On 12/05/2014 04:18 AM, Daniel P. Berrange wrote: > On Fri, Dec 05, 2014 at 12:12:46PM +0100, Michal Privoznik wrote: >> From: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> >> >> If a user doesn't specify script in network type ethernet, assume >> that he/she needs a simple tap device created by libvirt. This >> commit does not need to run external script to create tap device >> or add root to qemu process. Moreover, some functions need to be >> mocked now for qemuxml2argvtest, e.g. virNetDevTapCreate() or >> virNetDevSetOnline(). > > Hmm, even if the user does provide a script, perhaps libvirt could > create the TAP device *and* run the script itself. This would finally > allow us to run QEMU unprivileged with type=ethernet in all cases. > eg take QEMU entirely out of the picture for NIC setup Don't we still have to mark things as tainted, and be careful that executing an arbitrary script is not going to hose the host if a less-privileged user (such as via fine-grained ACLs) passes a suspicious script? -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list