From: German Maglione <gmaglione@redhat.com>
To: stefanx <stefanx@lrz.uni-muenchen.de>
Cc: virtio-fs@redhat.com
Subject: Re: [Virtio-fs] virtiofs doesn't accept writable group permissions
Date: Tue, 11 Apr 2023 18:24:30 +0200 [thread overview]
Message-ID: <CAJh=p+4G1VEhSfQ0HCFQ0OZYmHq-ji8H6kL-=q6OKsjvm9X-ZA@mail.gmail.com> (raw)
In-Reply-To: <87faa352-e6d6-11de-0ed9-f5c291502f95@lrz.uni-muenchen.de>
On Tue, Apr 4, 2023 at 8:35 PM stefanx <stefanx@lrz.uni-muenchen.de> wrote:
>
> Hello German,
>
> Am 04.04.23 um 18:06 schrieb German Maglione:
> > Hi Stefan,
> >
> > On Tue, Apr 4, 2023 at 3:58 PM stefanx <stefanx@lrz.uni-muenchen.de> wrote:
> >>
> >> Hello,
> >>
> >> virtiofs doesn't accept writable group permissions (Libvirt/KVM, guest vm and host vm have Ubuntu 22.04):
> >>
> >> Libvirt XML (host vm):
> >>
> >> <filesystem type='mount' accessmode='passthrough'>
> >> <driver type='virtiofs'/>
> >> <source dir='/mnt/xyz'/>
> >> <target dir='mnt-xyz'/>
> >> <address type='pci' domain='0x0000' bus='0x08' slot='0x00' function='0x0'/>
> >> </filesystem>
> >>
> >> /etc/fstab (guest vm):
> >> ```
> >> mnt-xyz /mnt/xyz virtiofs rw,_netdev 0 0
> >> ```
> >> In /mnt/xyz/123 I have write permissions at host vm, but not at guest vm. host vm and guest vm have the same LDAP users.
> > when you say that you do not have write permission, do you mean that
> > when you try to write, it fails?
> Now I have made more tests: The user has write permissions to existing files, but cannot create new files on the guest (it's possible on the host)
> > Could you send the output of:
> > 'ls -lnd /mnt/xyz/123'
> > (both in the host and the guest)
> >
> > and also the output of 'id' in the guest (with the user you are trying to write)
>
> ls -lnd /mnt/xyz/123
> -rw-r--r-- 1 16009 16100 0 Apr 4 19:32 /mnt/xyz/123
Sorry, I'm a bit confused, I thought "123" was a directory not a regular file.
So, I'm assuming the owner (in the host) of if /mnt/xyz is not 16009, but the
group is 16100 with write permission, that is a supplementary group of the
user 16009, something like:
drwxrwxr-x 1 0 16100 0 Apr 4 19:32 /mnt/xyz
(I'm just using uid 0 as an example)
is that correct?
> id 16009 gid=16000, groups=...,16100(...),...
>
>
> We use /mnt/xyz for years in the host without any permission problems, all attributes and permissions for all directories and files in /mnt/xyz/123 are exactly the same on host and guest.
>
Which version of virtiofsd are you using?
Is "xyz" a mount point for (or is inside a) nfs/cephfs?
>
> Stefan
>
>
> >
> >
> >
> >> Any ideas ?
> >>
> >> Thanks Stefan
> >>
> >> _______________________________________________
> >> Virtio-fs mailing list
> >> Virtio-fs@redhat.com
> >> https://listman.redhat.com/mailman/listinfo/virtio-fs
> >
> >
> > --
> > German
> >
>
--
German
prev parent reply other threads:[~2023-04-11 16:24 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-04 13:50 [Virtio-fs] virtiofs doesn't accept writable group permissions stefanx
2023-04-04 16:06 ` German Maglione
2023-04-04 18:35 ` stefanx
2023-04-11 16:24 ` German Maglione [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJh=p+4G1VEhSfQ0HCFQ0OZYmHq-ji8H6kL-=q6OKsjvm9X-ZA@mail.gmail.com' \
--to=gmaglione@redhat.com \
--cc=stefanx@lrz.uni-muenchen.de \
--cc=virtio-fs@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).