On Mon, Jun 15, 2026 at 05:07:06PM +0200, Peter Krempa via Devel wrote: > On Mon, Jun 15, 2026 at 11:48:26 +0000, Siddhi Katage via Devel wrote: > > Read-only connections currently cannot use qemu-monitor-command even for > > HMP "info" commands, which only query QEMU state. > > > > Allow HMP commands whose first token is exactly "info" on read-only > > connections. Keep QMP commands, file descriptor passing, and all other > > HMP commands restricted to read-write connections. > > This would give access to peeking into some (randomly picked) guest > operations e.g. via 'info registers'. I don't think that's what we want. > > And I'm sure we don't want to police which commands are "safe". > > I don't think this is a good idea. Especially you didn't describe your > use case in any way.
Agreed, the qemu monitor command API is a development backdoor, intended as an adhoc workaround for otherwise missing libvirt APIs / data. This is not appropriate to expose to read-only users, even if they are merely running 'info' / 'query' commands. With regards, Daniel -- |: https://berrange.com ~~ https://hachyderm.io/@berrange :| |: https://libvirt.org ~~ https://entangle-photo.org :| |: https://pixelfed.art/berrange ~~ https://fstop138.berrange.com :|
