From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CdCCcG9V; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTPS id 7A7B55A0619 for ; Wed, 08 Oct 2025 17:02:15 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1759935734; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3m6nO8IuwuGlEf5ycq9GB/HjKLTttdcuQjPKdrywWMk=; b=CdCCcG9VYkOYT/ibG/mALc8jk/zj1MtSjsmJe3flFU98o0EdG+MaD1Yz8/ImYovWoVibpR kOX8eyAIlmjioqvKn/1IbuxhdEuZoGJkhvv97MpnSUeLNYGqeWPIf7vWN4fsz+q8iAsfZL F7UBQxp2Vte3jrrXg0dwXM8csu0FF74= Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-111-ShaR8ZtkPJ-L6izb7_8EgQ-1; Wed, 08 Oct 2025 11:02:07 -0400 X-MC-Unique: ShaR8ZtkPJ-L6izb7_8EgQ-1 X-Mimecast-MFC-AGG-ID: ShaR8ZtkPJ-L6izb7_8EgQ_1759935726 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id A30071800597; Wed, 8 Oct 2025 15:02:03 +0000 (UTC) Received: from [10.22.80.212] (unknown [10.22.80.212]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id E397230002CC; Wed, 8 Oct 2025 15:02:00 +0000 (UTC) Message-ID: Date: Wed, 8 Oct 2025 11:01:59 -0400 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] isolation: keep CAP_DAC_OVERRIDE initially To: Stefano Brivio References: <8635494bf4747935bc2179bdb37c8c2cbbe4ed55.1759839307.git.crobinso@redhat.com> <20251007180232.328feebc@elisabeth> <229a2d1d-f899-4eae-a23c-d0613d6f2593@redhat.com> <20251007184913.43e897a8@elisabeth> From: Cole Robinson In-Reply-To: <20251007184913.43e897a8@elisabeth> X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: -yQMbiF74WvMqcb65ow8Bwmx0S_zhZkRIChSXZN4X_0_1759935726 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-MailFrom: crobinso@redhat.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation Message-ID-Hash: TNJEASXINUXKK4SSIID3K22K3X6XIGJI X-Message-ID-Hash: TNJEASXINUXKK4SSIID3K22K3X6XIGJI X-Mailman-Approved-At: Wed, 08 Oct 2025 17:06:29 +0200 CC: David Gibson , passt-dev@passt.top, "Richard W.M. Jones" , Yumei Huang X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On 10/7/25 12:49 PM, Stefano Brivio wrote: > On Tue, 7 Oct 2025 12:43:30 -0400 > Cole Robinson wrote: > >> On 10/7/25 12:02 PM, Stefano Brivio wrote: >>> [Cc: Yumei as this is somewhat related to >>> https://archives.passt.top/passt-dev/20250926011714.5978-1-yuhuang@redhat.com/, >>> and David as he wrote most of this part] >>> >>> On Tue, 7 Oct 2025 08:16:39 -0400 >>> Cole Robinson wrote: >>> >>>> Reproducer that I'd expect to work >>>> >>>> $ cd $HOME >>>> $ sudo passt --runas $UID --socket foo.sock >>>> Failed to bind UNIX domain socket: Permission denied >>>> >>>> A more practical example is for libguestfs apps when run as user=root. >>>> >>>> + libguestfs connects to libvirt qemu:///system >>>> + libvirt qemu:///system defaults to user=qemu. >>>> + chowns passt runtime dir to user=qemu >>>> + libguestfs instead requests the VM run as user=root >>>> + patches in progress but we are blocked by this issue >>>> + passt is launched as root, but can't open socket in passt dir. >>>> >>>> Obviously libvirt needs improvements too. >>>> But it seems like this is a defect as well. >>> >>> Thanks for the patch! I think it's absolutely unproblematic to keep >>> CAP_DAC_OVERRIDE for a moment at the beginning. Did you figure out >>> exactly why it's needed by the way? >>> >> >> Last line in the list above should read: >> >> + passt is launched as root, but can't open socket in passt dir >> because it's owned by qemu.qemu > > ...at this point, can you perhaps come up with a complete commit message > also including the details Rich explained / reported? > > No need to repost. On the other hand it's a single patch so if you > have a moment you might as well... > v2 sent now Thanks, Cole