How to set default permissions for libvirt VM files

Asked Jan 12 '18 at 15:15

Active Jan 12 '18 at 20:30

Viewed 2,430 times

When I create a new virtual machine using virt-manager, a qcow2 file is created with read permission for all:

rw-r--r-- 1 libvirt-qemu libvirt-qemu  53695545344 Jan 12 16:24 vm.qcow2

I find it surprising that any user can read the content of the VM. I can restrict access to the parent directory, but what is the rationale for this?

Is there a way to set those permissions from virt-manager?

Is there a way to define a default umask for new VMs?

Investigating this, I'm wondering how the files are created in the first place since their directory is

rwxr-xr-x 2 root root

si only root can write in there.

I'm using virt-manager with my user with no special powers except being in libvirt group.

The host server is a Debian Jessie. The desktop that runs virt-manager is a Debian Jessie as well but I don't think that matters.

edited Jan 12 '18 at 20:30

asked Jan 12 '18 at 15:15

Jérôme

What Linux distribution are you referring to? RHEL and Fedora don't do this. – Michael Hampton Jan 12 '18 at 16:22
Debian Jessie. I'll double-check, then. But I'm pretty sure I didn't mess-up with that myself. – Jérôme Jan 12 '18 at 20:31

0 Answers0