From f4734b1809d28781bf7868f6951fed22232d503b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 29 Mar 2024 09:31:22 -0400 Subject: [PATCH 1/2] incusd/instance/qemu: Make rootfs.img be 0600 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- internal/server/instance/drivers/driver_qemu.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/server/instance/drivers/driver_qemu.go b/internal/server/instance/drivers/driver_qemu.go index 757ea8bcc22..0ebf1a03b12 100644 --- a/internal/server/instance/drivers/driver_qemu.go +++ b/internal/server/instance/drivers/driver_qemu.go @@ -6284,7 +6284,7 @@ func (d *qemu) Export(w io.Writer, properties map[string]string, expiration time _ = from.Close() } - to, err := os.OpenFile(fPath, unix.O_DIRECT|unix.O_CREAT, 0) + to, err := os.OpenFile(fPath, unix.O_DIRECT|unix.O_CREAT, 0600) if err == nil { cmd = append(cmd, "-t", "none") _ = to.Close() From 60ce91039599ab3a28fa3034b1bb2f7bddbe2a03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 29 Mar 2024 09:33:09 -0400 Subject: [PATCH 2/2] incusd/storage/utils: Attempt to create sparse files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Part of #662 Signed-off-by: Stéphane Graber --- internal/server/storage/drivers/utils.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/server/storage/drivers/utils.go b/internal/server/storage/drivers/utils.go index b1bb1589e62..f3701547d60 100644 --- a/internal/server/storage/drivers/utils.go +++ b/internal/server/storage/drivers/utils.go @@ -604,8 +604,8 @@ func copyDevice(inputPath string, outputPath string) error { cmd := []string{ "nice", "-n19", // Run dd with low priority to reduce CPU impact on other processes. "dd", fmt.Sprintf("if=%s", inputPath), fmt.Sprintf("of=%s", outputPath), - "bs=16M", // Use large buffer to reduce syscalls and speed up copy. - "conv=nocreat", // Don't create output file if missing (expect caller to have created output file). + "bs=16M", // Use large buffer to reduce syscalls and speed up copy. + "conv=nocreat,sparse", // Don't create output file if missing (expect caller to have created output file), also attempt to make a sparse file. } // Check for Direct I/O support.