To use virtio-serial device, unix socket created for communication with default umask(022) has insufficient permissions. e.g. 1. Setup a virtual machine with a virtio-serial device: # virsh edit myvm (...) <channel type='unix'> <source mode='bind' path='/tmp/somefile.sock'/> <target type='virtio' name='com.suse.sometest'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> (...) <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/> </controller>
2. Start this virtual machine: # virsh start myvm 3. Check permissions for the socket file that has been created in the host to enable communication through virtual serial ports in the guest: # ls -l /tmp/somefile.sock srwxr-xr-x 1 qemu qemu 0 21. Jul 14:19 /tmp/somefile.sock Other users in the qemu group (like real user, test engines, etc) cannot write to this socket. Problem reported here: https://sourceware.org/bugzilla/show_bug.cgi?id=13078#c11 https://bugzilla.novell.com/show_bug.cgi?id=888166 This patch tries to pass a 'umask' option to '-chardev' when building qemu command line in above configuration case. In qemu side, there is another patch to handle the 'umask' option to overwrite default umask(022). With these changes, unix socket created for virtio-serial device can have expected permissions. Signed-off-by: Chunyan Liu <cy...@suse.com> --- This is patch for libvirt. src/qemu/qemu_command.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index beb8ca8..11eee44 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -8509,6 +8509,18 @@ qemuBuildCommandLine(virConnectPtr conn, channel->info.alias, qemuCaps))) goto error; + /* use umask(002) instead of default umask(022) to create + * a unix socket, so that virtio-serial device has sufficient + * permissions for correct usage. + */ + if (channel->source.type == VIR_DOMAIN_CHR_TYPE_UNIX) { + char *tmpstr = NULL; + if (virAsprintf(&tmpstr, "%s,umask=0x002", devstr) < 0) + goto error; + VIR_FREE(devstr); + devstr = tmpstr; + } + virCommandAddArg(cmd, devstr); VIR_FREE(devstr); } -- 1.8.4.5