p9share: guest/host permissions #167
Comments
|
Need document. |
adrahon
modified the milestones:
Multi VM (0.2.0),
unprevilleged share (0.1.6 -> 0.1.7)
|
Currently on Fedora 20, I have read only access to the shared directory, I don't know if it's what we want, but we need to document it. |
|
In recent Operating system, qemu/kvm run in its special user: libvirt-qemu or similar user. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
qemu's virtfs has a difficulty in host/guest owner/group and permissions.
It has three access modes.
1 mapped: Files are created with Qemu user credentials and the client-user's credentials are saved in extended attributes.
2 passthrough: Files on the filesystem are directly created with client-user's credentials.
3 none: It is equivalent to passthrough security model; the only exception is, failure of priviliged operation like chown are ignored. This makes a passthrough like security model usable for people who run kvm as non root.
In default, 'none' aka. 'squash' in configuration.
for squash, user need to take care of owner's and permissions both guest credentials and host qemu's uid/gid.
Files and directories should be permitted to r/w for qemu(eg. libvirt-qemu/kvm) and guest(eg. vagrant/vagrant) in Ubuntu.
The text was updated successfully, but these errors were encountered: