On Wed, Aug 22, 2018 at 06:39:52PM +0200, Marc-André Lureau wrote: > Hi > > On Wed, Aug 22, 2018 at 6:37 PM Marc-André Lureau > <marcandre.lur...@gmail.com> wrote: > > > > Hi > > > > On Wed, Aug 22, 2018 at 6:08 PM Daniel P. Berrangé <berra...@redhat.com> > > wrote: > > > We would have to make libvirt probe for tsync support too, because it > > > now unconditionally uses -sandbox for new enough QEMU. > > > > sigh :( that's where the -sandbox tsync option could have been helpful > > keeping the compatibility. > > So what can libvirt do if tsync is not available?
It depends how libvirt is configured. If /etc/libvirt/qemu.conf has seccomp=1, then we'd blindly start QEMU and expect QEMU to fail because -sandbox can't be usefully enforced. If qemu.conf has "seccomp" unset, then we'd simply not use -sandbox flag for any guests. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|