I'm still totally against this. FD passing is a nice feature for sandboxing, but the passing should be between closely cooperating programs. We'll need a tool shipped from the qemu source tree to open and set up the FDs, and not someone external. With that setup in place we can use a protocol similar to the various OpenBSD privilegue separated deaemons to also allow reopening / snapshots / etc.
Opening fds in libvirt and passing them into qemu is exactly the wrong way, and just cements the current horrors where libvirt duplicates parsing of image format headers. -- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
