On Fri, 15 May 2015, Jim Fehlig wrote: > Stefano Stabellini wrote: > > Try to use "xen-qemudepriv-$domname" first, then "xen-qemudepriv-base" + > > domid, finally "xen-qemudepriv-shared" and root if everything else fails. > > > > The uids need to be manually created by the user or, more likely, by the > > xen package maintainer. > > > > FYI, the libvirt qemu driver supports specifying a global uid:gid for > qemu processes in /etc/libvirt/qemu.conf. The uid:gid can also be tuned > per-domain with something like > > <seclabel type='static' model='dac' relabel='yes'> > <label>uid:gid</label> > </seclabel> > > The model is a bit different in Xen where only the associated qemu (not > the entire domain) would be running as uid:gid, so I'm not sure if this > is something you want to expose through libxl.
I think it might be a possibility. We could easily add options to set a uid and gid per domain to be used for QEMU. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
