From: Dan Kenigsberg <danken@redhat.com>
Date: Tue, 19 Oct 2010 13:26:32 +0000 (+0200)
Subject: root_squash: virFileOperation may fail with EPERM too
X-Git-Tag: v0.8.5~107
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b2c9a879408aec382611b1d2a817b83b9a8b344a;p=thirdparty%2Flibvirt.git

root_squash: virFileOperation may fail with EPERM too

Over root-squashing nfs, when virFileOperation() is called as uid==0,
it may fail with EACCES, but also with EPERM, due to
virFileOperationNoFork()'s failed attemp to chown a writable file.

qemudDomainSaveFlag() should expect this case, too.
---

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 7204ac8efb..abd8e9d237 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -5402,13 +5402,13 @@ static int qemudDomainSaveFlag(struct qemud_driver *driver, virDomainPtr dom,
                                   qemudDomainSaveFileOpHook, &hdata,
                                   0)) < 0) {
             /* If we failed as root, and the error was permission-denied
-               (EACCES), assume it's on a network-connected share where
-               root access is restricted (eg, root-squashed NFS). If the
+               (EACCES or EPERM), assume it's on a network-connected share
+               where root access is restricted (eg, root-squashed NFS). If the
                qemu user (driver->user) is non-root, just set a flag to
                bypass security driver shenanigans, and retry the operation
                after doing setuid to qemu user */
 
-            if ((rc != -EACCES) ||
+            if (((rc != -EACCES) && (rc != -EPERM)) ||
                 driver->user == getuid()) {
                 virReportSystemError(-rc, _("Failed to create domain save file '%s'"),
                                      path);