[ovirt-devel] dynamic ownership changes

[Martin Polednik]

On 11/04/18 16:28 +0300, Dan Kenigsberg wrote:
>On Wed, Apr 11, 2018 at 12:34 PM, Nir Soffer <nsoffer at redhat.com> wrote:
>
>> On Wed, Apr 11, 2018 at 12:31 PM Eyal Edri <eedri at redhat.com> wrote:
>>
>>> Please make sure to run as much OST suites on this patch as possible
>>> before merging ( using 'ci please build' )
>>>
>>
>> But note that OST is not a way to verify the patch.
>>
>> Such changes require testing with all storage types we support.
>>
>> Nir
>>
>> On Tue, Apr 10, 2018 at 4:09 PM, Martin Polednik <mpolednik at redhat.com>
>>> wrote:
>>>
>>>> Hey,
>>>>
>>>> I've created a patch[0] that is finally able to activate libvirt's
>>>> dynamic_ownership for VDSM while not negatively affecting
>>>> functionality of our storage code.
>>>>
>>>> That of course comes with quite a bit of code removal, mostly in the
>>>> area of host devices, hwrng and anything that touches devices; bunch
>>>> of test changes and one XML generation caveat (storage is handled by
>>>> VDSM, therefore disk relabelling needs to be disabled on the VDSM
>>>> level).
>>>>
>>>> Because of the scope of the patch, I welcome storage/virt/network
>>>> people to review the code and consider the implication this change has
>>>> on current/future features.
>>>>
>>>> [0] https://gerrit.ovirt.org/#/c/89830/
>>>>
>>>
>In particular:  dynamic_ownership was set to 0 prehistorically (as part of
>https://bugzilla.redhat.com/show_bug.cgi?id=554961 ) because libvirt,
>running as root, was not able to play properly with root-squash nfs mounts.
>
>Have you attempted this use case?

I have not. Added this to my to-do list.

The important part to note about this patch (compared to my previous
attempts in the past) is that it explicitly disables dynamic_ownership
for FILE/BLOCK-backed disks. That means, unless `seclabel` is broken
on libivrt side, the behavior would be unchanged for storage.

>I join to Nir's request to run this with storage QE.