9p (libvirt/QEMU) share modes
Share modes define how the virtualised (p9fs) file system is presented to the guest machine. There are important implications for permission mapping. To understand this, it's important to remember that the virtualised file system needs to manage permissions of files and they may not be the same in the host as they are in the guest.
The best docs I have found regarding the modes is from the libvirt docs:
The filesystem block has an optional attribute
accessmode which specifies the security mode for accessing the source (since 0.8.5). Currently this only works with
type='mount' for the QEMU/KVM driver. The possible values are:
sourceis accessed with the permissions of the user inside the guest. This is the default
accessmodeif one is not specified. More info. Beware that changes to permissions/ownership will affect all guests using that filesystem. This mode is generally quite fast.
mappedThe source is accessed with the permissions of the hypervisor (QEMU process). More info. This means you need to make sure that files on the hypervisor are accessible to the QEMU process (username
libvirt-qemuon my setup). The advantage is that file attributes and permissions are "mapped" for the guest so that they are independent changes elsewhere (as long as the files stay accessible). If your host system supports ACLs, this mode will also allow proper ACL support in the guest. This mode is generally a bit slower than passthrough.
squashSimilar to 'passthrough', the exception is that failure of privileged operations like 'chown' are ignored. This makes a passthrough-like mode usable for people who run the hypervisor as non-root. More info
I once had a very similar problem, providing read-write access to the shared folder. It was possible to read files but I was not allowed to write files to the shared source path folder.
Unix & Linux - KVM / QEMU / Virt-Manager : How can I store files in the mounted shared folder
The root cause is that the guest system is running as
libvirt-qemu user. What you should do to create files from within the running guest system in the mounted shared folder are these steps :
Add Hardware ->
Mode setting for the VM.
Change permissions for the shared folders :
sudo chmod -R 777 /<path-to-shared-folder>
Change the owner to your username :
sudo chown -R user:user /<path-to-shared folder>
Change the permissions for virtual disk files :
sudo chmod -R 777 /<path-to-virtual-disks>
Change the owner to your username :
sudo chown -R user:user /<path-to-virtual-disks>
Add your username to the
libvirtd group :
sudo usermod -G libvirtd -a <your-user-name>
Give full permissions to the
libvirt-qemu user :
sudo setfacl -R -m u:libvirt-qemu:rwx /*
Note : * = Specify the folder directory hierarchy you want to give
libvirt-qemu the permissions.
Reboot the host operating systems ... now you should be able to create files in the guest system.
Information about 9p virtio -> Sharing Host files with the Guest | QEMU Documentation 9psetup
Mode specifies the security mode for accessing the source.
Mapped specifies that the source is accessed with the permission settings of the hypervisor.
Passthrough specifies that the source is accessed with the user's permission settings that are set from inside the virtual guest machine. This is the default mode.
Squash is similar to
Passthrough, the difference is that the failure of privileged operations like
chown are ignored, this makes a
Passthrough mode usable for users who are running the hypervisor without elevated privileges.