Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/gr

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/gr

From:	Daniel P. Berrange
Subject:	Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes
Date:	Fri, 14 Sep 2012 09:40:51 +0100
User-agent:	Mutt/1.5.21 (2010-09-15)

On Tue, Sep 11, 2012 at 02:13:38PM -0400, Corey Bryant wrote:
> Are there any other requirements that need to be taken care of to
> enable execution of QEMU guests under separate unprivileged user IDs
> (ie. DAC isolation)?
> 
> At this point, this patch series (Per-guest configurable user/group
> for QEMU processes) is upstream, allowing libvirt to execute guests
> under separate unprivileged user IDs.  Additionally, the QEMU bridge
> helper series is upstream, allowing QEMU to allocate a tap device
> and attach it to a bridge when run under an unprivileged user ID 
> (http://www.redhat.com/archives/libvir-list/2012-August/msg00277.html).
> 
> Is there any other feature in QEMU that requires QEMU to be run as root?

Well those features you mention are for two separate issues. When
running libvirt privileged (qemu:///system), QEMU was already run
as non-root (qemu:qemu). The per-guest user/group was just making
sure that QEMU VMs were  isolated from each other using user IDs.
Since libvirtd is running privileged, it can either set permissions
or open things on QEMU's behalf. All this side of things really
works already.

The TAP device bridge helper is something that's needed when running
libvirtd itself unprivileged (eg the per user qemu:///session libvirtd).
In this case libvirtd can't access privileged resources at all, hence
the setuid TAP helper was required.

So I guess this is a roundabout way of saying that I'm not really
clear what you're asking about ? If you're using qemu:///system
there has never been any problem with running QEMU unprivileged.
When using qemu:///session you're obviously limited to whatever
resources the user is allowed to access.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes, Corey Bryant, 2012/09/11
- Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes, Marcelo Cerri, 2012/09/13
- Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes, Daniel P. Berrange <=
  - Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes, Corey Bryant, 2012/09/14
    - Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes, Daniel P. Berrange, 2012/09/14
    - Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes, Corey Bryant, 2012/09/14

Prev by Date: Re: [Qemu-devel] [PATCH 19/25] ahci: add migration support
Next by Date: [Qemu-devel] [PULL 00/12] Trivial patches for 16 August to 14 September 2012
Previous by thread: Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes
Next by thread: Re: [Qemu-devel] [libvirt] [PATCH v4 0/5] Per-guest configurable user/group for QEMU processes
Index(es):
- Date
- Thread