Richard W.M. Jones
2016-Sep-12 10:53 UTC
[Libguestfs] [PATCH] v2v: ova: Make OVA directory public readable to work around libvirt bug (RHBZ#1375157).
Only do this if running as root and if the backend is set to libvirt. --- v2v/input_ova.ml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/v2v/input_ova.ml b/v2v/input_ova.ml index 4f848e2..bb9cb1b 100644 --- a/v2v/input_ova.ml +++ b/v2v/input_ova.ml @@ -104,6 +104,19 @@ object (* Exploded path must be absolute (RHBZ#1155121). *) let exploded = absolute_path exploded in + (* If virt-v2v is running as root, and the backend is libvirt, then + * we have to chmod the directory to 0755 and files to 0644 + * so it is readable by qemu.qemu. This is libvirt bug RHBZ#890291. + *) + if Unix.geteuid () = 0 then ( + let libguestfs_backend = (open_guestfs ())#get_backend () in + if libguestfs_backend = "libvirt" then ( + warning (f_"making OVA directory public readable to workaround libvirt bug https://bugzilla.redhat.com/890291"); + let cmd = [ "chmod"; "-R"; "go=u,go-w"; exploded ] in + ignore (run_command cmd) + ) + ); + (* Find files in [dir] ending with [ext]. *) let find_files dir ext let rec loop = function -- 2.7.4
Pino Toscano
2016-Sep-12 11:51 UTC
Re: [Libguestfs] [PATCH] v2v: ova: Make OVA directory public readable to work around libvirt bug (RHBZ#1375157).
On Monday, 12 September 2016 11:53:26 CEST Richard W.M. Jones wrote:> Only do this if running as root and if the backend is set > to libvirt. > --- > v2v/input_ova.ml | 13 +++++++++++++ > 1 file changed, 13 insertions(+) > > diff --git a/v2v/input_ova.ml b/v2v/input_ova.ml > index 4f848e2..bb9cb1b 100644 > --- a/v2v/input_ova.ml > +++ b/v2v/input_ova.ml > @@ -104,6 +104,19 @@ object > (* Exploded path must be absolute (RHBZ#1155121). *) > let exploded = absolute_path exploded in > > + (* If virt-v2v is running as root, and the backend is libvirt, then > + * we have to chmod the directory to 0755 and files to 0644 > + * so it is readable by qemu.qemu. This is libvirt bug RHBZ#890291. > + *) > + if Unix.geteuid () = 0 then ( > + let libguestfs_backend = (open_guestfs ())#get_backend () in > + if libguestfs_backend = "libvirt" then ( > + warning (f_"making OVA directory public readable to workaround libvirt bug https://bugzilla.redhat.com/890291"); > + let cmd = [ "chmod"; "-R"; "go=u,go-w"; exploded ] in > + ignore (run_command cmd) > + ) > + ); > +The problem is that if the ova is specified as directory, this will change its permissions, which is not expected. I'd put this once when creating tmpdir above, right after the Mkdtemp.temp_dir for it: this way you don't need -R for chmod. -- Pino Toscano
Richard W.M. Jones
2016-Sep-12 12:32 UTC
Re: [Libguestfs] [PATCH] v2v: ova: Make OVA directory public readable to work around libvirt bug (RHBZ#1375157).
On Mon, Sep 12, 2016 at 01:51:42PM +0200, Pino Toscano wrote:> On Monday, 12 September 2016 11:53:26 CEST Richard W.M. Jones wrote: > > Only do this if running as root and if the backend is set > > to libvirt. > > --- > > v2v/input_ova.ml | 13 +++++++++++++ > > 1 file changed, 13 insertions(+) > > > > diff --git a/v2v/input_ova.ml b/v2v/input_ova.ml > > index 4f848e2..bb9cb1b 100644 > > --- a/v2v/input_ova.ml > > +++ b/v2v/input_ova.ml > > @@ -104,6 +104,19 @@ object > > (* Exploded path must be absolute (RHBZ#1155121). *) > > let exploded = absolute_path exploded in > > > > + (* If virt-v2v is running as root, and the backend is libvirt, then > > + * we have to chmod the directory to 0755 and files to 0644 > > + * so it is readable by qemu.qemu. This is libvirt bug RHBZ#890291. > > + *) > > + if Unix.geteuid () = 0 then ( > > + let libguestfs_backend = (open_guestfs ())#get_backend () in > > + if libguestfs_backend = "libvirt" then ( > > + warning (f_"making OVA directory public readable to workaround libvirt bug https://bugzilla.redhat.com/890291"); > > + let cmd = [ "chmod"; "-R"; "go=u,go-w"; exploded ] in > > + ignore (run_command cmd) > > + ) > > + ); > > + > > The problem is that if the ova is specified as directory, this will > change its permissions, which is not expected.Yeah I thought about that too, hence the visible warning. The problem is that this failure also occurs if we are passed an exploded OVA which has the wrong permissions. It's not just something which happens with the tmpdir that we create. Really the answer is for libvirt to just fix this ... Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://people.redhat.com/~rjones/virt-top
Possibly Parallel Threads
- Re: [PATCH] v2v: ova: Make OVA directory public readable to work around libvirt bug (RHBZ#1375157).
- [PATCH] sparsify, v2v: use Common_utils.absolute_path
- [PATCH 1/2] v2v: ova: fix checking of the manifest file
- [PATCH v2 0/3] Fix OVA import with libvirt backend
- [PATCH 2/2] v2v: ova: support SHA256 hashes in manifest