qemu: sync initial dir perms with RPM spec

[PATCH 0/6] qemu: sync initial dir perms with RPM spec

Cole Robinson via Devel posted 6 patches 1 week, 1 day ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/cover.1775502787.git.crobinso@redhat.com

libvirt.spec.in        |   2 +
src/qemu/qemu_driver.c | 249 ++++++++++++-----------------------------
2 files changed, 74 insertions(+), 177 deletions(-)

Expand all Fold all

[PATCH 0/6] qemu: sync initial dir perms with RPM spec

Posted by Cole Robinson via Devel 1 week, 1 day ago

The qemu driver creates a bunch of directories at startup,
example /var/lib/libvirt/qemu/*. The initial mode mask on these
directories is almost always specified as 0777, which leaves it up
to umask to lock things down. As a result, if running from
git, directories are usually created 0755 which seems overly
permissive for a system daemon.

This doesn't have much effect from RPM users at least, since
the spec file pre-creates most of these directories with more limited
permissions.

This series syncs the code to match what we already specify in the
spec file. Code is simplified first, and some missing dirs are
added to the spec at the end.

Cole Robinson (6):
  qemu: driver: split out qemuStateInitializeDirs
  qemu: driver: streamline dir creation
  qemu: driver: don't chown() dirname(cfg->channelTargetDir)
  qemu: driver: sync dir creation permissions with RPM spec
  qemu: driver: adjust mode mask for rdpStateDir
  qemu: driver: adjust mode mask for channelTargetDir

 libvirt.spec.in        |   2 +
 src/qemu/qemu_driver.c | 249 ++++++++++++-----------------------------
 2 files changed, 74 insertions(+), 177 deletions(-)

-- 
2.53.0