On Fri, Oct 14, 2016 at 07:25:42PM +0200, Pierre Neyron wrote:
Hello,
I've got a strange behavior with guestmount: I've a root directory with
mod/owner = drwx------ root root. I cannot change directory to it as a
regular user (as normal), but I can list its content (not normally
normal) and I can change directory to a subdirectory in it which is mod
drwxr-xr-x.
E.g:
$ mkdir /tmp/mnt
$ guestmount --ro -i -a test.qcow2 /tmp/mnt/
$ cd /tmp/mnt
$ ls -ld root/
drwx------ 4 root root 4096 Oct 14 19:21 root/
$ ls -l root/
total 4
drwxr-xr-x 2 root root 4096 Oct 14 19:21 subdir
$ cd root
bash: cd: root: Permission denied
$ cd root/subdir
$ pwd
/tmp/mnt/root/subdir
Also tar is ok as well:
$ cd /tmp/mnt
$ tar cf /tmp/tar.tar .
$ tar tf /tmp/tar.tar | grep -e "^./root/subdir/$"
./root/subdir/
This is for sure some fuse magic to allow the regular user to list files
just as if he is root (after all, guestmount did not require to be root
in the first place).
This isn't exactly what's happening. libguestfs runs an appliance,
and inside the appliance everything runs as root [not the same as host
root], so has access to every file in the disk image. guestmount runs
as your [host] user, translating everything into libguestfs API calls.
However FUSE is a bit strange in that it allows you to create files
which appear to come from other users. There are various options
which let you change this behaviour, have a look at the `-o' options
in the `guestmount --fuse-help' output and the guestmount and FUSE
manuals.
In this case you've created a root-owned directory which you (as
non-root) cannot access.
The usual solution to all these problems is just to use the libguestfs
API directly, which gives you a great deal more control, supports
xattrs properly, and is also a bit faster.
Rich.
I'm very ok with that since this is very useful,
but then I would expect `cd root' to be OK as well ?
I'm using
$ guestmount -V
guestmount 1.32.7
Best regards,
PS: @moderators: sorry for the noise with cancelled messages, I fixed
typos... :/
--
Pierre
_______________________________________________
Libguestfs mailing list
Libguestfs(a)redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs
--
Richard Jones, Virtualization Group, Red Hat
http://people.redhat.com/~rjones
Read my programming and virtualization blog:
http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html