bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libvirt] Fwd: libvirtd failing on MacOS in setgroups


From: Bruno Haible
Subject: Re: [libvirt] Fwd: libvirtd failing on MacOS in setgroups
Date: Mon, 30 Sep 2019 14:06:07 +0200
User-agent: KMail/5.1.3 (Linux/4.4.0-159-generic; KDE/5.18.0; x86_64; ; )

Daniel P. Berrangé wrote:
> > > FWIW I compiled libvirt without the setgroups code on Mac and it
> > > worked as expected. Not sure what the implications of that are though?
> > 
> > OK, then the fix would be to not use setgroups on Mac, and nothing to do
> > in gnulib. Right?
> 
> Not calling setgroups means the QEMU process doesn't run with any of
> the supplementary groups associated with its user account, so this is
> not really a working solution. It re-introduces the bug that the
> setgroups call was added to fix.

For what purpose is libvirt or QEMU using setgroups()? What goes wrong if
setgroups() fails?

The problem is that the Darwin kernel does not support setting more than
NGROUPS_MAX (= 16) groups. So
  - What happens when you have a user account which is in more than 16
    groups? What do other processes do in this sitation?
  - Is using the first 16 groups and ignoring the extra ones an acceptable
    solution?

Bruno




reply via email to

[Prev in Thread] Current Thread [Next in Thread]