Daniel P. Berrange wrote: > We currently have logic in the remote driver so that it handles the local > QEMU driver URIs, so they get re-directed to the daemon. It also handles > networking APIs for Xen driver. For normal APIs, Xen has the auto-spawned > setuid proxy daemon. This was very useful at the time we wrote it, but it > only supports a handful of operations, and only in read-only mode. One other > factor is that SUSE, for example, do not ship it because it is setuid. I > don't know whether this is just a general policy, or just because they've > not had time to audit it, but that's not very good for their users. > Yep. Reason is the former. But this can be overridden (followed by an audit) if there is a good case. Apparently my case wasn't strong enough. Too be fair though, I didn't push hard. And now that I've seen this mail I'm reminded that I wanted to push this for openSUSE 10.3 -- which went GM today :-(. Jim -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list