On Thu, Jul 31, 2008 at 01:26:17PM -0500, Anthony Liguori wrote:
So while I think it's valid to have a "read-only disk" exposed to the
guest, I don't think the user should have anything to do with how we
open the file.
Is there some specific circumstance you are trying to support?
The scenario is that the admin wants to assign a read only disk to the
virtual machine - typically the same disk to multiple machines - and
thus want to guarentee that no one VM can write to it, since bad things
happen if you do that with non-cluster filesystems.
Controlling this based on the underlying permissions of the file backing
the drive is not practical. Things like udev happy set permissions on
devices in /dev/ behind your back, so you'd have to edit the horrible udev
config files to make /dev/sdXX readonly. It is a far simpler task to
simply add ,mode=ro to the QEMU command line for -drive to accomplish
this, than finding the obscure file to edit to make the underling file
have read only permissions