On Fri, Mar 06, 2015 at 10:38:16PM -0500, Adam Smith wrote: > Dear all, > > I have been trying to set up the set up Libvirt Sandbox without success. > > I want to use virt-sandbox in order to run untrusted programs in a secure > environment. I am had no knowledge about virtualization until a couple of > days ago, so I am probably doing something wrong. > > The scenario is the following: > Linode instance. OS that I have tried: Ubuntu 14.04, Ubuntu 14, Fedora 21. > Both compiling from source and installing the pre-compiled packages. But I > always reach the same error: > > """ > > $ virt-sandbox -c qemu:///session /bin/date > > Unable to start sandbox: Kernel module dir > /lib/modules/3.18.5-x86_64-linode52/kernel does not exist > > """ > > I have been told by the guys of Linode that: > > "The kernels we use are completely compiled and do not utilize modules. In > addition, the kernels are loaded from the host rather than the /boot > directory" > > Any hints to solve this issue? Is the only solution to compile my own > kernel? No need to compile a kernel - you should still be able to install the regular kernel DPKG from Ubuntu repositories. Then you just have to tell libvirt-sandbox to use that - see the '--kernver', '--kernpath' and '--kmodpath' command line arguments described in the virt-sandbox manpage. > Also, if I decide to use a service like Linode, AWS, Digital Ocean...then > the server that I would be using would be already a virtual server. Is it a > problem to run virt-sandbox within a server which is already a virtual > server? I'm assuming that Linode do /not/ enable use of nested KVM, so either you will have to use plain QEMU which will be slower, or you will have to use LXC which will be fast but not secure against determined malicious code. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
