Re: [PATCH 06/10] tests/avocado/kvm_xen_guest.py: cope with asset RW requirements

[Philippe Mathieu-Daudé]

On 1/8/24 05:30, Cleber Rosa wrote:
> On Mon, Dec 11, 2023 at 11:32 AM Philippe Mathieu-Daudé
> <philmd@linaro.org> wrote:
> > On 8/12/23 20:09, Cleber Rosa wrote:
> > > Some of these tests actually require the root filesystem image,
> > > obtained through Avocado's asset feature and kept in a common cache
> > > location, to be writable.
> > >
> > > This makes a distinction between the tests that actually have this
> > > requirement and those who don't.  The goal is to be as safe as
> > > possible, avoiding causing cache misses (because the assets get
> > > modified and thus need to be dowloaded again) while avoid copying the
> > > root filesystem backing file whenever possible.
> >
> > Having cache assets modified is a design issue. We should assume
> > the cache directory as read-only.
>
> I agree those files should not be modified, but I wonder if you
> thought about any solution to this? Given that the same user writes
> (downloads) those files, do you think setting file permissions between
> the download and the use of the files should be done?

We want to share a cachedir on development hosts with multiple
developers. OK to alter a downloaded file before adding it to
the cache; but then once a file is added/hashed it shouldn't be
modified IMO.

So far this directory is group=RW but we like the ability to track
a read-only directory (like owned by a particular user) and adding
missing assets to current user cachedir, to avoid duplication of
files and waste of network transfer.

> That can make the management of the cache (such as pruning it) either
> require undoing the restriction or being done by a super user.
>
> Anyway, just curious.
>
> Regards,
> - Cleber.