dynamic ownership restores to root:root on devfs when not using hot-add/remove
Software environment
- Operating system: Ubuntu 22.04
- Architecture: x86
- kernel version: 5.15.0-78-generic
- libvirt version: 8.0.0-1ubuntu7.6 (also seen in more recent versions)
- Hypervisor and version: qemu/kvm 1:6.2+dfsg-2ubuntu6.12
Description of problem
Steps to reproduce
File test-nbd.xml
<disk type='block' device='disk'>
<driver name='qemu' type='raw' cache='none'/>
<source dev='/dev/nbd0'/>
<target dev='vde' bus='virtio'/>
</disk>
Good case (hot add/remove)
- Create a guest your preferred way
- Start guest without the block device
- Check device permission stay as-is in host pre/while/post attaching
$ virsh start j
Domain 'j' started
$ ls -laF /dev/nbd0
brw-rw---- 1 root disk 43, 0 Aug 7 09:26 /dev/nbd0
$ virsh attach-device j test-nbd.xml
Device attached successfully
$ ls -laF /dev/nbd0
brw-rw---- 1 root disk 43, 0 Aug 7 09:26 /dev/nbd0
$ virsh attach-device j test-nbd.xml
Device attached successfully
$ ls -laF /dev/nbd0
brw-rw---- 1 root disk 43, 0 Aug 7 09:26 /dev/nbd0
Bad case - start with the guest domain
- shut down the guest you used above
- virsh edit that guest and add the disk into the static guest config
- Check permissions change not while, but after execution
$ ls -laF /dev/nbd0
brw-rw---- 1 root disk 43, 0 Aug 7 09:26 /dev/nbd0
ubuntu@node-horsea:~$ virsh start j
Domain 'j' started
brw-rw---- 1 root disk 43, 0 Aug 7 09:26 /dev/nbd0
$ virsh shutdown j
Domain 'j' is being shutdown
$ ls -laF /dev/nbd0
brw-rw---- 1 root root 43, 0 Aug 7 10:05 /dev/nbd0
That puzzles me a bit. On other hot add/remove actions e.g. of qcow2 files on ext4 both parts (in & out) of the dynamic ownership take place.
I do know that restoring depends on xattr being present to store the info we need to restore. And devtmpfs might just not have xattr to store it.
But why does hot add/remove not fail-restore it? Does it have a better way to remember that it didn't change permissions when it was added?