On 04/26/2010 09:38 AM, Avi Kivity wrote:
On 04/26/2010 05:28 PM, Anthony Liguori wrote:
>> Or a library that the user-written launcher calls. Or a plugin that
>> qemud calls.
>
>
> A plugin would lose the security context. It could attempt to
> recreate it that seems like a lot of unnecessary complexity.
>
A plugin would create the security context instead of the launcher.
Currently security contexts are created by the login process.
It's not always that centralized. An initial context is created by the
login process, but then later something may come along and create a
network namespace as part of containerization.
We could easily reuse that. Any other security context code would
be custom written; so it can be written as a qemud plugin instead of a
bit of code that goes before a qemu launch.
I think we're mostly in agreement with respect to the need to have more
control over the security context the qemu runs in. Whether it's
launched via a daemon or directly I think is an implementation detail
that we can debate when we get closer to an actual implementation.
Regards,
Anthony Liguori