mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8fc54f9428
qemu/block
History
Max Reitz 8fc54f9428 export/fuse: Add allow-other option 
Without the allow_other mount option, no user (not even root) but the
one who started qemu/the storage daemon can access the export.  Allow
users to configure the export such that such accesses are possible.

While allow_other is probably what users want, we cannot make it an
unconditional default, because passing it is only possible (for non-root
users) if the global fuse.conf configuration file allows it.  Thus, the
default is an 'auto' mode, in which we first try with allow_other, and
then fall back to without.

FuseExport.allow_other reports whether allow_other was actually used as
a mount option or not.  Currently, this information is not used, but a
future patch will let this field decide whether e.g. an export's UID and
GID can be changed through chmod.

One notable thing about 'auto' mode is that libfuse may print error
messages directly to stderr, and so may fusermount (which it executes).
Our export code cannot really filter or hide them.  Therefore, if 'auto'
fails its first attempt and has to fall back, fusermount will print an
error message that mounting with allow_other failed.

This behavior necessitates a change to iotest 308, namely we need to
filter out this error message (because if the first attempt at mounting
with allow_other succeeds, there will be no such message).

Furthermore, common.rc's _make_test_img should use allow-other=off for
FUSE exports, because iotests generally do not need to access images
from other users, so allow-other=on or allow-other=auto have no
advantage.  OTOH, allow-other=on will not work on systems where
user_allow_other is disabled, and with allow-other=auto, we get said
error message that we would need to filter out again.  Just disabling
allow-other is simplest.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20210625142317.271673-3-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-07-09 12:26:05 +02:00
..
export export/fuse: Add allow-other option 2021-07-09 12:26:05 +02:00
monitor monitor: hmp_qemu_io: acquire aio contex, fix crash 2021-05-14 16:14:10 +02:00
accounting.c block/accounting: Use lock guard macros 2020-12-11 17:52:39 +01:00
aio_task.c block: introduce aio task pool 2019-10-10 10:56:17 +02:00
amend.c block/amend: Check whether the node exists 2020-07-27 12:37:25 +02:00
backup-top.c block/backup-top: drop .active 2021-04-30 12:27:48 +02:00
backup-top.h qapi: backup: add perf.use-copy-range parameter 2021-01-26 14:36:37 +01:00
backup.c mirror: stop cancelling in-flight requests on non-force cancel in READY 2021-05-14 16:14:10 +02:00
blkdebug.c block: check return value of bdrv_open_child and drop error propagation 2021-03-08 15:07:09 -06:00
blklogwrites.c block: check return value of bdrv_open_child and drop error propagation 2021-03-08 15:07:09 -06:00
blkreplay.c block: check return value of bdrv_open_child and drop error propagation 2021-03-08 15:07:09 -06:00
blkverify.c block: check return value of bdrv_open_child and drop error propagation 2021-03-08 15:07:09 -06:00
block-backend.c block: add max_hw_transfer to BlockLimits 2021-06-25 10:54:13 +02:00
block-copy.c block-copy: atomic .cancelled and .finished fields in BlockCopyCallState 2021-06-25 14:33:51 +03:00
block-gen.h scripts: add block-coroutine-wrapper.py 2020-10-05 10:59:06 +01:00
bochs.c block: Use bdrv_default_perms() 2020-05-18 19:05:25 +02:00
cloop.c block: Use bdrv_default_perms() 2020-05-18 19:05:25 +02:00
commit.c block/commit: use QEMU_AUTO_VFREE 2021-06-29 16:51:21 +02:00
copy-on-read.c block/copy-on-read: use bdrv_drop_filter() and drop s->active 2021-05-14 16:14:10 +02:00
copy-on-read.h copy-on-read: add filter drop function 2021-01-26 11:26:54 +01:00
coroutines.h block/nbd: reuse nbd_co_do_establish_connection() in nbd_open() 2021-06-18 12:21:22 -05:00
create.c block/create: Do not abort if a block driver is not available 2019-09-13 12:18:37 +02:00
crypto.c block: add bdrv_co_delete_file_noerr 2021-02-15 15:10:14 +01:00
crypto.h nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
curl.c curl: Disconnect sockets from CURLState 2021-03-19 10:15:06 +01:00
dirty-bitmap.c block: remove dirty bitmaps 'status' field 2021-03-18 09:22:55 +00:00
dmg-bz2.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
dmg-lzfse.c block: Remove unused include 2020-11-09 15:44:21 +01:00
dmg.c block: Fix some code style problems, "foo* bar" should be "foo *bar" 2020-11-09 18:42:47 +01:00
dmg.h Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
file-posix.c file-posix: handle EINTR during ioctl 2021-06-25 10:54:13 +02:00
file-win32.c block/file: switch to use qemu_open/qemu_create for improved errors 2020-09-16 10:33:48 +01:00
filter-compress.c block: Inline bdrv_co_block_status_from_*() 2020-09-07 12:31:31 +02:00
