On 11/12/2015 12:19 PM, Daniel P. Berrange wrote: > Currently the QEMU stdout/stderr streams are written directly to > a regular file (eg /var/log/libvirt/qemu/$GUEST.log). While those > can be rotated by logrotate (using copytruncate option) this is > not very efficient. It also leaves open a window of opportunity > for a compromised/broken QEMU to DOS the host filesystem by > writing lots of text to stdout/stderr. > > This makes it possible to connect the stdout/stderr file handles > to a pipe that is provided by virtlogd. The virtlogd daemon will > read from this pipe and write data to the log file, performing > file rotation whenever a pre-determined size limit is reached. > > Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> > --- > cfg.mk | 2 +- > src/qemu/libvirtd_qemu.aug | 1 + > src/qemu/qemu.conf | 15 ++++ > src/qemu/qemu_conf.c | 18 +++++ > src/qemu/qemu_conf.h | 1 + > src/qemu/qemu_domain.c | 153 ++++++++++++++++++++++++++----------- > src/qemu/test_libvirtd_qemu.aug.in | 1 + > 7 files changed, 145 insertions(+), 46 deletions(-) > ACK John -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list