I pleased to announce the a new public release of libvirt-sandbox, version 0.2.0, is now available for download ftp://libvirt.org/libvirt/sandbox/ The packages are GPG signed with Key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF (4096R) The libvirt-sandbox package provides an API layer on top of libvirt-gobject which facilitates the cration of application sandboxes using virtualization technology. An application sandbox is a virtual machine or container that runs a single application binary, directly from the host OS filesystem. In other words there is no separate guest operating system install to build or manager. At this point in time libvirt-sandbox can create sandboxes using either LXC or KVM, and should in theory be extendable to any libvirt driver. This release has focused entirely on improving the virt-sandbox-service tool Changed in this release: - Requires systemd >= 198 - Fix termination of interactive sandbox client to avoid loosing final I/O - Stop hardcoding default security label - Misc docs typos / fixes - Fix infinite loop handling security opts - Mandate enablement of introspection - Handle NULL broadcast address for NICs - Don't assume /var/log/journal exists - Improve rollback if creation of service sandbox fails - Block host NICs from sandbox - Sanity check requested network config - Fix sandbox journal location to be a dir not a file - Fix parsing of --security option - Change virt-sandbox-service to use --security opts instead of SELinux specific -l/-t/-d args - Replace use of YUM with RPM to improve performance - Send dhclient output to /dev/null - Avoid getting stuck in waitpid if non-primary process exits - Allow choice of host virtual networks - Support network config with virt-sandbox-service - Do not create any NIC in service sandbox by default - Cope with SELinux label lacking a category pair - Delay dropping credentials until after ttys are opened - Fix tty permissions in QEMU init helper to be 0700 instead of 0777 - Add support for non-systemd service containers - Add support for i18n of all output strings - Remove hardcoding of lxc:/// in virt-sandbox-service - Correctly handle EOF from raw console - Improve I/O performance of virt-sandbox - Allow custom uid/gid for generic service sandboxes - Do not run debug shell in service sandboxes - Add --package option to virt-sandbox-service for cases where the unit file is not owned by an RPM - Use drop in systemd service override, instead of includes - Support templated systemd service units Thanks to everyone who contributed to this release Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|