On Mon, Jan 30, 2012 at 06:11:50PM +0900, Taku Izumi wrote:
>
> This patch revises qemuProcessStart() function for qemu
> processes to retain arbitrary capabilities.
>
> Signed-off-by: Taku Izumi <izumi.taku@xxxxxxxxxxxxxx>
> Signed-off-by: Shota Hirae <m11g1401@xxxxxxxxxxxxxx>
> ---
> src/qemu/qemu_process.c | 1 +
> 1 file changed, 1 insertion(+)
>
> Index: libvirt/src/qemu/qemu_process.c
> ===================================================================
> --- libvirt.orig/src/qemu/qemu_process.c
> +++ libvirt/src/qemu/qemu_process.c
> @@ -3334,6 +3334,7 @@ int qemuProcessStart(virConnectPtr conn,
> driver->clearEmulatorCapabilities);
> if (driver->clearEmulatorCapabilities)
> virCommandClearCaps(cmd);
> + virCommandAllowCap(cmd, vm->def->process_caps);
Following on from my command in the first patch, we should be doing
for (i = 0 ; i < vm->def->ndisks ; i++) {
if (vm->def->disks[i].rawio)
virCommandAllowCap(cmd, CAP_SYS_RAWIO);
}
And, in qemuDomainObjCheckDiskTaint() you need to add code which
does
if (disk->rawio)
qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, logFD);
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list