On Tue, Jul 01, 2008 at 11:56:25AM -0400, Daniel Veillard wrote: > On Tue, Jul 01, 2008 at 04:21:38PM +0100, John Levon wrote: > > > > See implementation here: > > > > http://cr.opensolaris.org/~johnlev/virt-console/ > > > > (inside libvirt.hg/patches/libvirt/virt-console) > > Hum :-) > > ++ * Daniel Berrange <berrange@xxxxxxxxxx> > ++ * > ++ * Copyright 2008 Sun Microsystems, Inc. All rights reserved. > > > This splits virsh console into a separate binary to allow it to be > > setuid-root on Solaris (where we check permissions then drop privilege). > > It also fixes a number of RFEs > > > > This is against 0.4.0, so it's not ready for merging yet (I hope to get > > it forward ported at some point). > > I may be mistaken but this seems to basically be limited to console > for domains running on the local machine, and hum, I doubt it's really > a good approach. Seems to me it's better to talk to the vnc (or other > protocol used to connect remotely) export of the console, and get rid > of the 'localhost only' limitation. But I may very well have missed > something. This is the same limitation as the existing 'virsh console' - John's merely splitting it into a separate binary, which is what I previously suggested for making the solaris privilege separation work better in the context of virsh. It is also only intended to be used for the text console - we've already got perfectly good clients for the remote graphical VNC console. Regards, Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list