[PATCH v4 0/5] Per-guest configurable user/group for QEMU processes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a v4 patch series that updates the libvirt's security driver mechanism to support per-guest configurable user and group for QEMU processes running together with other security drivers, such as SELinux and AppArmor.

Marcelo Cerri (5):
  Internal refactory of data structures
  Multiple security drivers in XML data
  Update security layer to handle many security labels
  Support for multiple default security drivers in QEMU config
  Update the remote API

 daemon/remote.c                                    |   63 ++++
 docs/formatdomain.html.in                          |   11 +-
 docs/schemas/capability.rng                        |   18 +-
 docs/schemas/domaincommon.rng                      |   30 ++-
 include/libvirt/libvirt.h.in                       |    2 +
 python/generator.py                                |    1 +
 src/conf/capabilities.c                            |   17 +-
 src/conf/capabilities.h                            |    6 +-
 src/conf/domain_audit.c                            |   14 +-
 src/conf/domain_conf.c                             |  343 +++++++++++++++-----
 src/conf/domain_conf.h                             |   20 +-
 src/driver.h                                       |    4 +
 src/libvirt.c                                      |   47 +++
 src/libvirt_private.syms                           |    5 +
 src/libvirt_public.syms                            |    1 +
 src/lxc/lxc_conf.c                                 |    8 +-
 src/lxc/lxc_controller.c                           |    8 +-
 src/lxc/lxc_driver.c                               |   11 +-
 src/lxc/lxc_process.c                              |   23 +-
 src/qemu/qemu.conf                                 |    6 +-
 src/qemu/qemu_conf.c                               |   38 ++-
 src/qemu/qemu_conf.h                               |    2 +-
 src/qemu/qemu_driver.c                             |  218 +++++++++++---
 src/qemu/qemu_process.c                            |   50 ++-
 src/remote/remote_driver.c                         |   46 +++
 src/remote/remote_protocol.x                       |   17 +-
 src/remote_protocol-structs                        |   11 +
 src/security/security_apparmor.c                   |  118 +++++--
 src/security/security_dac.c                        |  324 +++++++++++++++++--
 src/security/security_manager.c                    |  101 +++++--
 src/security/security_manager.h                    |    8 +-
 src/security/security_selinux.c                    |  263 +++++++++++-----
 src/security/security_stack.c                      |  237 +++++++++-----
 src/security/security_stack.h                      |   13 +
 src/test/test_driver.c                             |   11 +-
 .../qemuxml2argv-seclabel-dynamic-override.xml     |    4 +-
 .../qemuxml2argv-seclabel-dynamic.xml              |    2 +-
 37 files changed, 1653 insertions(+), 448 deletions(-)

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]