[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v7] run QEMU as non-root

On Mon, Jul 27, 2015 at 03:19:56PM +0200, Fabio Fantoni wrote:
> Il 23/07/2015 19:08, Stefano Stabellini ha scritto:
> >Try to use "xen-qemudepriv-domid$domid" first, then
> >"xen-qemudepriv-shared" and root if everything else fails.
> >
> >The uids need to be manually created by the user or, more likely, by the
> >xen package maintainer.
> >
> >Expose a device_model_user setting in libxl_domain_build_info, so that
> >opinionated callers, such as libvirt, can set any user they like. Do not
> >fall back to root if device_model_user is set.
> >
> >QEMU is going to setuid and setgid to the user ID and the group ID of
> >the specified user, soon after initialization, before starting to deal
> >with any guest IO.
> >
> >To actually secure QEMU when running in Dom0, we need at least to
> >deprivilege the privcmd and xenstore interfaces, this is just the first
> >step in that direction.
> >
> >Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
> Thanks for this patch, now I'll test it.
> I think can be good add also domU's xl cfg parameter for set custom user to
> use instead make possible only in libxl from external tools, is possible to
> add it?

It looks trivial to me. The hardest part would be picking a name for
the new option and writing that down in manpage. :-)


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.