Christoph Hellwig wrote: > On Tue, Dec 15, 2009 at 06:45:01PM +0000, Jamie Lokier wrote: > > access=rw > > access=ro > > access=auto (default) > > Yes, that sounds like the least clumsy one. I still think the current > implementation is a very bad default, though.
Without agreeing or disagreeing over whether it's a bad default :), a usability problem occurs with the current implementation when you deliberately "chmod 444" an image to have high confidence that it's opened read only: When running as root, file permissions are ignored (except sometimes on NFS). For that reason I use "chattr +i" on all my read-only image files, to really make sure that no qemu invocation mistake could accidentally corrupt valuable images. That works, but it's not very convenient. If the "auto" method is kept, I think it would be an improvement if it checks the file permission itself, and does not even try to open a file O_RDWR if there are no writable permission bits - so that "chmod 444" has the same "open as read only" effect when qemu is invoked as root. -- Jamie
