On 03/28/2013 06:21 AM, Daniel P. Berrange wrote:
We decided on using xattrs, instead of an in-memory record, because we
want the data to be accessible to multiple libvirtd daemons on different
hosts. This does not imply we actually need to store the xattrs on the
files themselves. Perhaps we
On Thu, Mar 21, 2013 at 05:50:49PM +0100, Michal Privoznik wrote:
#define VIR_FROM_THIS VIR_FROM_SECURITY
#define SECURITY_DAC_NAME dac
+#define SECURITY_DAC_XATTR_OLD_ACL trusted.libvirt.dac.oldACL
+#define SECURITY_DAC_XATTR_OLD_OWNER trusted.libvirt.dac.oldOwner
+#define
On Thu, Mar 21, 2013 at 05:50:49PM +0100, Michal Privoznik wrote:
On filesystems supporting ACLs we don't need to do a chown but we
can just set ACLs to gain access for qemu. However, since we are
setting these on too low level, where we don't know if disk is
just a read only or read write, we
On 28.03.2013 10:46, Daniel P. Berrange wrote:
On Thu, Mar 21, 2013 at 05:50:49PM +0100, Michal Privoznik wrote:
#define VIR_FROM_THIS VIR_FROM_SECURITY
#define SECURITY_DAC_NAME dac
+#define SECURITY_DAC_XATTR_OLD_ACL trusted.libvirt.dac.oldACL
+#define SECURITY_DAC_XATTR_OLD_OWNER
On Thu, Mar 28, 2013 at 11:38:04AM +0100, Michal Privoznik wrote:
On 28.03.2013 10:46, Daniel P. Berrange wrote:
On Thu, Mar 21, 2013 at 05:50:49PM +0100, Michal Privoznik wrote:
#define VIR_FROM_THIS VIR_FROM_SECURITY
#define SECURITY_DAC_NAME dac
+#define SECURITY_DAC_XATTR_OLD_ACL
On 28.03.2013 12:12, Daniel P. Berrange wrote:
On Thu, Mar 28, 2013 at 11:38:04AM +0100, Michal Privoznik wrote:
On 28.03.2013 10:46, Daniel P. Berrange wrote:
On Thu, Mar 21, 2013 at 05:50:49PM +0100, Michal Privoznik wrote:
#define VIR_FROM_THIS VIR_FROM_SECURITY
#define SECURITY_DAC_NAME
On Thu, Mar 28, 2013 at 12:47:25PM +0100, Michal Privoznik wrote:
On 28.03.2013 12:12, Daniel P. Berrange wrote:
On Thu, Mar 28, 2013 at 11:38:04AM +0100, Michal Privoznik wrote:
On 28.03.2013 10:46, Daniel P. Berrange wrote:
On Thu, Mar 21, 2013 at 05:50:49PM +0100, Michal Privoznik wrote:
On 28.03.2013 12:52, Daniel P. Berrange wrote:
On Thu, Mar 28, 2013 at 12:47:25PM +0100, Michal Privoznik wrote:
On 28.03.2013 12:12, Daniel P. Berrange wrote:
On Thu, Mar 28, 2013 at 11:38:04AM +0100, Michal Privoznik wrote:
On 28.03.2013 10:46, Daniel P. Berrange wrote:
On Thu, Mar 21, 2013
On Thu, Mar 28, 2013 at 01:06:12PM +0100, Michal Privoznik wrote:
On 28.03.2013 12:52, Daniel P. Berrange wrote:
On Thu, Mar 28, 2013 at 12:47:25PM +0100, Michal Privoznik wrote:
On 28.03.2013 12:12, Daniel P. Berrange wrote:
On Thu, Mar 28, 2013 at 11:38:04AM +0100, Michal Privoznik wrote:
On filesystems supporting ACLs we don't need to do a chown but we
can just set ACLs to gain access for qemu. However, since we are
setting these on too low level, where we don't know if disk is
just a read only or read write, we set read write access
unconditionally.
From implementation POV, a
10 matches
Mail list logo
