From 1a6333f842525e331508ad05a85508d3d31eb2d8 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 4 Jun 2013 17:37:03 +0100
Subject: [PATCH] Ensure non-root can read /proc/meminfo file in LXC containers

By default files in a FUSE mount can only be accessed by the
user which created them, even if the file permissions would
otherwise allow it. To allow other users to access the FUSE
mount the 'allow_other' mount option must be used. This bug
prevented non-root users in an LXC container from reading
the /proc/meminfo file.

https://bugzilla.redhat.com/show_bug.cgi?id=967977

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 922ebe4ead4a30a6a94731d31b980d0eae113894)
---
 src/lxc/lxc_fuse.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/lxc/lxc_fuse.c b/src/lxc/lxc_fuse.c
index fbd0d56c95..3f4787b789 100644
--- a/src/lxc/lxc_fuse.c
+++ b/src/lxc/lxc_fuse.c
@@ -306,6 +306,7 @@ int lxcSetupFuse(virLXCFusePtr *f, virDomainDefPtr def)
     /* process name is libvirt_lxc */
     if (fuse_opt_add_arg(&args, "libvirt_lxc") == -1 ||
         fuse_opt_add_arg(&args, "-odirect_io") == -1 ||
+        fuse_opt_add_arg(&args, "-oallow_other") == -1 ||
         fuse_opt_add_arg(&args, "-ofsname=libvirt") == -1)
         goto cleanup1;