On Tue, 17 Aug 2010, Daniel P. Berrange wrote:
The 'virsh console' command has been an oddity that only works
when run locally, as the same UID as the QEMU instance. This
is because it directly opens /dev/pty/XXX. This introduces a
formal API for accessing consoles that uses the virStreamPtr
APIs. Now any app can open consoles anywhere it can connect
to libvirt
This and the patches look LOVELY --- thank you
We presently need to involve an admin level staffer to get
onto the hosting box in question to be able to see the OOM,
kernel, and other messages leaking out, and indeed to try to
connect to a wedged instance. We had it happen just last week
Getting network socket transport will solve a lot for us.
Some authentication layer (PKI key mediated access comes to
mind, similar to keyed SSH access), or ACL's to permit
exposing specific consoles to specific end customers would
close the loop
-- Russ herrold
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list