Re: [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes

2012-09-14 Thread Daniel P. Berrange
On Tue, Sep 11, 2012 at 02:13:38PM -0400, Corey Bryant wrote: > Are there any other requirements that need to be taken care of to > enable execution of QEMU guests under separate unprivileged user IDs > (ie. DAC isolation)? > > At this point, this patch series (Per-guest configurable user/group >

Re: [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes

2012-09-13 Thread Marcelo Cerri
Hi, Any comments about that? Regards, Marcelo On Tue, Sep 11, 2012 at 02:13:38PM -0400, Corey Bryant wrote: > Are there any other requirements that need to be taken care of to > enable execution of QEMU guests under separate unprivileged user IDs > (ie. DAC isolation)? > > At this point, this p

Re: [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes

2012-09-11 Thread Corey Bryant
Are there any other requirements that need to be taken care of to enable execution of QEMU guests under separate unprivileged user IDs (ie. DAC isolation)? At this point, this patch series (Per-guest configurable user/group for QEMU processes) is upstream, allowing libvirt to execute guests un

Re: [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes

2012-08-20 Thread Michal Privoznik
On 16.08.2012 00:10, Marcelo Cerri wrote: > This is a v4 patch series that updates the libvirt's security driver > mechanism to support per-guest configurable user and group for QEMU processes > running together with other security drivers, such as SELinux and AppArmor. > > Marcelo Cerri (5): >

[libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes

2012-08-15 Thread Marcelo Cerri
This is a v4 patch series that updates the libvirt's security driver mechanism to support per-guest configurable user and group for QEMU processes running together with other security drivers, such as SELinux and AppArmor. Marcelo Cerri (5): Internal refactory of data structures Multiple sec