initrdinject: Force added files to be owned as root (bz 1686464)

systemd in fedora30 has some new security restriction about non-root owned directories. Initrd inject would tickle this because the cpio archive would cause the root dir in the initrd to be owned by the uid that launched virt-install. Pass --owner=+0:+0 to cpio to force root ownership Suggested-by: James Szinger <jszinger@gmail.com> https://bugzilla.redhat.com/show_bug.cgi?id=1686464
author: Cole Robinson <crobinso@redhat.com> 2019-04-03 18:07:12 -0400
committer: Cole Robinson <crobinso@redhat.com> 2019-04-03 20:29:16 -0400
commit: c6b5f22fa61d87557b5fab23be080073d2f7906e (patch)
tree: 154226a6b1dace0cdc5ed36c0d2619d4ff364815
parent: d252061b4ba0b1489bda3aeff497cdb2f97cb308 (diff)
download: virt-manager-c6b5f22fa61d87557b5fab23be080073d2f7906e.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/virtinst/initrdinject.py b/virtinst/initrdinject.py
index 9a09f20c..4032f9ba 100644
--- a/virtinst/initrdinject.py
+++ b/virtinst/initrdinject.py
@@ -31,7 +31,7 @@ def perform_initrd_injections(initrd, injections, scratchdir):
                                  stderr=subprocess.PIPE,
                                  cwd=tempdir)
     cpio_proc = subprocess.Popen(['cpio', '--create', '--null', '--quiet',
-                                  '--format=newc'],
+                                  '--format=newc', '--owner=+0:+0'],
                                  stdin=find_proc.stdout,
                                  stdout=subprocess.PIPE,
                                  stderr=subprocess.PIPE,
author	Cole Robinson <crobinso@redhat.com>	2019-04-03 18:07:12 -0400
committer	Cole Robinson <crobinso@redhat.com>	2019-04-03 20:29:16 -0400
commit	c6b5f22fa61d87557b5fab23be080073d2f7906e (patch)
tree	154226a6b1dace0cdc5ed36c0d2619d4ff364815
parent	d252061b4ba0b1489bda3aeff497cdb2f97cb308 (diff)
download	virt-manager-c6b5f22fa61d87557b5fab23be080073d2f7906e.tar.gz