From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=SxEu8hWz; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTPS id C48B05A026F for ; Fri, 26 Sep 2025 03:00:34 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1758848433; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ZuPzZIiWiyUMSM3lyv+yhCQJffvpSRKY/xf6LK81iuA=; b=SxEu8hWz8UYJuSAzrR8/vcytuCbnBwGmBFwwqDV7K4xwc0pHyDHDBa03btoq540QqhUWbo IXx1jZqFSFaApaIkDZ60bMUOxUCsVCXAvhCO4IB8BjcWAiKYHt/r3FEGm2BQ1Ej+StwPwk kNoej2FHbjA47op6L+tMnkMjHkBhgB8= Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-553-fvchqjrqMjW4wUWACGJP4A-1; Thu, 25 Sep 2025 21:00:32 -0400 X-MC-Unique: fvchqjrqMjW4wUWACGJP4A-1 X-Mimecast-MFC-AGG-ID: fvchqjrqMjW4wUWACGJP4A_1758848431 Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-634b3584d4bso784941a12.3 for ; Thu, 25 Sep 2025 18:00:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1758848431; x=1759453231; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZuPzZIiWiyUMSM3lyv+yhCQJffvpSRKY/xf6LK81iuA=; b=IuusI0yrJreAAfTFdc5S9gDZpy6ljtsvKWSvmJ2VthnafApFC4wAVvi/GNLfTd7FtP PjFuWlLcCYofg8S0PQhA8LZ5Vnt7uls++Cti0ln9Bqgyqbgiz+dymsNNb6jLXT6WYVkw FVzrf9f6sHWsDwHah/jsz3y1qyliH38icCTnPk+lDJy3hs/1GkSCUy30Zdg3TDLPE8nm dctjUbyUvzuvkndxxA89nqTOwOV4i+U/TZ9gtUTyHds5Jw1mlIMYExY1dRl9T0a8uOlG e/3YYOvrhm5QvWPg0QnsgNbI2Osu/LBPsfm/aoIHMuKI98FZqXmr1gSUCTJD3ORfZbVm sUsA== X-Forwarded-Encrypted: i=1; AJvYcCV6tmPdH8SFoR6G+px2E/UmQ0yzNUgReTLAKLRxy2vw55gXziF/ECBxqlsQ0+KgluBJgswQnZdcMc0=@passt.top X-Gm-Message-State: AOJu0Ywh1TQc1+kCnazTt2g1WFiolpLCuCShMvvoDcX52LaWCwrKz6p/ f6qr6Dfh3JLu5/+G/zk5Fq2ZTztDyvXQFOecE0STlulaIbmoSrsmwFyYUi+cf1jnalbRd7BBRyz 04miR65Ko8XWcx/LRRT5Hv6/EhVq4dgidGI9lpk9Rs78gTnEVWLn1nn4Ym/aP/Ys2O6dlMJYOnJ 3RsLLMFgAmJOLlDp+XsUS/1+zuknJt X-Gm-Gg: ASbGncul8bmZBzap3JmD5tDxApn+yfmyTyjIA9MqQN8KtTFPpDXUcqxur36EcfPTHQM 7q5l4VL3c2+rqBdSQOsnib/JEnhlZ5PyKCAgFGt6z9Zcz4qrZQBKh+gEYdEttktusRTxnPw5Jsr nW1ykRvNLxXDthGkLEgmQT9g== X-Received: by 2002:a17:906:d54d:b0:b07:cf6d:bfcf with SMTP id a640c23a62f3a-b34bc96bd16mr621654766b.62.1758848430689; Thu, 25 Sep 2025 18:00:30 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFJtPXb2b7moAOBOzC5MjOOznvX/l/LTz4+RHrTzyp8TRGJlWEgi88ci9mCVS/iL3LBQwpwhiMQW0+C+3BOcuo= X-Received: by 2002:a17:906:d54d:b0:b07:cf6d:bfcf with SMTP id a640c23a62f3a-b34bc96bd16mr621652966b.62.1758848430187; Thu, 25 Sep 2025 18:00:30 -0700 (PDT) MIME-Version: 1.0 References: <20250925054306.15964-1-yuhuang@redhat.com> <20250925085305.GW1460@redhat.com> <20250925114025.14ea1815@elisabeth> <20250925102749.GY1460@redhat.com> <20250925125442.1ef9c803@elisabeth> In-Reply-To: <20250925125442.1ef9c803@elisabeth> From: Yumei Huang Date: Fri, 26 Sep 2025 09:00:19 +0800 X-Gm-Features: AS18NWBTyZbZgoPxjUafW5Sj73sF6dJRbNETjt9ifNK2to5KkINmZR_op-397Y4 Message-ID: Subject: Re: [PATCH] test: fix 'make assets' failure as root To: Stefano Brivio X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: Dz99e_WD-49fLsXBnfwP_pWybv3UjvUqfrqZV5wN8rY_1758848431 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Message-ID-Hash: T723GBSOXQ3HKEIGFG3AOSTHZZOLXXBO X-Message-ID-Hash: T723GBSOXQ3HKEIGFG3AOSTHZZOLXXBO X-MailFrom: yuhuang@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: "Richard