[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v10] run QEMU as non-root

On Thu, 2015-11-05 at 12:47 +0000, Stefano Stabellini wrote:
> Try to use "xen-qemuuser-domid$domid" first, then
> "xen-qemuuser-shared" and root if everything else fails.
> The uids need to be manually created by the user or, more likely, by the
> xen package maintainer.
> Expose a device_model_user setting in libxl_domain_build_info, so that
> opinionated callers, such as libvirt, can set any user they like. Do not
> fall back to root if device_model_user is set. Users can also set
> device_model_user by hand in the xl domain config file.
> QEMU is going to setuid and setgid to the user ID and the group ID of
> the specified user, soon after initialization, before starting to deal
> with any guest IO.
> To actually secure QEMU when running in Dom0, we need at least to
> deprivilege the privcmd and xenstore interfaces, this is just the first
> step in that direction.
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>

acked + applied.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.