From b2c9a879408aec382611b1d2a817b83b9a8b344a Mon Sep 17 00:00:00 2001
From: Dan Kenigsberg <danken@redhat.com>
Date: Tue, 19 Oct 2010 15:26:32 +0200
Subject: [PATCH] root_squash: virFileOperation may fail with EPERM too

Over root-squashing nfs, when virFileOperation() is called as uid==0,
it may fail with EACCES, but also with EPERM, due to
virFileOperationNoFork()'s failed attemp to chown a writable file.

qemudDomainSaveFlag() should expect this case, too.
---
 src/qemu/qemu_driver.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 7204ac8efb..abd8e9d237 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -5402,13 +5402,13 @@ static int qemudDomainSaveFlag(struct qemud_driver *driver, virDomainPtr dom,
                                   qemudDomainSaveFileOpHook, &hdata,
                                   0)) < 0) {
             /* If we failed as root, and the error was permission-denied
-               (EACCES), assume it's on a network-connected share where
-               root access is restricted (eg, root-squashed NFS). If the
+               (EACCES or EPERM), assume it's on a network-connected share
+               where root access is restricted (eg, root-squashed NFS). If the
                qemu user (driver->user) is non-root, just set a flag to
                bypass security driver shenanigans, and retry the operation
                after doing setuid to qemu user */
 
-            if ((rc != -EACCES) ||
+            if (((rc != -EACCES) && (rc != -EPERM)) ||
                 driver->user == getuid()) {
                 virReportSystemError(-rc, _("Failed to create domain save file '%s'"),
                                      path);
-- 
GitLab