> +def entries(self):
> > > +return self.build_entry(self.DISK_PW_GUID,
> > > +self.disk_password + bytes([0]),
> > > 4)
> > > +
> >
> > This bytes([0]) NUL byte ends up in the efi_secret /sys path
be the way to wire the simple disk key from
> your EFI/SEV mechanism up to LUKS? )
We did a write up about this a while ago on the virt list:
https://listman.redhat.com/mailman/private/ibm-virt-security/2021-December/000498.html
Dimitri Pal is on the reply suggesting effectively the above and we had
quite a discussion about it, the upshot of which was that we might get
it to work for -SNP and TDX, but it couldn't work for plain SEV and
-ES. What we were looking at above is a mechanism for unifying all the
flavours of boot.
James
Dear libvir[t] hackers,
## Intro
I'd like to tell you about a project I'm working on, how it pertains to
libvirt, and to inspire you about this idea.
I thought I'd first give you some quick background about myself... Skip
to '## Project' if you'd prefer... I'm
I needed to specify the iobase address for certain exotic mips configurations.
Signed-off-by: James Cowgill
---
src/qemu/qemu_command.c| 12 ++--
.../qemuxml2argv-serial-dev-chardev-iobase.args| 7 +
.../qemuxml2argv-serial-dev-chardev-iobase.xml
I needed to specify the iobase address for certain exotic mips configurations.
Signed-off-by: James Cowgill
---
src/qemu/qemu_command.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 61faa57..e1d53c2
I see no reason to duplicate this list of architectures. This also allows
more guest architectures to be used with libvirt (like the mips64el qemu
machine I am trying to run).
Signed-off-by: James Cowgill
---
docs/schemas/domaincommon.rng | 26 ++
1 file changed, 6
l not have an 802.1Q
header.
From: sendmail [justsendmailnothinge...@gmail.com] on behalf of Laine Stump
[la...@laine.org]
Sent: 22 February 2015 19:31
To: Libvirt
Cc: Robson, James
Subject: Exact meaning of "nativeMode" attribute in vlan tags
You&
Adding functionality to libvirt that will allow it
query the ethtool interface for the availability
of certain NIC HW offload features
Here is an example of the feature XML definition:
net_eth4_90_e2_ba_5e_a5_45
/sys/devices/pci:00/:00:03.0/:08:00.1/net/eth4
pci__08_00_1
Adding functionality to libvirt that will allow it
query the ethtool interface for the availability
of certain NIC HW offload features
Here is an example of the feature XML definition:
net_eth4_90_e2_ba_5e_a5_45
/sys/devices/pci:00/:00:03.0/:08:00.1/net/eth4
pci__08_00_1
Thanks for your feedback folks, v2 to follow.
Thanks
James
-Original Message-
From: Daniel P. Berrange [mailto:berra...@redhat.com]
Sent: Monday, February 16, 2015 11:47 AM
To: Chapman, James P
Cc: libvir-list@redhat.com
Subject: Re: [libvirt] [PATCH] SRIOV NIC offload feature
Adding functionality to libvirt that will allow it
query the ethtool interface for the availability
of certain NIC HW offload features
---
src/conf/device_conf.h | 6 ++
src/conf/node_device_conf.c| 7 ++
src/conf/node_device_conf.h| 2 +
src/libvirt_private.syms
Adding functionality to libvirt that will allow it
query the ethtool interface for the availability
of certain NIC HW offload features
---
src/conf/device_conf.h | 6 ++
src/conf/node_device_conf.c| 7 ++
src/conf/node_device_conf.h| 2 +
src/libvirt_private.syms
ETHTOOL_GRXCSUM
* ETHTOOL_GTXCSUM
* ETHTOOL_GTSO
* ETHTOOL_GFLAGS
So I'm looking for your opinions on this feature proposal, does it make sense,
is it already being worked on.
Thanks
James
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On 2014/9/16 21:51, Eric Blake wrote:
> On 09/16/2014 07:19 AM, James wrote:
>> I clean up all _virDomainInterfaceStats.
