Re: [libvirt] [PATCH 2/2] qemu: launch bridge helper from libvirtd
On Sat, Apr 20, 2013 at 11:11:25AM +0200, Paolo Bonzini wrote:
<source type='bridge'> uses a helper application to do
the necessary
TUN/TAP setup to use an existing network bridge, thus letting
unprivileged users use TUN/TAP interfaces.
However, libvirt should be preventing QEMU from running any setuid
programs at all, which would include this helper program. From
a security POV, any setuid helper needs to be run by libvirtd itself,
not QEMU.
This is what this patch does. libvirt now invokes the setuid helper,
gets the TAP fd and then passes it to QEMU in the normal manner.
The path to the helper is specified in qemu.conf.
As a small advantage, this adds a <target dev='tap0'/> element to the
XML of an active domain using <interface type='bridge'>.
That's very good because it allows the network interfaces stats
API to work
Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com>
---
src/qemu/qemu_command.c | 133 +++++++++++++++++++++++++++++++++++-------------
src/qemu/qemu_command.h | 1 -
src/qemu/qemu_hotplug.c | 25 +++------
3 files changed, 106 insertions(+), 53 deletions(-)
ACK
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|