|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] libxl: Do not warn about non existing user for the device model
On Mon, May 23, 2016 at 12:57:26PM +0100, Wei Liu wrote: > On Mon, May 23, 2016 at 12:35:02PM +0100, Anthony PERARD wrote: > > Running QEMU as non-root user is not ready yet, so avoid avertising it > > with a warning. > > > > Also improve the doc to include more potential issue with running QEMU > > as non-root. > > > > Signed-off-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> > > --- > > docs/man/xl.cfg.pod.5 | 5 +++-- > > docs/misc/qemu-deprivilege.txt | 4 ++-- > > tools/libxl/libxl_dm.c | 2 +- > > 3 files changed, 6 insertions(+), 5 deletions(-) > > > > diff --git a/docs/man/xl.cfg.pod.5 b/docs/man/xl.cfg.pod.5 > > index accd9b4..8a4f4c5 100644 > > --- a/docs/man/xl.cfg.pod.5 > > +++ b/docs/man/xl.cfg.pod.5 > > @@ -1953,8 +1953,9 @@ option to the device-model. > > > > Run the device model as user "username", instead of > > B<xen-qemuuser-domid$domid> or B<xen-qemuuser-shared> or B<root>. > > -Please note that running QEMU as non-root causes migration and PCI > > -passthrough not to work properly. > > +Please note that running QEMU as non-root causes several features like > > +migration and PCI passthrough to not work properly and may prevent the > > guest > > +from booting. > > > > What is not clear is that whether using this option would buy the user > anything security-wise. If it doesn't improve security but only break > things we should probably remove it from man page all together. If having undocumented config options is fine, then I guess we can remove this from the man. -- Anthony PERARD _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |