> Did you just echo the main qemu-kvm PID, or did you also > add the PIDs of every thread too ? From this description > of the problem, I'd guess you've only confined the main > process thread and thus the I/O & VCPU threads are not > confined. That was indeed correct. I was mislead by the fact that no child _processes_ were shown in ps. Once I added /proc/<qemu-pid>/tasks/* to tasks, it worked even when libvirt started the process. Thank you very much! Dominik -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list