FS#45990 - [ovmf] change permission to 0666 to allow non-root qemu access
Attached to Project:
Arch Linux
Opened by Tom Yan (tom.ty89) - Saturday, 15 August 2015, 09:09 GMT
Last edited by Doug Newgard (Scimmia) - Sunday, 01 November 2015, 16:29 GMT
Opened by Tom Yan (tom.ty89) - Saturday, 15 August 2015, 09:09 GMT
Last edited by Doug Newgard (Scimmia) - Sunday, 01 November 2015, 16:29 GMT
|
Details
Description:
qemu checks whether the user has write permission on the firmware files. Having the files with permission of 0666 allows qemu to have access to the files even when running with non-root users. Steps to reproduce: [tom@localhost ~]$ ls -l /usr/share/ovmf/ovmf_x64.bin -rw-r--r-- 1 root root 1048576 Aug 15 16:59 /usr/share/ovmf/ovmf_x64.bin [tom@localhost ~]$ qemu-system-x86_64 -enable-kvm -drive file=/usr/share/ovmf/ovmf_x64.bin,format=raw,if=pflash qemu-system-x86_64: -drive file=/usr/share/ovmf/ovmf_x64.bin,format=raw,if=pflash: Could not open '/usr/share/ovmf/ovmf_x64.bin': Permission denied [tom@localhost ~]$ sudo chmod 666 /usr/share/ovmf/ovmf_x64.bin [tom@localhost ~]$ qemu-system-x86_64 -enable-kvm -drive file=/usr/share/ovmf/ovmf_x64.bin,format=raw,if=pflash ^Cqemu: terminating on signal 2 [tom@localhost ~]$ |
This task depends upon
Closed by Doug Newgard (Scimmia)
Sunday, 01 November 2015, 16:29 GMT
Reason for closing: Not a bug
Additional comments about closing: Requested by user
Sunday, 01 November 2015, 16:29 GMT
Reason for closing: Not a bug
Additional comments about closing: Requested by user
Please read the documentation. Use something like: -drive if=pflash,format=raw,readonly,file=/usr/share/ovmf/ovmf_x64.bin -drive if=pflash,format=raw,file=efi-vars.img
No idea what this CODE/VARS split is about.
(*) split in the two parts with dd at [0-128K) {vars}, [128K-end] {code} versions must match.