[libvirt] [PATCHv3 3/2] qemu: don't request cgroup ACL access for /dev/net/tun
Eric Blake
eblake at redhat.com
Thu Mar 10 16:49:25 UTC 2011
On 03/10/2011 09:27 AM, Laine Stump wrote:
> On 03/09/2011 05:12 PM, Eric Blake wrote:
>> Since libvirt always passes /dev/net/tun to qemu via fd, we should
>> never trigger the cases where qemu tries to directly open the
>> device. Therefore, it is safer to deny the cgroup device ACL.
>>
>> * src/qemu/qemu_cgroup.c (defaultDeviceACL): Remove /dev/net/tun.
>> * src/qemu/qemu.conf (cgroup_device_acl): Reflect this change.
>> - "/dev/rtc", "/dev/hpet", "/dev/net/tun",
>> + "/dev/rtc", "/dev/hpet",
>> NULL,
>> };
>> #define DEVICE_PTY_MAJOR 136
>
> ACK.
Thanks; pushed (actually, I pushed this prior to 2/2).
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110310/fea78236/attachment-0001.sig>
More information about the libvir-list
mailing list