|
From: | wangjie (P) |
Subject: | [Qemu-block] question:about pr-helper unlink sock file fail |
Date: | Mon, 17 Jun 2019 12:10:32 +0800 |
User-agent: | Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0 |
Hi,
I found there is a bug in pr-helper:
We run pr-helper process in root, and drop all capabilities expect
CAP_SYS_RAWIO. But the sock file
which connect from qemu is owned by qemu group, when
pr-helper exit, it will call
“close_server_socket -> object_unref(OBJECT(server_ioc)) ->
qio_channel_socket_finalize -> socket_listen_cleanup” , unlink sock file will fail and output “Failed to unlink socket xxx, Permission denied”. I tried to add capability CAP_DAC_OVERRIDE in pr-helper, it will unlink sock success, but I think capability CAP_DAC_OVERRIDE is too dangerous. |
[Prev in Thread] | Current Thread | [Next in Thread] |