[libvirt] [sandbox PATCH 1/2] Add virt-sandbox -s inherit, to execute the sandbox from the parent.
Daniel P. Berrange
berrange at redhat.com
Thu Aug 15 11:48:46 UTC 2013
On Thu, Aug 15, 2013 at 07:43:01AM -0400, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 08/15/2013 04:48 AM, Daniel P. Berrange wrote:
> > On Tue, Aug 13, 2013 at 01:10:11PM -0400, Dan Walsh wrote:
> >> This will allow us to run sandbox as the calling process, If I am
> >> running a shell as staff_u:unconfined_r:unconfined_t:s0, and I execute
> >> virt-sandbox -c lxc/// -- /bin/sh
> >>
> >> /bin/sh will run as staff_u:unconfined_r:unconfined_t:s0 ---
> >> bin/virt-sandbox-service.pod | 6 +++++- bin/virt-sandbox.c
> >> | 9 ++++++++- configure.ac | 1 +
> >> libvirt-sandbox.spec.in | 1 +
> >> libvirt-sandbox/Makefile.am | 2 ++
> >> libvirt-sandbox/libvirt-sandbox-config.c | 14 ++++++++++++++
> >> m4/virt-selinux.m4 | 11 +++++++++++ 7 files
> >> changed, 42 insertions(+), 2 deletions(-) create mode 100644
> >> m4/virt-selinux.m4
> >
> > You've taken what was previously 3 separate patches fixing 3 separate bugs,
> > and merged them into one giant patch. This is really bad - separate
> > functional fixes must always be kept as separate patches.
> >
> > The actual changes look good, but please split it back up into 3 separate
> > patches & repost.
> >
> > Daniel
> >
> Not quite sure what you are talking about, I sent two patches, the inherit
> patch included some fixes to the virt-sandbox-service.pod, which I will split out.
Here you sent 3 individual git commits:
https://www.redhat.com/archives/libvir-list/2013-August/msg00134.html
One for the inherit feature, one virt-sandbox-service.pod fix and
one virt-sandbox.c pod file. Now you've squashed those three patches
into one patch.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list