Re: [Qemu-devel] Re: [libvirt] Supporting hypervisor specific APIs in libvirt

[Avi Kivity]

On 03/24/2010 02:30 PM, Anthony Liguori wrote:
> On 03/24/2010 07:27 AM, Avi Kivity wrote:
> > On 03/24/2010 02:19 PM, Anthony Liguori wrote:
> > > > qemud
> > > >   - daemonaizes itself
> > > >   - listens on /var/lib/qemud/guests for incoming guest connections
> > > >   - listens on /var/lib/qemud/clients for incoming client connections
> > > >   - filters access according to uid (SCM_CREDENTIALS)
> > > >   - can pass a new monitor to client (SCM_RIGHTS)
> > > >   - supports 'list' command to query running guests
> > > >   - async messages on guest startup/exit
> > >
> > >
> > > Then guests run with the wrong security context.
> >
> > Why?  They run with the security context of whoever launched them 
> > (could be libvirtd).
>
> Because it doesn't have the same security context as qemud and since 
> clients have to connect to qemud, qemud has to implement access control.

Yeah.

> It's far better to have the qemu instance advertise itself such that 
> and client connects directly to it.  Then all of the various 
> authorization models will be applied correctly to it.

Agreed.  qemud->exit().

--
error compiling committee.c: too many arguments to function