I just found package liblinux-prctl-perl, which can do Linux::Prctl::capbset_drop(CAP_SYS_RAWIO);
That way we could do it inside perl before the SCSI INQUIRY syscall. Would that solve the problem? But we would need to fork before calling capbset_drop ... > On February 25, 2016 at 6:54 AM Dietmar Maurer <diet...@proxmox.com> wrote: > > > > #capsh --drop=cap_sys_rawio -- -c 'sg_inq /dev/pve/vm-115-disk-2' > > Both SCSI INQUIRY and fetching ATA information failed on > > /dev/pve/vm-115-disk-2 > > Why --drop=cap_sys_rawio ? Does kvm drop this when starting? _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
