[libvirt] [PATCH 0/9] Add ability to connect to LXC namespaces
Daniel P. Berrange
berrange at redhat.com
Wed Jan 2 10:17:54 UTC 2013
On Wed, Dec 26, 2012 at 10:43:56AM +0900, Kamezawa Hiroyuki wrote:
> (2012/12/22 2:08), Daniel P. Berrange wrote:
> >This series introduces an LXC specific library libvirt-lxc.so
> >which adds ability for a process to connect to the namespaces
> >used by an LXC container from outside. It uses FD passing
> >magic to allow the caller to connect, even if it is not root.
> >
>
> Can any user can execute any commands in a LXC guest by
>
> # virsh -c lxc:/// lxc-enter-namespace demo -- <command>
>
> without any limitation ?
Well you need to be authorized to connect to lxc:/// first,
which by default requires you to authorize as root on the
host
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list