On Tue, Sep 11, 2012 at 02:13:38PM -0400, Corey Bryant wrote:
> Are there any other requirements that need to be taken care of to
> enable execution of QEMU guests under separate unprivileged user IDs
> (ie. DAC isolation)?
>
> At this point, this patch series (Per-guest configurable user/group
>
Hi,
Any comments about that?
Regards,
Marcelo
On Tue, Sep 11, 2012 at 02:13:38PM -0400, Corey Bryant wrote:
> Are there any other requirements that need to be taken care of to
> enable execution of QEMU guests under separate unprivileged user IDs
> (ie. DAC isolation)?
>
> At this point, this p
Are there any other requirements that need to be taken care of to enable
execution of QEMU guests under separate unprivileged user IDs (ie. DAC
isolation)?
At this point, this patch series (Per-guest configurable user/group for
QEMU processes) is upstream, allowing libvirt to execute guests un
On 16.08.2012 00:10, Marcelo Cerri wrote:
> This is a v4 patch series that updates the libvirt's security driver
> mechanism to support per-guest configurable user and group for QEMU processes
> running together with other security drivers, such as SELinux and AppArmor.
>
> Marcelo Cerri (5):
>
This is a v4 patch series that updates the libvirt's security driver mechanism
to support per-guest configurable user and group for QEMU processes running
together with other security drivers, such as SELinux and AppArmor.
Marcelo Cerri (5):
Internal refactory of data structures
Multiple sec