Darragh Bailey
2022-Nov-18 13:26 UTC
redirect console to file and restore user owner on domain destroy
Hi, I'm generating some domain XML to have the serial console output sent to a file for subsequent debug after the domain is no longer running. I'm noticing that the file ends up being owned by root with permissions of 600. I expected that it would need to be owned by root when the VM was running using the qemu:///system uri for security purposes, however I had hoped there would be a way to reset the owner and group back to the original values on destroy. Is this possible? I had hoped there might be something similar to what is possible with the permissions element for storage pools. Started experimenting adding seclabel child elements to the serial element, but it seems to only affect ownership while the domain is running and when it is destroyed it still ends up being owned as root. creating the domain with the following serial/console elements: <serial type='file'> <source path='/home/testuser/vagrant-libvirt/logfiles/test.log'> <seclabel type='dynamic' model='dac' relabel='yes'> <label>+1002:+1002</label> </seclabel> </source> <target port='0'/> </serial> <console type='file'> <source path='/home/testuser/vagrant-libvirt/logfiles/test.log'/> <target type='serial' port='0'/> </console> I've tried experimenting with a couple of different values but to no success. It appears to only change the user group the file is set to while the domain is running, and sets it to root when the VM is destroyed, instead of returning it to the original user. Is there any way with libvirt to have the file owned by the user after the VM is destroyed (doesn't matter if it's owned by root at runtime), when connecting using qemu:///system? -- Darragh Bailey -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20221118/a33ea45d/attachment.htm>
Darragh Bailey
2022-Nov-21 12:35 UTC
redirect console to file and restore user owner on domain destroy
I may have stumbled onto a partial workaround through experimenting with the `append` attribute. It appears that if something like the following XML is used: <serial type='file'> <source path='/home/testuser/vagrant-libvirt/logfiles/test.log' append='on'/> <target port='0'/> </serial> <console type='file'> <source path='/home/testuser/vagrant-libvirt/logfiles/test.log' append='on'/> <target type='serial' port='0'/> </console> Combined with creating and truncating the target file in the code before sending the XML, I get the desired behaviour. In that it appears libvirt doesn't attempt to remove and recreate the file, and the file remains with the original user/group ownership. It's possible I may need to add a seclabel back onto it to cause ownership to switch to root while the VM is running and I assume it'll restore it back to the original owner/group subsequently. I'm guessing the reason it didn't appear to be doing that is the file was being recreated by libvirt as root and then when started the seclabel would change the owner/group. Subsequently the destroy would restore the ownership back to root. Obviously it might be better if I switched to sending to a named pipe or a tcp server. Not clear if either of those make it easier for a console to be accessible while still logging the output. -- Darragh Bailey On Fri, 18 Nov 2022 at 13:26, Darragh Bailey <daragh.bailey at gmail.com> wrote:> Hi, > > I'm generating some domain XML to have the serial console output sent to a > file for subsequent debug after the domain is no longer running. I'm > noticing that the file ends up being owned by root with permissions of 600. > I expected that it would need to be owned by root when the VM was running > using the qemu:///system uri for security purposes, however I had hoped > there would be a way to reset the owner and group back to the original > values on destroy. > > Is this possible? I had hoped there might be something similar to what is > possible with the permissions element for storage pools. > > Started experimenting adding seclabel child elements to the serial > element, but it seems to only affect ownership while the domain is running > and when it is destroyed it still ends up being owned as root. > > creating the domain with the following serial/console elements: > > <serial type='file'> > <source path='/home/testuser/vagrant-libvirt/logfiles/test.log'> > <seclabel type='dynamic' model='dac' relabel='yes'> > <label>+1002:+1002</label> > </seclabel> > </source> > <target port='0'/> > </serial> > <console type='file'> > <source path='/home/testuser/vagrant-libvirt/logfiles/test.log'/> > <target type='serial' port='0'/> > </console> > > I've tried experimenting with a couple of different values but to no > success. It appears to only change the user group the file is set to while > the domain is running, and sets it to root when the VM is destroyed, > instead of returning it to the original user. > > Is there any way with libvirt to have the file owned by the user after the > VM is destroyed (doesn't matter if it's owned by root at runtime), when > connecting using qemu:///system? > > -- > Darragh Bailey >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20221121/65c315c8/attachment.htm>