On Fri, 31 Jan 2025 19:20:44 +0300 Michael Tokarev <m...@tls.msk.ru> wrote:
31.01.2025 17:10, Simon John wrote:
> simon 390398 0.0 0.0 6512 3940 ? S 13:37 0:00 /usr/libexec/virtiofsd --fd=34 -o source=/ssd/shared --uid-map=:0:501:1: --uid-
> map=:501:501:1: --gid-map=:0:501:1: --gid-map=:501:501:1:
That helps but is not enough.
When it fails, does /var/log/libvirt/qemu/$VMNAME.log contain something
interesting,
or /var/log/libvirt/qemu/$VMNAME-$FSALIAS-virtiofsd.log?
The virtiofsd command line should be there somewhere too.
I have no logs there, I played around with /etc/libvirt/virtlogd.conf
but still got no mention of virtiofs, nothing in journalctl either.
I just tried 1.13.0-5 and its no different although I noticed from the
help text that 1.10.1 is using the deprecated -o option to specify the
source which should probably be --shared-dir, so I tried removing the
config from virt-manager
<idmap>
<uid start="0" target="501" count="1"/>
<uid start="501" target="501" count="1"/>
<gid start="0" target="501" count="1"/>
<gid start="501" target="501" count="1"/>
</idmap>
and then it somehow auto-regenerated it as:
<idmap>
<uid start="0" target="501" count="1"/>
<uid start="1" target="10000" count="65536"/>
<gid start="0" target="501" count="1"/>
<gid start="1" target="10000" count="65536"/>
</idmap>
which I guess its reading from /etc/subgid and subuid.
That results in the following process:
/usr/libexec/virtiofsd --fd=32 --shared-dir /ssd/shared
--uid-map=:0:501:1: --uid-map=:1:10000:65536: --gid-map=:0:501:1:
--gid-map=:1:10000:65536:
But now I can no longer write to the share from the guest as my
unprivileged user, I can only write to it as root which gets mapped to
501:501 on the host, as the share in the guest gets set to root:root
instead of the previous 501:501 behaviour of 1.10.1
I can't actually find any docs anymore on idmap for virtiofsd in
qemu://session, I even tried setting only one uid/gid map in the xml,
but that made no difference, still can only write as root.
--
Simon John