>>
>> Signed-off-by: James
>
> Generally, we prefer authorship information to list a full name. Based
> on your email address, would "J
On 2014/9/16 21:51, Eric Blake wrote:
> On 09/16/2014 07:19 AM, James wrote:
>> I clean up all _virDomainInterfaceStats.
>>
>> Signed-off-by: James
>
> Generally, we prefer authorship information to list a full name. Based
> on your email address, would "J
I clean up all _virDomainBlockStats.
Signed-off-by: James
Signed-off-by: Wang Rui
---
src/driver.h | 2 +-
src/libvirt.c| 2 +-
src/lxc/lxc_driver.c | 2 +-
src/qemu/qemu_driver.c | 2 +-
src/test/test_driver.c | 2 +-
src/xen/block_stats.c
I clean up all _virDomainMemoryStat.
Signed-off-by: James
Signed-off-by: Wang Rui
---
daemon/remote.c | 2 +-
src/driver.h | 2 +-
src/lxc/lxc_driver.c | 2 +-
src/qemu/qemu_driver.c | 2 +-
src/qemu/qemu_monitor_text.c | 2 +-
src/remote
I clean up all _virDomainInterfaceStats.
Signed-off-by: James
Signed-off-by: Wang Rui
---
src/driver.h | 2 +-
src/libvirt.c| 4 ++--
src/lxc/lxc_driver.c | 4 ++--
src/openvz/openvz_driver.c | 2 +-
src/qemu/qemu_driver.c | 2 +-
src/test
I find some struct XXX can be converted to typedefs. And I
clean them up.
James (3):
maint: clean up _virDomainInterfaceStats
maint: clean up _virDomainBlockStats
maint: clean up _virDomainMemoryStat
daemon/remote.c | 2 +-
src/driver.h | 6 +++---
src
On 2014/8/5 17:13, Martin Kletzander wrote:
> On Tue, Aug 05, 2014 at 03:15:18PM +0800, James wrote:
>> In fact, to deal with this kind of situation, we add some timeout codes in
>> libvirtd, during remote_dispatch process.
>> The mechanism is like this:
>> 1. when
On 2014/8/4 19:59, Martin Kletzander wrote:
> On Sat, Jul 26, 2014 at 03:47:09PM +0800, James wrote:
>> On 2014/7/25 18:07, Martin Kletzander wrote:
>>
>>> On Fri, Jul 25, 2014 at 04:45:55PM +0800, James wrote:
>>>> There's a kind of situation tha
On 2014/7/25 18:07, Martin Kletzander wrote:
> On Fri, Jul 25, 2014 at 04:45:55PM +0800, James wrote:
>> There's a kind of situation that when libvirtd's under a lot of pressure,
>> just as we
>> start a lot of VMs at the same time, some libvirt APIs may take a lo
nism to help us out. When one API takes more than some
time, it can
return time out as a result, and do some rolling back.
So my question is: do we have a plan to give a 'time out' solution or a better
solution
to fix this kind of problems in the future? And when?
Thanks all!
--
Best
virTimeFieldsThenRaw will never return negative result, so I clean up
the related meaningless judgements to make it better.
Signed-off-by: James
---
src/util/virtime.c | 23 ---
src/util/virtime.h | 8
tests/virtimetest.c | 3 +--
3 files changed, 13 insertions
> Quoting from http://libvirt.org/hacking.html: "One should avoid
> sending patches as attachments, but rather send them in email body
> along with commit message." We prefer git send-email.
>
>
From 1fe98454aa52d9ef45b048212ae7406cc1ee08f9 Mon Sep 17 00:00:00 2001
Doc patch for apps.html as per: http://libvirt.org/apps.html#add
Cheers,
James
Disclaimer: I've contributed patches to the project that this commit
adds.
From 1fe98454aa52d9ef45b048212ae7406cc1ee08f9 Mon Sep 17 00:00:00 2001
From: James Shubin
Date: Sun, 11 May 2014 00:17:23 -0400
Su
To whom it may concern,
I’m just beginning to use the libvirt suite of tools and, in going through your
wiki, I’ve found a couple of minor things (mostly typos) that I would
immediately correct.
Also, if I get my project up, I may be able to provide some less-trivial
examples of network setu
; directory, then A may fail to
find the dirctory removed by B.
