Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qemu

[Daniel P. Berrange]

On Thu, Nov 05, 2009 at 08:57:18AM -0600, Anthony Liguori wrote:
> Avi Kivity wrote:
> >>At least with KVM support, this is probably the most common use case 
> >>which means
> >>that most of our users are running qemu as root.  That's terrible.
> >>   
> >
> >Most of our users run managed systems.
> 
> I consider management software as a user.  Today, most management 
> software launches qemu as root.  libvirt is just getting around to 
> fixing this although they still are running it as a single user instead 
> of as the user requesting the vm be launched.

We have two modes of operating in libvirt.

 - The 'system' instance. The libvirtd daemon runs privileged in order
   to allow full management of all host services including network
   and storage. The QEMU vms run under a 'qemu' user.  This is intended
   for server virtualization use cases.

 - The 'session' instance. The libvirtd daemon runs unprivileged as the
   user account accessing it. The QEMU vms run under the users own
   account too. This is intended for desktop virtualization use cases.

The main problem is that we've never really used the 'session' instances,
since networking configs are rather limited to pretty much just SLIRP 
and people expect full bridging.  I think this patch series you've
done is invaluable and will let us finally make full use of the libvirt
'session' instances for desktop virt, running everything unprivileged.


Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|