On Thu, Aug 16, 2012 at 10:53:17AM -0500, Ryan Harper wrote:
> * Dan Kenigsberg <dan...@redhat.com> [2012-08-16 03:37]:
> > Dan Kenigsberg has posted comments on this change.
> > 
> > Change subject: Fix vdsm-faqemu VM launch failure on hosts with newer 
> > libvirt
> > ......................................................................
> > 
> > 
> > Patch Set 1: I would prefer that you didn't submit this
> > 
> > (1 inline comment)
> > 
> > ....................................................
> > File vdsm_hooks/faqemu/vdsm-faqemu
> > Line 20: 
> > Line 21: qemu_argv += filter(lambda x: x != "-enable-kvm", sys.argv[1:])
> > Line 22: # libvirt 0.9.10+ checks for the presence of /dev/kvm to provide 
> > Line 23: # better error messages, but this breaks this hook, fake it out
> > Line 24: os.system("touch /dev/kvm")
> > how can this work? this script runs as vdsm.
> 
> # sudo -u vdsm touch /dev/kvm  
> touch: cannot touch `/dev/kvm': Permission denied
> 
> But I can assure you that it did work.  I didn't just touch the file as
> root.  I installed the faqemu hook and /dev/kvm is owned by root.  Are
> you sure hooks run as vdsm?

Yes. They are called by hooks.py's execCmd.
However I was wrong about this script being a hook script: it is the
emulator used by libvirt instead of qemu. Again, I am very much
surprised that this runs as root - libvirt's default is qemu:qemu.


> 
> It's run as root:
> 
> [root@ichigo-dom228 tmp]# cat /usr/libexec/vdsm/vdsm-faqemu
> #!/usr/bin/python
> 
> import os
> import sys
> 
> qemu_paths = [
>     "/usr/bin/qemu-kvm",
>     "/usr/libexec/qemu-kvm",
> ]
> 
> for qemu_bin in qemu_paths:
>     if os.path.exists(qemu_bin): break
> else:
>     raise RuntimeError, "QEMU binary not found"
> 
> qemu_argv = [ qemu_bin ]
> 
> if not "-no-kvm" in sys.argv:
>     qemu_argv += [ "-no-kvm" ]
> 
> qemu_argv += filter(lambda x: x != "-enable-kvm", sys.argv[1:])
> os.system('id > /tmp/faqemu_id.out')
> os.system('touch /dev/kvm')
> os.execv(qemu_bin, qemu_argv)
> 
> [root@ichigo-dom228 tmp]# cat /tmp/faqemu_id.out 
> uid=0(root) gid=0(root) groups=0(root) 
> context=system_u:system_r:virtd_t:s0-s0:c0.c1023
> 
> 
> > 
> > also, there are less expensive ways to create a file - how about shipping 
> > it in this hook's rpm ?
> 
> Is that really less expensive?  I worry about having an rpm include the file;
> and /dev gets remounted/changed accross reboots; so this wouldn't work.
> 
> What's expensive about a touch?

It is, comparing to opening the file for writing

    file('/dev/kvm', 'w')


Anyway, I cannot say that I'm happy with this solution: nothing clears
/dev/kvm after the hook is uninstalled, for one's.

Regards,

Dan.
_______________________________________________
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/vdsm-devel

Reply via email to