发件人: Daniel P. Berrange [berra...@redhat.com]
发送时间: 2014年3月21日 1:16
收件人: Michal Privoznik
抄送: Wangyufei (James); libvir-list@redhat.com; Moyuxiang; Zhaoyanbin (A);
Wangrui (K)
主题: Re: [libvirt] [PATCH] cgroup: Fix st
>From 0163328efa67da1d63e504c86e323db5affa378f Mon Sep 17 00:00:00 2001
From: Wang Yufei
Date: Thu, 20 Mar 2014 07:14:01 +
Subject: [PATCH] cgroup: Fix start VMs coincidently failed
When I start multi VMs coincidently and any of the cgroup directories
named machine doesn't exist. There's a cha
Hello,
When I start multi VMs coincidently and any of the cgroup directories
named machine doesn't exist. There's a chance that VM start failed. And
the errors reported are:
1. Unable to initialize /machine cgroup: File exists
2. Unable to create cgroup for sit_vm_16: No such file or directory
Thanks all! I will have a think about it.
> -Original Message-
> From: Jiri Denemark [mailto:jdene...@redhat.com]
> Sent: Monday, March 03, 2014 9:31 PM
> To: Daniel P. Berrange
> Cc: Wangyufei (James); libvir-list@redhat.com; Moyuxiang; Zhaoyanbin (A)
> Subject: Re: [
Hello,
I find that QEMU supports to set boot(QMP command "boot_set") order online,
namely the virtual machine
can be reboot in appointed order, but libvirt had no corresponding interface.
So, I want to know if libvirt intend to
support to set boot order online. If the answer is yes, I'll tr
Hello,
Recently I noticed that if I gave no model to qemu, then I would get
'qemu64' as default cpu model.
Model 'qemu64' defined in qemu and defined in libvirt both support feature
'svm'. And if I start a VM with
'qemu64' as the qemu default model, I can get no 'svm' feature in the GuestOS
Hello,
When I call virDomainManagedSave, libvirtd will fork a child process
libvirt_iohelper to write save file, and the system cache will
increase soon just like this:
Swap:0M total,0M used,0M free, 1668M cached
Swap:0M total,0M used,0M fr
> -Original Message-
> From: Martin Kletzander [mailto:mklet...@redhat.com]
> Sent: Thursday, February 13, 2014 6:08 PM
> To: Wangyufei (James)
> Cc: libvir-list@redhat.com; Wangrui (K); Zhaoyanbin (A)
> Subject: Re: [libvirt] [PATCH] cpu: break out when a right
Hello,
I find that the cpu model Westmere defined in recently qemu has the cupid
CPUID_EXT_PCLMULQDQ,
but the cpu model Westmere defined in libvirt doesn't have it, SandyBridge
defined in libvirt has it. In my opinion,
the same cpu model defined in qemu and libvirt should have the same cpuid
>From 8123c5d64f940fa0fb0de32fc5e68035980b6b01 Mon Sep 17 00:00:00 2001
From: WangYufei
Date: Thu, 13 Feb 2014 07:17:11 +
Subject: [PATCH] cpu: break out when a right cpuCandidate found
In function x86Decode there's a code segment in while cycle like this:
if (cpuModel == NULL
Hello,
I want to use ivshmemory device which is supported by qemu, but libvirt does
not support it.
So I use qemu:commandline to make ivshmemory device in qemu command
pass-through.
But then hot-plug a virtio-net device failed.
The reason is that a qemu:commandline pci device's slot number is
>From 51782a44eecf5801e5100920e5965d8dfc46e4cc Mon Sep 17 00:00:00 2001
From: Zhou Yimin
Date: Thu, 2 Jan 2014 16:32:46 +0800
Subject: [PATCH] qemuStateInitialize: Create qemu log directory
When an error occurred in qemuProcessStart before qemu log directory created,
it will fail to create qemu l
hi , I am confused by pinvcpu before migration.
I have two physical machine. One has 12 CPUs (E5645 2*6 ) as src and the other
has 8 CPUs (2*4) as des.
