From: Paolo Bonzini <pbonzini@redhat.com>
To: John Stoffel <john@stoffel.org>
Cc: linux-kernel@vger.kernel.org, axboe@kernel.dk,
linux-scsi@vger.kernel.org, jbottomley@parallels.com
Subject: Re: [PATCH] scsi: allow persistent reservations without CAP_SYS_RAWIO
Date: Tue, 12 Jun 2012 19:13:30 +0200 [thread overview]
Message-ID: <4FD778BA.8040201@redhat.com> (raw)
In-Reply-To: <20439.30634.460606.215696@quad.stoffel.home>
Il 12/06/2012 19:08, John Stoffel ha scritto:
> Paolo> Persistent reservations commands cannot be issued right now
> Paolo> without giving CAP_SYS_RAWIO to the process who wishes to send
> Paolo> them. This is a bit heavy-handed, allow these two commands.
>
> This seems like a bad idea, now anyone can just put in a SCSI
> reservation on a system and then you have to hunt around trying to
> figure it out.
What's the difference from anyone destroying data on a disk? You still
need write access to the block device node. Also, you could already do
the same if you have root permissions on your _local_ machine.
(BTW, please reply to these objections where I already stated them, in
the answer to James Bottomley).
> What's the motivation here? What's the use case this solves?
I would like to give access to persistent reservations to VMs, without
having to run qemu as root. One alternative is to run a userspace iSCSI
initiator, but of course that would only work with iSCSI.
Paolo
prev parent reply other threads:[~2012-06-12 17:13 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-12 16:08 [PATCH] scsi: allow persistent reservations without CAP_SYS_RAWIO Paolo Bonzini
2012-06-12 16:21 ` James Bottomley
2012-06-12 16:24 ` Paolo Bonzini
2012-06-12 16:54 ` Paolo Bonzini
2012-06-12 16:54 ` Paolo Bonzini
2012-06-12 17:20 ` James Bottomley
2012-06-12 17:25 ` Paolo Bonzini
2012-06-12 18:02 ` James Bottomley
2012-06-12 18:39 ` Paolo Bonzini
2012-06-12 16:55 ` Alan Cox
2012-06-12 17:08 ` Paolo Bonzini
2012-06-12 18:52 ` Can we pass a file handle down to the block ioctls to implement per file filters on scsi SG_IO ? Alan Cox
2012-06-12 19:13 ` Paolo Bonzini
2012-06-12 17:08 ` [PATCH] scsi: allow persistent reservations without CAP_SYS_RAWIO John Stoffel
2012-06-12 17:13 ` Paolo Bonzini [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4FD778BA.8040201@redhat.com \
--to=pbonzini@redhat.com \
--cc=axboe@kernel.dk \
--cc=jbottomley@parallels.com \
--cc=john@stoffel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.