libvirt users - Sep 2013 - Customize UNIX socket permissions

Hi,

I have a qemu domain which uses a virtio-serial port. On the
host, the unix socket is created in /var/lib/libvirt/qemu.
As non-root, I'd like to be able to communicate through this
unix socket.

The issue is that the socket is created as qemu:qemu with
permissions 755 (does this come from libvirt's umask?). Is
there any way to affect this permission from the domain's
XML definition file? Even if it has to be created as
qemu:qemu, having a permission of 775 would also be an
acceptable solution.

Thanks,

Jonathan

On Tue, Sep 03, 2013 at 12:22:20PM -0400, Jonathan Lebon
wrote:
> Hi,
> 
> I have a qemu domain which uses a virtio-serial port. On the
> host, the unix socket is created in /var/lib/libvirt/qemu.
> As non-root, I'd like to be able to communicate through this
> unix socket.
> 
> The issue is that the socket is created as qemu:qemu with
> permissions 755 (does this come from libvirt's umask?). Is
> there any way to affect this permission from the domain's
> XML definition file? Even if it has to be created as
> qemu:qemu, having a permission of 775 would also be an
> acceptable solution.
Our recommendation is to not try to use the UNIX socket directly, but
instead use the virDomainOpenChannel() API to read/write data on it
from an application.


Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|