Step 1 : VM is running on src host (E5645 2*6 CPUs) with its VCPUs pinned on
some PCPUs
Step 2 :Because PCPU count is different between src an
>From be1ce1c794b05a27aa85d037500a821b8c514d12 Mon Sep 17 00:00:00 2001
From: Zhou Yimin
Date: Fri, 6 Dec 2013 11:38:14 +0800
Subject: [PATCH] Cgroup: Replace 'newpath' with 'newPath'
Unifying codding style, replace 'newpath' with 'newPath'.
From: Zhou Yimin
---
src/util/vircgroup.c | 12 +++
rror
When an error occurred in qemuAgentIO, it will be saved in mon->lastError,
but it will not be freed at last.
So I add the following code to fix it.
> -Original Message-
> From: Eric Blake [mailto:ebl...@redhat.com]
> Sent: Thursday, December 05, 2013 5:51 AM
> To: Wa
When an error occurred in qemuAgentIO, it will be saved in mon->lastError,
but it will not be freed at last.
So I add the following code to fix it.
==22219== 54 bytes in 1 blocks are definitely lost in loss record 982 of 1,379
==22219==at 0x4C26B9B: malloc (vg_replace_malloc.c:263)
==22219==
When an error occurred in qemuMonitorIO, it will be saved in mon->lastError,
but the memory which mon->lastError.message, mon->lastError.str1,
mon->lastError.str2 and mon->lastError.str3 will not be freed at last.
The same bug happened in qemuAgentIO. So I add the following code to fix it.
Signed-
On Mon, 2013-08-26 at 11:35 +0800, Gao feng wrote:
> On 08/26/2013 11:19 AM, James Bottomley wrote:
> > Yes, we are discussing this problem in this whole thread.
I wasn't really watching that bit, since the problem looks solved to me.
I was just reacting against the unfortunate
On Mon, 2013-08-26 at 09:06 +0800, Gao feng wrote:
> On 08/26/2013 02:16 AM, James Bottomley wrote:
> > On Sun, 2013-08-25 at 19:37 +0200, Kay Sievers wrote:
> >> On Sun, Aug 25, 2013 at 7:16 PM, James Bottomley
> >> wrote:
> >>> On Wed, 2013-08-21 at 11:51
On Sun, 2013-08-25 at 19:37 +0200, Kay Sievers wrote:
> On Sun, Aug 25, 2013 at 7:16 PM, James Bottomley
> wrote:
> > On Wed, 2013-08-21 at 11:51 +0200, Kay Sievers wrote:
> >> On Wed, Aug 21, 2013 at 9:22 AM, Gao feng wrote:
> >> > On 08/21/2013 03:06 PM, Eric W
se it doesn't serve, the hoster
usually has separate container hosting (for a higher price, of course).
James
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Are there any comments on this iteration?
On Thu, 2013-05-23 at 18:12 +0100, james robson wrote:
> This patch adds functionality to allow libvirt to configure the
> 'native-tagged' and 'native-untagged' modes on openvswitch networks.
>
> v2 changes:
> Fix prob
+
+
+
+tagged
+untagged
+
+
+
diff --git a/src/conf/netdev_vlan_conf.c b/src/conf/netdev_vlan_conf.c
index 13ba8c6..2b4cd48 100644
--- a/src/conf/netdev_vlan_con
On Fri, 2013-05-10 at 14:10 -0400, Laine Stump wrote:
> On 04/30/2013 02:12 PM, james robson wrote:
> > This patch adds functionality to allow libvirt to configure the
> > 'native-tagged' and 'native-untagged' modes on openvswitch networks.
> >
> >
cs/schemas/networkcommon.rng
@@ -204,6 +204,14 @@
4095
+
+
+
+tagged
+untagged
+
+
+
diff --git a/src/conf/netdev_vlan_conf.c b/src/conf/netdev
On Tue, 2013-04-23 at 12:13 -0400, Laine Stump wrote:
> >>>
> Also, is it valid to have a native_mode/native_tag if trunk='no'? (right
> now trunk is automatically set to 'yes' if there is more than one vlan
> tag)
> >>> It isn't valid to have trunk='no' and the native settings. T
gt; want to know.)
