[Kimchi-devel] [PATCH v2 3/3] Update ISO file's ACL before checking its permission

Friday, 20 March 2015

A virtual machine is executed by the system user "qemu", so we we need
to make sure that user is able to read an ISO image.

Add the user "qemu" to the ISO file's ACL before checking if that user
is able to read that file.

Signed-off-by: Crístian Viana <vianac(a)linux.vnet.ibm.com&gt;
---
 src/kimchi/model/templates.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/kimchi/model/templates.py b/src/kimchi/model/templates.py
index 4ea1c0e..6bc8aca 100644
--- a/src/kimchi/model/templates.py
+++ b/src/kimchi/model/templates.py
@@ -28,7 +28,7 @@ from kimchi.exception import NotFoundError, OperationFailed
 from kimchi.kvmusertests import UserTests
 from kimchi.model.cpuinfo import CPUInfoModel
 from kimchi.utils import pool_name_from_uri
-from kimchi.utils import probe_file_permission_as_user
+from kimchi.utils import probe_file_permission_as_user, run_setfacl_set_attr
 from kimchi.vmtemplate import VMTemplate
 from kimchi.xmlutils.utils import xpath_get_text
 
@@ -46,6 +46,7 @@ class TemplatesModel(object):
             st_mode = os.stat(iso).st_mode
             if stat.S_ISREG(st_mode) or stat.S_ISBLK(st_mode):
                 user = UserTests().probe_user()
+                run_setfacl_set_attr(iso, user=user)
                 ret, excp = probe_file_permission_as_user(iso, user)
                 if ret is False:
                     raise InvalidParameter('KCHISO0008E',
-- 
2.1.0


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[Kimchi-devel] [PATCH v2 3/3] Update ISO file's ACL before checking its permission