From 21c3c2507e2e393050e86fbf028c5a30dcdec98e Mon Sep 17 00:00:00 2001 From: Jean-Philippe Ouellet Date: Tue, 21 Nov 2017 03:01:03 -0500 Subject: [PATCH] volume.Import: write data with sufficient privs Not sure how this ever worked before, if it did. The device nodes pointed to by /dev/qubes_dom0/* are owned by root:disk with perms 660, qubes user is not in disk group, and service is invoked as qubes user, not root. --- qubes-rpc/admin.vm.volume.Import | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qubes-rpc/admin.vm.volume.Import b/qubes-rpc/admin.vm.volume.Import index 1903387e..4bfaa70f 100755 --- a/qubes-rpc/admin.vm.volume.Import +++ b/qubes-rpc/admin.vm.volume.Import @@ -43,7 +43,7 @@ size=$(tail -c +3 "$tmpfile"|cut -d ' ' -f 1) path=$(tail -c +3 "$tmpfile"|cut -d ' ' -f 2) # now process stdin into this path -if dd bs=4k of="$path" count="$size" iflag=count_bytes,fullblock \ +if sudo dd bs=4k of="$path" count="$size" iflag=count_bytes,fullblock \ conv=sparse,notrunc,nocreat,fdatasync status=none; then status="ok" else