Your message dated Fri, 5 Apr 2019 18:44:07 +0200 with message-id <caatjj0jo5gpa5vrxqr3gvpud0ky6cor-0ddbaaxhznmkvf7...@mail.gmail.com> and subject line Not a bug but a support request - hint a howto and close bug has caused the Debian Bug report #905036, regarding libvirt0: qemu sandbox option prevents built-in qemu smb server from working to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 905036: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905036 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: libvirt0 Version: 4.5.0-1 Severity: normal Dear Maintainer, some virtual machines uses built-in qemu samba to share directory with host. This is done using 'qemu:commandline' tag in VM xml file. <qemu:commandline> <qemu:arg value='-netdev'/> <qemu:arg value='user,id=hostnet0,smb=/home/user/KVM/shared'/> <qemu:arg value='-device'/> <qemu:arg value='virtio-net- pci,netdev=hostnet0,id=net0,bus=pci.0,addr=0x9'/> </qemu:commandline> After upgrading from 4.2.0-2 to 4.3.0-1 this does not work anymore. The reason is that since 4.3.0-1 following command line options are added to qemu command line: '-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny' elevateprivileges=deny causes corresponding qemu thread to be killed as soon as samba share is accessed. I don't think this is a major problem and it should be fixed. Sandbox is a good thing. This bug report just points that upgrading (for example, from stretch to buster) could cause problems in some cases. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.17.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libvirt0 depends on: ii libacl1 2.2.52-3+b1 ii libapparmor1 2.12-5 ii libaudit1 1:2.8.3-1+b1 ii libavahi-client3 0.7-4 ii libavahi-common3 0.7-4 ii libc6 2.27-5 ii libcap-ng0 0.7.9-1 ii libcurl3-gnutls 7.60.0-2 ii libdbus-1-3 1.12.8-3 ii libdevmapper1.02.1 2:1.02.145-4.1 ii libgnutls30 3.5.19-1 ii libnl-3-200 3.4.0-1 ii libnl-route-3-200 3.4.0-1 ii libnuma1 2.0.11-2.2 ii libsasl2-2 2.1.27~101-g0780600+dfsg-3.1 ii libselinux1 2.8-1+b1 ii libssh2-1 1.8.0-1 ii libxml2 2.9.4+dfsg1-7+b1 ii libyajl2 2.1.0-2+b3 Versions of packages libvirt0 recommends: ii lvm2 2.02.176-4.1 libvirt0 suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Hi, you can disable the (default enabled) sandbox mode in /etc/libvirt/qemu.conf, see [1]. The feature is in general useful, so there is no reason to change the default, but since a config to disable the more is available you should be fine. Since this is not a bug that can be fixed in the source/package we can close it safely. [1]: https://github.com/libvirt/libvirt/blob/master/src/qemu/qemu.conf#L457 -- Christian Ehrhardt Software Engineer, Ubuntu Server Canonical Ltd
--- End Message ---