I expect this was a side affect of getting the digest emails from the
list.
>
> On 04/22/2013 12:51 PM, james robson wrote:
> >> Date: Thu, 18 Apr 2013 14:14:32 -0400
> >> From: Laine Stump
> >> To: libvir-list@redhat.com
> >>
-1
>
> On 04/18/2013 01:44 PM, james robson wrote:
> > Hello,
> > Has any one been able to review this yet? I realise that the 'Since
> > 1.0.3' in the doc page is now out of date, but is the code itself
> > acceptable?
>
> I was hoping that someone
Hello,
Has any one been able to review this yet? I realise that the 'Since
1.0.3' in the doc page is now out of date, but is the code itself
acceptable?
On Mon, 2013-02-18 at 11:01 +0000, james robson wrote:
> This patch adds functionality to allow libvirt to configure the
> &#x
yes
+
+
+
+tagged
+untagged
+
+
+
+
+
+
+ 4095
+
+
+
diff --git a/src/conf/netdev_vlan_conf.c b/src/conf/netdev_vla
+
+tagged
+untagged
+
+
+
+
+
+
+ 4095
+
+
+
diff --git a/src/conf/netdev_vlan_conf.c b/src/conf/netdev_vlan_conf.c
index 13ba8c6..618eb4c 100644
-
On Tue, 2012-11-27 at 14:28 -0500, Laine Stump wrote:
> On 11/27/2012 10:03 AM, james robson wrote:
> > Hello All,
> >
> > Are there any current plans to extend the openvswitch port configuration
> > options to include the 'native-tagged' and 'native-untag
Hello All,
Are there any current plans to extend the openvswitch port configuration
options to include the 'native-tagged' and 'native-untagged' vlan modes?
I'm currently setting up a test lab that is going to require the
'native-untagged' vlan mode on openvswitch and would prefer to keep
these se
hy force them to learn yet one more variant? What is the
advantage for the users?
.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vo
On Wed, Apr 13, 2011 at 2:51 AM, Matthias Bolte <
matthias.bo...@googlemail.com> wrote:
> Long summary line. You could reformat it like this:
>
>
> esx: Support virsh net-list and net-info
>
> Add mapping of Network object and implementation of select
> networking functions.
>
> This makes virsh n
2:37 AM, Matthias Bolte <
matthias.bo...@googlemail.com> wrote:
> Sorry, I forgot to reply to your follow up question on the users list.
>
> 2011/4/6 James Barkley :
> > Greetings:
> > I've added code to the ESX driver to support some basic network
> > functio
Greetings:
I've added code to the ESX driver to support some basic network
functionality. I'm pretty new to this list, so please tell me how to proceed
with code review and patch submission (yes I've read the contributor
guidelines on the wiki). It seems like people are emailing a patch file for
ev
urity context
> stored on the filesystem as an extended attribute. The NFS v4 filesystem
> currently lacks extended attribute support. Without extended attributes there
> isn't a place to store the security context associated with the image file,
> hence the error.
>
> I&#x
On Fri, Oct 2, 2009 at 2:41 PM, Daniel P. Berrange wrote:
> On Fri, Oct 02, 2009 at 02:31:29PM +0200, Daniel Veillard wrote:
>> On Fri, Oct 02, 2009 at 02:01:02PM +0200, James Brackinshaw wrote:
>> > Hello,
>> >
>> > Is it possible to get at the (hist
Hello,
Is it possible to get at the (historical) performance data provided by
libvirtd? Is it stored for a period of time, or only available to
clients polling it?
Thanks
JB
--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
> If you're going to have a cluster of hosts between which you can move
> guests, you should really aim to store all your master configs elsewhere
> in shared storage, and either use transient guests (which have no
> config in /etc/libvirt), or persistent guests and only have configs in
> /etc/libv
On Fri, Oct 2, 2009 at 11:22 AM, Chris Lalancette wrote:
> James Brackinshaw wrote:
>> Hello,
>>
>> I have a directory /mnt/shared-storage where the disk files for kvm
>> live. Live migration works well, but I have a problem: after a
>> migration I see two
Hello,
I have a directory /mnt/shared-storage where the disk files for kvm
live. Live migration works well, but I have a problem: after a
migration I see two guests, one on the original host "shutoff" and one
on the new host "running".
