On Thu, May 30, 2024 at 04:15:33PM +0100, Fabio Natali wrote:
> Hi,
> 
> A quick question re the 'guix system vm' command. When used in
> combination with '--share=/foo=/bar', the command takes advantage of
> QEMU's 'virtfs' option to share a folder between the host and the guest.
> 
> Interestingly, the command makes use of the 'security_model=none'
> option. An alternative, one that I've seen recommended in some QEMU
> docs⁰, would be using 'security_model=mapped-xattr'.
> 
> Is there any particular reason why we're using 'none' instead of
> 'mapped-xattr'?  The reason I'm asking is because I'm struggling with
> some permission issues on a shared folder and I'd have a vague intuition
> (or some hope) that 'mapped-xattr' might be a solution.
> 

It looks like it was set in April 2014, so it may be time to revisit
it and see if changing the security_model works.

-- 
Efraim Flashner   <efraim@flashner.co.il>   רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted