From 1b3b61bc9cd913a2f3fea1ab39ded81c6da2bacd Mon Sep 17 00:00:00 2001
Message-Id: <1b3b61bc9cd913a2f3fea1ab39ded81c6da2bacd@dist-git>
From: Martin Kletzander <mkletzan@redhat.com>
Date: Mon, 14 Sep 2015 10:15:26 +0200
Subject: [PATCH] qemu: Do not allow others into per-VM subdirectories
https://bugzilla.redhat.com/show_bug.cgi?id=1146886
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit 192a13948905668955ff39e32d4622f8511fadf0)
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/qemu/qemu_process.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index d5b0fc0..ee1d6b2 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -4737,7 +4737,7 @@ int qemuProcessStart(virConnectPtr conn,
if (virAsprintf(&tmppath, "%s/domain-%s", cfg->libDir, vm->def->name) < 0)
goto cleanup;
- if (virFileMakePath(tmppath) < 0) {
+ if (virFileMakePathWithMode(tmppath, 0750) < 0) {
virReportSystemError(errno, _("Cannot create directory '%s'"), tmppath);
goto cleanup;
}
@@ -4752,7 +4752,7 @@ int qemuProcessStart(virConnectPtr conn,
cfg->channelTargetDir, vm->def->name) < 0)
goto cleanup;
- if (virFileMakePath(tmppath) < 0) {
+ if (virFileMakePathWithMode(tmppath, 0750) < 0) {
virReportSystemError(errno, _("Cannot create directory '%s'"), tmppath);
goto cleanup;
}
--
2.5.2