I'd like to see the guest only on the host it is running on.
veth1 192.168.0.1/24
SIOCSIFADDR: Permission denied
SIOCSIFNETMASK: Permission denied
SIOCGIFADDR: Cannot assign requested address
SIOCSIFBROADCAST: Permission denied
SIOCSIFFLAGS: Permission denied
sh-4.0#
Any advise ?
This is a UTF-8 formatted mail
---
James C.
label, then random generate one and reset
> file context).
I wouldn't call these MLS and Standard. The simple isolation scheme with
automatic labeling is just one way to do things. Down the track, we'll
want to be able to specify arbitrary types for guests, not just for MLS.
--
James
ty to at least search every directory on the system, and
> potentially read them. Having the ability to read a directory is
> sometimes valuable, for a hacker.
I thought the virt-manager etc. tools were moving toward using
standardized directories and not allowing users to put VM images
DispatchOOMError() for OOM errors
* Create virXPathStringLimit() from virDomainSecLabelDefParseXMLString()
Comments welcome.
- James
--
James Morris
--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
geDriver->findPoolSources)
> return conn->storageDriver->findPoolSources(conn, type, srcSpec,
> flags);
>
> @@ -5068,6 +5128,11 @@ virStoragePoolSetAutostart(virStoragePoo
> return (-1);
> }
>
> +if (pool->conn->flags & VIR_CONNECT_RO) {
> +virLibStoragePoolError(pool, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> +return (-1);
> +}
> +
> conn = pool->conn;
>
> if (conn->storageDriver && conn->storageDriver->poolSetAutostart)
>
>
> --
> |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
> |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
> |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
> |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
>
> --
> Libvir-list mailing list
> Libvir-list@redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
--
James Morris
--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Wed, 17 Dec 2008, James Morris wrote:
> On Mon, 15 Dec 2008, James Morris wrote:
>
> > On Thu, 11 Dec 2008, Daniel P. Berrange wrote:
> >
> >
> > > > * a virNodeInfo is a structure filled by virNodeGetInfo() and
> > >
On Mon, 15 Dec 2008, James Morris wrote:
> On Thu, 11 Dec 2008, Daniel P. Berrange wrote:
>
>
> > > * a virNodeInfo is a structure filled by virNodeGetInfo() and providing
> > > @@ -504,6 +567,10 @@ int virDomainSetMaxMemory
> > &
at scenario, could we just put the security
> model data into the security label struct and have a single API
The domain doesn't have a security label until it's running, and then it
must match the node's model, so I'm not sure we need to change anything
except the name of
ossibly, although I think we should leave the configuration of DOI to the
admin, rather than trying to figure out what might be useful in advance.
In some cases, the admin may wish to use an RPM package+version string,
and others, a domain name could indicate that each system is managed
wi
the DOI as
simply as editing a configuration file to set the DOI to a domain name or
arbitrary realm name.
> *An informal group/list just formed to start discussing DOI management
> issues such as DOI formats, negotiation and translation.
URL ?
- James
--
James Morris
<[EMAIL PROTECT
on the host.
I would expect that, too.
--
James Morris
<[EMAIL PROTECTED]>
--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
t attributes ?
As mentioned, I think we need to differentiate host capabilities from
specific security labeling state for a domain on that host.
> I guess since SELinux gained ability to specify that individual security
> domains are permissive, we do arguably still need an explicit
with 'seclabel' rather than introduce 'secpolicy'.
...
engineering.example.com.
yes
--
James Morris
<[EMAIL PROTECTED]>
--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
e domain configuration could have an element like:
yes
which means that label security policy must be applied.
The security label for the domain would now look like:
system_u:system_r:virtd_t:s0
local
no
- James
--
James Morris
<[EMAIL PROTECTED]>
--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Sun, 21 Sep 2008, Jim Meyering wrote:
> James Morris <[EMAIL PROTECTED]> wrote:
> > I haven't seen these patches go in upstream. Any chance of having them
> > committed so I don't have to carry them locally ?
