I'm still totally against this. FD passing is a nice feature for sandboxing, but the passing should be between closely cooperating programs. We'll need a tool shipped from the qemu source tree to open and set up the FDs, and not someone external. With that setup in place we can use a protocol similar to the various OpenBSD privilegue separated deaemons to also allow reopening / snapshots / etc. Opening fds in libvirt and passing them into qemu is exactly the wrong way, and just cements the current horrors where libvirt duplicates parsing of image format headers. -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list