[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2 1/6] docs/qemu-deprivilege: Revise and update with status and future plans
On Fri, Sep 21, 2018 at 06:04:23PM +0100, George Dunlap wrote: > +## Migration > + > +When calling xen-save-devices-state, since QEMU is running in a chroot > +it is not useful to pass a filename (it doesn't even have write access > +inside the chroot). Instead, give it an open fd using the add-fd > +mechanism. That describe an issue only on save. The restore part of a migration also have an issue: On restore, QEMU signal to libxl that it is ready only after priviledge restriction have been put in place (and after or when it receive the migration data). But xenstore isn't available anymore, so restore fails from libxl point-of-view. Or maybe you describe here an issue that would arise when an hypothetic chroot is apply. But the migration issue describe here still apply without chroot and with only -runas, the path libxl give to QEMU is accessible by root only. > diff --git a/docs/features/qemu-deprivilege.pandoc > b/docs/features/qemu-deprivilege.pandoc > new file mode 100644 > index 0000000000..b377076606 > --- /dev/null > +++ b/docs/features/qemu-deprivilege.pandoc [...] > +# Technical details > + > +See docs/design/qemu-deprivilege.txt for technical details. Right now, this doc have the ".md" suffix, not ".txt", I don't know if that matter. -- Anthony PERARD _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |