17

I am aiming to set up full write access to a 9p share for a KVM guest. Both host and guest have the same users/groups with the same IDs. Both host and guest should be able to write to the share using same usernames and I don't want to distinguish whether a file was written by host or guest. The kvm process is running as root — I set user and group to root in /etc/libvirt/qemu.conf.

In the guest definition on the host, the share is defined as follows:

<filesystem type='mount' accessmode='passthrough'>
  <source dir='/mnt/storage/data'/>
  <target dir='data'/>
  <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
</filesystem>

In the guest, the share is mounted as:

mount -t 9p -o rw,trans=virtio,version=9p2000.L,msize=262144 data /mnt/data

The problem is that the root user in the guest cannot write to files/folders owned by non-root user on the host. Even more strangely, the guest's root can rename and delete such files. That is, when on the host machine I create a file as a non-root user, I then simply cannot edit it as the guest's root, even though I can rename and delete it!

I also found that where a folder created on the host under non-root user has its permissions set to 777, the guest's root can write to it (i.e. create files in it). This, however, does not apply to files — they still cannot be edited regardless of permissions.

Both host and guest are running Linux server 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64 GNU/Linux. In Debian, SELinux is disabled by default and I did not enable it. I tried all three available 9p access modes (passthrough, mapped and squash) — no difference.

Just wondering if there is anything I can tweak to get it work, or is it just a bug?

Note there is a similar issue reported here: Read/write access for passthrough (9p) filesystems with libvirt/qemu? but unlike that case, I have 100% write access where files owned by root, it's just non-root user files that I cannot write to even being root on the guest.

Community
  • 1
Greendrake
  • 1,171
  • 1
  • 12
  • 22
  • 5
    Just for information, I have never gotten this to work correctly, and have run into all of these same issues. Consequently, p9 filesystem passthrough implementations have been deprecated in recent qemu/libvirt versions. – Spooler Sep 12 '16 at 01:58
  • 6
    Similarly here. Red hat seems to think that 9p is [not ready for prime time](https://access.redhat.com/discussions/1119043). – Diagon Dec 17 '17 at 06:45

3 Answers3

1

I had similar problems and never got it working with 9p, and as other commenters have said 9p is not mature.

I ended up using samba to mount a host filesystem and it's working fine. Any other network filesystem would do the job, too, probably (e.g. NFS, which is recommended by Red Hat; see link from @Diagon's comment https://access.redhat.com/discussions/1119043).

bug.spencor
  • 61
  • 5
0

In my case the kvm environment is running under the user libvirt. (default ) Then , if the /mnt/storage/data is owned by libvirt-qemu.kvm on the host and chmod 0777 /mnt/storage/data was deployed, it works for me. I can create a dir as a normal user ( for ex /mnt/storage/data/test/ ) in the guest and root can do all the task you asked for. ( Still more,every user is the guest can delete every file even owned by root. I managered that problem by changing the rights from 777 to 775 at the host. If the user in the guest is part of the group, he can do everything if not, he only has read rights ... )

Volker
  • 1
0

Can you check filesystem additional attributes such as acl's on shared directory? I am suspecting permission issue.

asktyagi
  • 2,401
  • 1
  • 5
  • 19