>
> If they can be automatically generat
I haven't seen these patches go in upstream. Any chance of having them
committed so I don't have to carry them locally ?
On Tue, 9 Sep 2008, James Morris wrote:
> Add .gitignore files to make developing with git easier. These
> are simply copies of the
Shouldn't libvirt.h be ignored by SCMS ?
libvirt.h is automatically generated: it should be ignored by
SCM tools.
Signed-off-by: James Morris <[EMAIL PROTECTED]>
---
diff --git a/include/libvirt/.cvsignore b/include/libvirt/.cvsignore
index 282522d..7bd
Add .gitignore files to make developing with git easier. These
are simply copies of the .cvsignore files.
Signed-off-by: James Morris <[EMAIL PROTECTED]>
---
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 000..5e055a6
--- /dev/null
+++ b/.gitignore
@
Fix a signedness bug in src/qemu_driver.c, qemuCmdFlags needs to be
unsigned int.
Signed-off-by: James Morris <[EMAIL PROTECTED]>
---
src/qemu_driver.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/qemu_driver.c b/src/qemu_driver.c
index 59faf94..72c2d81
plication of
Smack would be here (and Casey may not like the idea at all), but it is a
label-based MAC system.
(The thread starts here:
https://www.redhat.com/archives/libvir-list/2008-August/msg00740.html)
- James
--
James Morris
<[EMAIL PROTECTED]>
--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
also likely be reused for labeling domains themselves, and other
resources.
Thoughts?
- James
--
James Morris
<[EMAIL PROTECTED]>
--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
I'm not sure if this is the best way to do this, but it seems to work.
Enable parallel compilation of the repository when running the autobuild
script and/or via rpmbuild.
---
autobuild.sh| 15 ++-
libvirt.spec.in |2 +-
2 files changed, 15 insertions(+), 2 deletion
Cole Robinson wrote:
> Make sure hald (or some equivalently named service) is
> running. Bar that, you'll probably have to ask the
> ubuntu folks.
>
It's running. I'll see if I can figure out where this went wrong.
Does this apply to virsh as well?
Thanks
-jim
--
Libvir-list mailing list
Lib
Cole Robinson wrote:
> What virt-manager version are you using?
> Distro?
libvirt: 0.4.0-2ubuntu8
virt-manager: 0.5.3-0ubuntu10
Distro: Ubuntu 8.04.1 server x86_64
> Is there anything showing up in the shared device drop
> down (even if you can't select it?)
>
The drop-down activates, but is
Charles Duffy wrote:
> James Bardin wrote:
>> I'm not sure where to set this up, but I have a bridged device br0 that
>> I would like to have available in virt-manager/virsh.
>>
>> Right now, I can edit the VM's xml interface element manually to use
>&
Hello,
I'm having trouble digging up some documentation on libvirt's network
config.
I'm not sure where to set this up, but I have a bridged device br0 that
I would like to have available in virt-manager/virsh.
Right now, I can edit the VM's xml interface element manually to use
br0. Virt-manage
On Fri, 15 Aug 2008, Atsushi SAKAI wrote:
> Hi, James
>
> Thank you for posting the announcement.
> This thread is very interesting.
> Instead, I understand many things to be dicided.
>
> >- Utilize the new hierarchical types being proposed upstream by
&g
nd on whatever is
performing the relabel (although we can enforce relabelfrom/relabelto
permissions).
I wonder if existing work/concepts related to MLS device allocation would
be useful here.
See:
http://sourceforge.net/projects/devallocator/
- James
--
James Morris
<[EMAIL PROTECTED]>
--
L
works?
>
> http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine
>
> The above web page says that KVM is all based in the kernel, in which case
> why
> would it be any more resilient than Xen?
KVM uses a kernel module to utilize the virt hardware (which Qemu
interfaces wi
licy work ought
> to handle all but the most extreme cases.
The proof of concept code is indeed simple policy/labeling changes,
although we want to ensure that we fully understand the requirements, and
implement a flexible and generally useful scheme.
Support for this also needs to be built
1 - 100 of 103 matches
Mail list logo
