Re: RFC [3/3]: Lock manager usage scenarios

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Sep 20, 2010 at 03:47:11AM -0400, Itamar Heim wrote:
> > From: libvir-list-bounces@xxxxxxxxxx
> [mailto:libvir-list-bounces@xxxxxxxxxx]
> > On Behalf Of Daniel P. Berrange
> ...
> > > Could containers make isolation exceptions for
> > > - shared storage devices?
> > > - shared /var/run/sync_manager/watchdog/ so that the system watchdog
> > >   could monitor all sync_manager instances?
> > 
> > Yes, resources (files) from the primary OS can be exposed in the
> > container on a case by case basis & potentially be visible inside
> > many containers. If we did a full virtual chroot setup, then the
> > container would only be able to see designated paths. It is also
> > possible to hide the containers chroot heirarchy from the host
> > completely. In any case, we can share paths between containers and
> > the host as needed.
> > 
> > A process inside the container would not be able to see any processes
> > outside the container. Processes outside can, however, see processes
> > inside the container, but its view of the PIDs will be different.
> > eg PID 1 inside the container may be PID 2345 outside.
> > 
> > The point I was trying to make, is that if the supervisor process
> > wants to connect back to a central lock daemon directly this might
> > run into trouble. If the supervisor process only needs to access
> > file resources on disk, it should be fine.
> [IH] how would Libvirt know to give security context to the leases area of
> the VM? it would be a different implementation per lock manager (say, I'd
> like to lock a row in a central remote db for this)?

That's easy enough to handle. If it is a shared lease file between all
VMs, then presumably that needs to be created ahead of time. SElinux
policy can defined a suitable default label, or the label can be set
as part of creation process. If there is a per-VM lease file that needs
the per-VM security context, then this can be specified as a config
parameter in the VM XML. If its a remote DB, then we don't need to care
about it.

Daniel
-- 
|: Red Hat, Engineering, London    -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org        -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]