000 (UTC) X-ZohoMail: RDMRC_0 RSF_0 Z_629925259 SPT_0 My commit d6b8838 fixed the uid:gid for the pre-created UNIX sockets but did not account for the different umask of libvirtd and QEMU. Since commit 0e1a1a8c we set umask to '0002' for the QEMU process. Manually tune-up the permissions to match what we would have gotten if QEMU had created the socket. https://bugzilla.redhat.com/show_bug.cgi?id=3D1633389 Signed-off-by: J=C3=A1n Tomko Reviewed-by: Jiri Denemark --- src/qemu/qemu_command.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 887947dc11..d77cf8c2d6 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -5034,6 +5034,12 @@ qemuOpenChrChardevUNIXSocket(const virDomainChrSourc= eDef *dev) goto error; } =20 + /* We run QEMU with umask 0002. Compensate for the umask + * libvirtd might be running under to get the same permission + * QEMU would have. */ + if (virFileUpdatePerm(dev->data.nix.path, 0002, 0664) < 0) + goto error; + return fd; =20 error: --=20 2.17.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list