Re: [libvirt] libseccomp and KVM
Thanks.
How are the rules managed so as to fit the VM system calls?
Is tuning possible? recommended?
Regards,
2014-12-09 17:32 GMT+01:00 Michal Privoznik <mprivozn(a)redhat.com>:
On 09.12.2014 15:24, Raymond Durand wrote:
> How is libseccomp used/enabled/configured with KVM/QEMU Hypervisor?
>
You need to set seccomp_sandbox=1 in /etc/libvirt/qemu.conf and restart
libvirtd. From now on, any qemu/kvm guest that libvirt starts will use
seccomp or fail if qemu binary doesn't support it.
Michal
Attachments:
- attachment.html (text/html — 1.0 KB)