[libvirt] [PATCH v3 0/5] Per-guest configurable user/group for QEMU processes

Marcelo Cerri mhcerri at linux.vnet.ibm.com
Thu Aug 9 13:55:14 UTC 2012 

Daniel,

Any comments or feedback?

Regards,
Marcelo

On 08/03/2012 11:18 AM, Marcelo Cerri wrote:
> This is a v3 patch series that updates the libvirt's security driver mechanism to support per-guest configurable user and group for QEMU processes running together with other security drivers, such as SELinux and AppArmor.
>
> Comments and feedbacks are welcome.
>
>
> Marcelo Cerri (5):
>    Internal refactory of data structures
>    Multiple security drivers in XML data
>    Update security layer to handle many security labels
>    Support for multiple default security drivers in QEMU config
>    Update the remote API
>
>   daemon/remote.c                                    |   63 ++++
>   docs/formatdomain.html.in                          |   11 +-
>   docs/schemas/capability.rng                        |   18 +-
>   docs/schemas/domaincommon.rng                      |   30 ++-
>   include/libvirt/libvirt.h.in                       |    2 +
>   python/generator.py                                |    1 +
>   src/conf/capabilities.c                            |   17 +-
>   src/conf/capabilities.h                            |    6 +-
>   src/conf/domain_audit.c                            |   14 +-
>   src/conf/domain_conf.c                             |  342 +++++++++++++++-----
>   src/conf/domain_conf.h                             |   18 +-
>   src/driver.h                                       |    4 +
>   src/libvirt.c                                      |   47 +++
>   src/libvirt_private.syms                           |    5 +
>   src/libvirt_public.syms                            |    5 +
>   src/lxc/lxc_conf.c                                 |    8 +-
>   src/lxc/lxc_controller.c                           |    8 +-
>   src/lxc/lxc_driver.c                               |   11 +-
>   src/lxc/lxc_process.c                              |   23 +-
>   src/qemu/qemu_conf.c                               |   38 ++-
>   src/qemu/qemu_conf.h                               |    2 +-
>   src/qemu/qemu_driver.c                             |  218 +++++++++++---
>   src/qemu/qemu_process.c                            |   50 ++-
>   src/remote/remote_driver.c                         |   46 +++
>   src/remote/remote_protocol.x                       |   17 +-
>   src/remote_protocol-structs                        |    1 +
>   src/security/security_apparmor.c                   |  118 +++++--
>   src/security/security_dac.c                        |  324 +++++++++++++++++--
>   src/security/security_manager.c                    |  101 +++++--
>   src/security/security_manager.h                    |    8 +-
>   src/security/security_selinux.c                    |  256 ++++++++++-----
>   src/security/security_stack.c                      |  237 +++++++++-----
>   src/security/security_stack.h                      |   13 +
>   src/test/test_driver.c                             |   11 +-
>   .../qemuxml2argv-seclabel-dynamic-override.xml     |    4 +-
>   .../qemuxml2argv-seclabel-dynamic.xml              |    2 +-
>   36 files changed, 1634 insertions(+), 445 deletions(-)
>

More information about the libvir-list mailing list