W.M. Jones" , passt-dev@passt.top, david@gibson.dropbear.id.au, berrange@redhat.com X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Thu, Sep 25, 2025 at 6:54=E2=80=AFPM Stefano Brivio = wrote: > > On Thu, 25 Sep 2025 11:27:49 +0100 > "Richard W.M. Jones" wrote: > > > On Thu, Sep 25, 2025 at 11:40:25AM +0200, Stefano Brivio wrote: > > > On Thu, 25 Sep 2025 09:53:06 +0100 > > > "Richard W.M. Jones" wrote: > > > > > > > On Thu, Sep 25, 2025 at 01:43:06PM +0800, Yumei Huang wrote: > > > > > Running `make assets` under `test` as root fails with a "Permissi= on denied" > > > > > error when `prepare-distro-img.sh` invokes `virt-edit` and `guest= fish`. This > > > > > is due to a known bug in libvirt. > > > > > > > > > > Work around the issue by switching to the direct backend. > > > > > > > > > > Signed-off-by: Yumei Huang > > > > > --- > > > > > test/prepare-distro-img.sh | 2 ++ > > > > > 1 file changed, 2 insertions(+) > > > > > > > > > > diff --git a/test/prepare-distro-img.sh b/test/prepare-distro-img= .sh > > > > > index 0d967c9..423eea7 100755 > > > > > --- a/test/prepare-distro-img.sh > > > > > +++ b/test/prepare-distro-img.sh > > > > > @@ -3,6 +3,8 @@ > > > > > IMG=3D"$1" > > > > > PASST_FILES=3D"$(echo ../*.c ../*.h ../*.sh ../*.1 ../Makefile .= ./README.md)" > > > > > > > > > > +export LIBGUESTFS_BACKEND=3Ddirect > > > > > > > > Please add a comment that this is only added as a temporary hack un= til > > > > we can get a proper fix (in libguestfs possibly, see Dan's earlier > > > > email). > > > > > > On the other hand, regardless of that fix, I would be happy to be run > > > this on single-user Alpine L1 guests, eventually, where libguestfs > > > doesn't depend on libvirt (see my caveat 2.), and I usually reserve > > > very little disk space for those. > > > > The upstream default is backend 'direct'. In Fedora & RHEL we > > override this with 'libvirt': > > > > https://src.fedoraproject.org/rpms/libguestfs/blob/rawhide/f/libguestfs= .spec#_714 > > Ah, sorry, I had no idea! > > > I don't know what Alpine does, but likely it leaves it at the default. > > (You can try: `guestfish get-backend`) > > Yes, this is guestfs-tools and libguestfs 1.56.1-r0 on Alpine: > > # guestfish get-backend > direct > > Same on any modern Debian, openSUSE, Ubuntu. > > > > If you don't have compelling reasons (like you're dropping > > > LIBGUESTFS_BACKEND=3Ddirect in two weeks), I would simply keep this a= s > > > long as it works. The day you drop that, we'll drop this too. > > > > We're not dropping the environment variable / feature ever. The > > problem is that this was cargo-culted into a lot of code over the > > years, and it does reduce the security of libguestfs on RHEL. We're > > having an (ongoing) battle to remove this cargo-culting from CNV right > > now. I'm just not keen to add this line in new places, without at > > least a comment saying this is a temporary hack, and not generally > > recommended. > > Oh, I see, that makes sense. > > But then, Yumei, we should also add to that comment (sorry, this is > becoming much more complicated than I thought...) that the workaround > is for Fedora and related distributions. I will update in v2. Thank you all for the comments. > > -- > Stefao > --=20 Thanks, Yumei Huang