[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] bug in dom create script regarding xenstore permission?
- To: Vincent Hanquez <vincent.hanquez@xxxxxxxxxxxxx>
- From: weiming <zephyr.zhao@xxxxxxxxx>
- Date: Wed, 15 Jul 2009 08:52:57 -0400
- Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
- Delivery-date: Wed, 15 Jul 2009 05:53:55 -0700
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=TZs94p8PNj7y2PO9VU7hhmnTDvS/0Wq/ZmwVDN8RpL52ztIiytio4hsdn2DIp3jZmU m5+1xgj8GOuOEaenCaRpP+lNJoGOYT30B2kZDvGeSyIkKVkIsQWFtsobS8uK1S/AGA2x GaW4b6dYoGrYZjdWsKVamI8Vw3xxsD5B+xeSQ=
- List-id: Xen developer discussion <xen-devel.lists.xensource.com>
Thanks. But as I said in the first post, /local/domain/<domid>/* is readonly to that domain of <domid> That makes me feel weird. (and you told me it's for security purpose. :D)
Weiming
On Wed, Jul 15, 2009 at 6:30 AM, Vincent Hanquez <vincent.hanquez@xxxxxxxxxxxxx> wrote:
weiming wrote:
Hi Vincent,
Thanks for letting me know.
Is their any way to override this default behavior?
I have a script in domU, which is supposed to post some info to xenstore after it boots up.
Yes, I can manually grant permission after I create a guest domain, but I wish I could automated it.
I don't really know how to do that exactly; you have to look at where the /local/domain/<domid>/ entry get created, and put an explicit setperm there.
However I think changing your script in a domU is the way forward. there are other place in xenstore (have a look at maybe /vm/<uuid>/ and /local/domain/<domid>/*/ ) that are still writable.
--
Vincent
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|