> Manpage: the description of '-runs' didn't show this parameter will use > setuid, so the customer might get confused when 'elevateprivileges=deny' is > used. Since '-runas' is going to be deprecated and replaced by this > parameter in the coming qemu9.1, add the message here.
Queued, thanks. I modified the patch a bit to explain how setgid and setgroups are used in addition to setuid: diff --git a/qemu-options.hx b/qemu-options.hx index ad6521ef5e7..694fa37f284 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -5024,8 +5024,11 @@ SRST in combination with -runas. ``user=username`` or ``user=uid:gid`` can be used to drop root privileges - by switching to the specified user (via username) or user and group - (via uid:gid) immediately before starting guest execution. + before starting guest execution. QEMU will use the ``setuid`` and ``setgid`` + system calls to switch to the specified identity. Note that the + ``user=username`` syntax will also apply the full set of supplementary + groups for the user, whereas the ``user=uid:gid`` will use only the + ``gid`` group. Paolo