On 01/20/2012 07:25 AM, Taku Izumi wrote:
OK. I'll try to implement like this way.
No, I think your current patch is fine. Perhaps in the future we can try to implement cgroup-based whitelists in the kernel.
In any case adding rawio (which is a per-process capability) to a <disk> element would be wrong.
Paolo -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list