|
From: | Avi Kivity |
Subject: | Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qemu |
Date: | Thu, 05 Nov 2009 17:33:31 +0200 |
User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.4pre) Gecko/20091014 Fedora/3.0-2.8.b4.fc11 Thunderbird/3.0b4 |
On 11/05/2009 05:11 PM, Avi Kivity wrote:
But we're forcing our style of security management on them. How to store permissions is the management system's job (and for a clu^Houd, it will typically be stored in a central database, not be scattered around /etc).Again, IMO we should stick to making a guest work, and leave all the glue to management.
As an example of why this is so, if the management stack wants to configure the tap interface further (say, add some ebtables rules guarding the new interface) it must push this into qemu or stop using -net bridge.
Having the tap accessible to management also allows it to run tcpdump or collect statistics on it at runtime.
-- error compiling committee.c: too many arguments to function
[Prev in Thread] | Current Thread | [Next in Thread] |