Am 21.05.2012 22:19, schrieb Corey Bryant:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process from opening
files that do not belong to it.
sVirt provides
On 05/22/2012 02:18 AM, Kevin Wolf wrote:
This patch series adds the -filefd command-line option and the
getfd_file monitor command. This will enable libvirt to open a
file and push the corresponding filename and file descriptor to
QEMU. When QEMU needs to open a file, it will first check
Am 22.05.2012 14:02, schrieb Eric Blake:
On 05/22/2012 02:18 AM, Kevin Wolf wrote:
This patch series adds the -filefd command-line option and the
getfd_file monitor command. This will enable libvirt to open a
file and push the corresponding filename and file descriptor to
QEMU. When QEMU
On 05/22/2012 04:18 AM, Kevin Wolf wrote:
Am 21.05.2012 22:19, schrieb Corey Bryant:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process from opening
files
Am 22.05.2012 16:30, schrieb Corey Bryant:
On 05/22/2012 04:18 AM, Kevin Wolf wrote:
Am 21.05.2012 22:19, schrieb Corey Bryant:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux
On 05/22/2012 08:45 AM, Kevin Wolf wrote:
I understand that open(/dev/fd/42) would be the same as dup(42), but
I'm not sure that I'm entirely clear on how this would work. Could you
give an example?
With your approach you open the file outside qemu, pass the fd to qemu
along with a file
Am 22.05.2012 17:01, schrieb Eric Blake:
On 05/22/2012 08:45 AM, Kevin Wolf wrote:
I understand that open(/dev/fd/42) would be the same as dup(42), but
I'm not sure that I'm entirely clear on how this would work. Could you
give an example?
With your approach you open the file outside
On 05/22/2012 10:45 AM, Kevin Wolf wrote:
Am 22.05.2012 16:30, schrieb Corey Bryant:
On 05/22/2012 04:18 AM, Kevin Wolf wrote:
Am 21.05.2012 22:19, schrieb Corey Bryant:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image
Am 22.05.2012 17:29, schrieb Corey Bryant:
On 05/22/2012 10:45 AM, Kevin Wolf wrote:
Am 22.05.2012 16:30, schrieb Corey Bryant:
On 05/22/2012 04:18 AM, Kevin Wolf wrote:
Am 21.05.2012 22:19, schrieb Corey Bryant:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu
On 05/22/2012 11:39 AM, Kevin Wolf wrote:
Am 22.05.2012 17:29, schrieb Corey Bryant:
On 05/22/2012 10:45 AM, Kevin Wolf wrote:
Am 22.05.2012 16:30, schrieb Corey Bryant:
On 05/22/2012 04:18 AM, Kevin Wolf wrote:
Am 21.05.2012 22:19, schrieb Corey Bryant:
libvirt's sVirt security
On 05/22/2012 09:29 AM, Corey Bryant wrote:
I understand that open(/dev/fd/42) would be the same as dup(42), but
I'm not sure that I'm entirely clear on how this would work. Could you
give an example?
Instead you could use the existing getfd command and avoid the
translation:
(qemu)
On 05/22/2012 12:15 PM, Eric Blake wrote:
On 05/22/2012 09:29 AM, Corey Bryant wrote:
I understand that open(/dev/fd/42) would be the same as dup(42), but
I'm not sure that I'm entirely clear on how this would work. Could you
give an example?
Instead you could use the existing getfd
12 matches
Mail list logo
