When virt-qemu-run is ran without any root directory specified on
the command line, a temporary directory is made and used instead.
But since we are using g_dir_make_tmp() to create the directory
it is going to have 0700 mode. So even though we create the whole
directory structure under it and label everything, QEMU is very
likely to not have the access. This is because in this case there
is no qemu.conf and thus distro default UID:GID is used to run
QEMU (e.g. qemu:kvm on Fedora). Change the mode of the temporary
directory so that everybody has eXecute permission.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_shim.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/qemu/qemu_shim.c b/src/qemu/qemu_shim.c
index 5b7840e971..4f06ae952c 100644
--- a/src/qemu/qemu_shim.c
+++ b/src/qemu/qemu_shim.c
@@ -158,6 +158,12 @@ int main(int argc, char **argv)
             return 1;
         }
         tmproot = true;
+
+        if (chmod(root, S_IRWXU | S_IXGRP | S_IXOTH) < 0) {
+            g_printerr("%s: cannot chown temporary dir: %s\n",
+                       argv[0], g_strerror(errno));
+            goto cleanup;
+        }
     }
 
     virFileActivateDirOverrideForProg(argv[0]);
-- 
2.24.1

On Fri, 2020-02-28 at 16:56 +0100, Michal Privoznik wrote:
> +++ b/src/qemu/qemu_shim.c
> @@ -158,6 +158,12 @@ int main(int argc, char **argv)
>              return 1;
>          }
>          tmproot = true;
> +
> +        if (chmod(root, S_IRWXU | S_IXGRP | S_IXOTH) < 0) {

I think this is unnecessarily restrictive: the directories that are
created right underneath root are all 0755, with the files themselves
being mostly 0600, so using 0711 here is only going to add a bit of
annoyance rather than actual security I think.

Also, and this is a personal preference so feel free to ignore it,
I would find using octal values directly more readable.

With a more permissive mode used,

  Reviewed-by: Andrea Bolognani <abologna@redhat.com>

-- 
Andrea Bolognani / Red Hat / Virtualization