gluster.c qapi: More complex uses of QAPI_LIST_APPEND 2021-01-28 08:08:45 +01:00
io_uring.c io_uring: do not use pointer after free 2020-11-17 12:26:48 +01:00
io.c block: Move read-only check during truncation earlier 2021-06-29 16:51:00 +02:00
iscsi-opts.c Include qemu/module.h where needed, drop it from qemu-common.h 2019-06-12 13:18:33 +02:00
iscsi.c Remove superfluous timer_del() calls 2021-01-08 15:13:38 +00:00
linux-aio.c misc: Replace zero-length arrays with flexible array member (automatic) 2020-03-16 22:07:42 +01:00
meson.build progressmeter: protect with a mutex 2021-06-25 14:24:24 +03:00
mirror.c mirror: stop cancelling in-flight requests on non-force cancel in READY 2021-05-14 16:14:10 +02:00
nbd.c block/nbd: Use qcrypto_tls_creds_check_endpoint() 2021-06-29 18:29:47 +01:00
nfs.c util/uri: do not check argument of uri_free() 2021-07-09 12:26:05 +02:00
null.c block/null: Implement bdrv_get_allocated_file_size 2020-09-07 12:31:31 +02:00
nvme.c block/nvme: Trace NVMe spec version supported by the controller 2021-02-02 17:05:38 +01:00
parallels-ext.c parallels: support bitmap extension for read-only mode 2021-03-08 14:56:55 +01:00
parallels.c parallels: support bitmap extension for read-only mode 2021-03-08 14:56:55 +01:00
parallels.h parallels: support bitmap extension for read-only mode 2021-03-08 14:56:55 +01:00
preallocate.c block: introduce preallocate filter 2020-12-18 12:35:55 +01:00
progress_meter.c progressmeter: protect with a mutex 2021-06-25 14:24:24 +03:00
qapi-sysemu.c block: Move system emulator QMP commands to block/qapi-sysemu.c 2020-03-06 17:15:38 +01:00
qapi.c block: use GDateTime for formatting timestamp when dumping snapshot info 2021-06-14 13:28:50 +01:00
qcow2-bitmap.c nbd patches for 2021-03-09 2021-03-11 13:57:08 +00:00
qcow2-cache.c core: replace getpagesize() with qemu_real_host_page_size 2019-10-26 15:38:06 +02:00
qcow2-cluster.c qcow2: Fix corruption on write_zeroes with MAY_UNMAP 2020-11-24 11:29:41 +01:00
qcow2-refcount.c qcow2: Make qcow2_free_any_clusters() free only one cluster 2020-09-15 11:05:13 +02:00
qcow2-snapshot.c block: consistently use bdrv_is_read_only() 2021-06-02 14:23:20 +02:00
qcow2-threads.c qcow2: add zstd cluster compression 2020-05-13 14:20:31 +02:00
qcow2.c block: consistently use bdrv_is_read_only() 2021-06-02 14:23:20 +02:00
qcow2.h block/qcow2-bitmap: return status from qcow2_store_persistent_dirty_bitmaps 2021-03-08 16:03:21 -06:00
qcow.c block/qcow: remove runtime opts 2020-09-15 11:05:13 +02:00
qed-check.c block/qed: add missed coroutine_fn markers 2019-04-30 15:29:00 +02:00
qed-cluster.c qed: protect table cache with CoMutex 2017-07-17 11:34:11 +08:00
qed-l2-cache.c qed: protect table cache with CoMutex 2017-07-17 11:34:11 +08:00
qed-table.c block/qed: add missed coroutine_fn markers 2019-04-30 15:29:00 +02:00
qed.c block/qed: bdrv_qed_do_open: deal with errp 2021-03-08 16:03:32 -06:00
qed.h qed: Simplify backing reads 2020-07-06 10:34:14 +02:00
quorum.c block/quorum: Provide .bdrv_co_flush instead of .bdrv_co_flush_to_disk 2021-06-02 14:23:20 +02:00
raw-format.c block/raw-format: implement .bdrv_cancel_in_flight handler 2021-02-12 09:45:18 -06:00
rbd.c block/rbd: drop qemu_rbd_refresh_limits 2021-07-09 12:26:05 +02:00
replication.c replication: move include out of root directory 2021-05-26 14:49:46 +02:00
snapshot.c block/snapshot: Clarify goto fallback behavior 2021-06-24 09:49:04 +02:00
ssh.c util/uri: do not check argument of uri_free() 2021-07-09 12:26:05 +02:00
stream.c stream: Don't crash when node permission is denied 2021-03-19 10:15:06 +01:00
throttle-groups.c block/throttle-groups: throttle_group_co_io_limits_intercept(): 64bit bytes 2021-02-03 08:14:00 -06:00
throttle.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
trace-events block: add trace point when fdatasync fails 2021-06-14 13:28:50 +01:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
vdi.c block/vdi: Don't assume that blocks are larger than VdiHeader 2021-03-31 10:44:21 +01:00
vhdx-endian.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
vhdx-log.c block: consistently use bdrv_is_read_only() 2021-06-02 14:23:20 +02:00
vhdx.c block/vhdx: Support vhdx image only with 512 bytes logical sector size 2020-09-15 11:05:13 +02:00
vhdx.h block/vhdx: Use IEC binary prefixes for size constants 2019-04-30 15:29:00 +02:00
vmdk.c qapi: Use QAPI_LIST_APPEND in trivial cases 2021-01-28 08:08:45 +01:00
vpc.c block/vpc: Use sizeof() instead of HEADER_SIZE for footer size 2020-12-18 12:43:30 +01:00
vvfat.c block/vvfat: inherit child_vvfat_qcow from child_of_bds 2021-06-02 14:23:20 +02:00
win32-aio.c Include qemu/module.h where needed, drop it from qemu-common.h 2019-06-12 13:18:33 +02:00
write-threshold.c write-threshold: deal with includes 2021-05-14 16:14:10 +02:00