From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id ED44D275869
	for <kdevops@lists.linux.dev>; Fri, 30 May 2025 17:52:35 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1748627556; cv=none; b=qE/7aU/FKUR5eSDl6n2HbDwoENBccTSEh3FLK99HvQvz/ek5GuU7xRYIbSVwFZpt30pP9alY3BB60DUPNe0g0u3L4ixQKy4PIHAWPo/UpYooJ+ta6VYw8pU/WNSBxmH6eF/u74gb1WE1IGgzUS/mfqpG/iKh8uJ8ogZo+Ri0ULA=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1748627556; c=relaxed/simple;
	bh=wXX+h/M4lfHLkil2CT/+WdEol9Uqt9pA/krKJpjcgBU=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version; b=TfN0VO4NLpy83DQHoKousp2cafJbkwRWLsHW4IcfrrwHIp2if1MT4XmjmFCXXYeCCzvUxGgQvQ2RtLrxu4XdXOrDxRzUtgIQW5lTAw9xuU2FSZiZ1n4tKnb+5vPm0Zs2iEG7hSo1fSwa8mM6e1cfmk+azau4DS0zH2QbrGmjnI4=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=XVNOwG56; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="XVNOwG56"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8D777C4CEEB;
	Fri, 30 May 2025 17:52:35 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1748627555;
	bh=wXX+h/M4lfHLkil2CT/+WdEol9Uqt9pA/krKJpjcgBU=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=XVNOwG56F4nfFe3Z3mtWyMb/p6PKWE94or+9UdT+LjtE3yyPpscmO+XApO7C38B+O
	 nOuGvrLY5rKbRB7nu4887L76s5Ujr/K9lSDaXsJANYyHEaLadaAaWaejGRrGf8Z8a2
	 wITu/G1pHiPP3PqVVtxoJqf0UN0/jlltxQlEHoNOV8Xv5AFnQmBDRBeDje23zHq/LS
	 nZAgK5RaHUcfL7mhNu7XPkWX+0uJelII+A41ApzZpqdKXp8KC4zkvPHDwG/xNhIQl9
	 R9SJ4yCjQFROVCtbeAq87mn2vI53zDyvECG/uZ/H+0uypE8p81MxK5WjOAqQNQjz3j
	 sBYrDLcvAH9TQ==
From: Chuck Lever <cel@kernel.org>
To: <kdevops@lists.linux.dev>
Cc: Chuck Lever <chuck.lever@oracle.com>
Subject: [PATCH v2 06/12] guestfs: Move the QEMU_GROUP check
Date: Fri, 30 May 2025 13:52:23 -0400
Message-ID: <20250530175229.489925-7-cel@kernel.org>
X-Mailer: git-send-email 2.49.0
In-Reply-To: <20250530175229.489925-1-cel@kernel.org>
References: <20250530175229.489925-1-cel@kernel.org>
Precedence: bulk
X-Mailing-List: kdevops@lists.linux.dev
List-Id: <kdevops.lists.linux.dev>
List-Subscribe: <mailto:kdevops+subscribe@lists.linux.dev>
List-Unsubscribe: <mailto:kdevops+unsubscribe@lists.linux.dev>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

From: Chuck Lever <chuck.lever@oracle.com>

The qemu group check is needed by both the stoage-pool-path tag
and the bringup_guestfs.sh, but is done only by the latter. The
makefile runs the former first, however.

Move the check earlier during bring-up.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
 .../guestfs/tasks/bringup/storage-pool-path.yml    | 14 ++++++++++++++
 scripts/bringup_guestfs.sh                         |  8 --------
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/playbooks/roles/guestfs/tasks/bringup/storage-pool-path.yml b/playbooks/roles/guestfs/tasks/bringup/storage-pool-path.yml
index 50f804cc304c..385b6cdfdbe7 100644
--- a/playbooks/roles/guestfs/tasks/bringup/storage-pool-path.yml
+++ b/playbooks/roles/guestfs/tasks/bringup/storage-pool-path.yml
@@ -1,4 +1,18 @@
 ---
+- name: Get the user who invoked Ansible
+  ansible.builtin.command:
+    cmd: "id -Gn"
+  register: id_group
+  changed_when: false
+
+- name: Group membership check failed
+  vars:
+    user_groups: "{{ id_group.stdout | split }}"
+  ansible.builtin.fail:
+    msg: "Ansible user is not part of the {{ libvirt_qemu_group }} group."
+  when:
+    - libvirt_qemu_group not in user_groups
+
 - name: Create storage pool path directory (libvirt session uri)
   # noqa: risky-file-permissions
   ansible.builtin.file:
diff --git a/scripts/bringup_guestfs.sh b/scripts/bringup_guestfs.sh
index 67f85a5fdb0a..55b13a0cb2cc 100755
--- a/scripts/bringup_guestfs.sh
+++ b/scripts/bringup_guestfs.sh
@@ -31,14 +31,6 @@ OS_VERSION=${CONFIG_VIRT_BUILDER_OS_VERSION}
 BASE_IMAGE_DIR="${STORAGEDIR}/base_images"
 BASE_IMAGE="${BASE_IMAGE_DIR}/${OS_VERSION}.raw"
 
-if id -nG "$(whoami)" | grep -qw "$QEMU_GROUP"; then
-    echo "User $USER is part of the $QEMU_GROUP group."
-else
-    echo "Error: User $USER is not part of the $QEMU_GROUP group. Exiting..."
-    echo "Fix this and come back and try again."
-    exit 1
-fi
-
 build_custom_source()
 {
 	SOURCE_TMP=$(mktemp)
-- 
2.49.0