Re: [libvirt] [PATCH 0/9] Add ability to connect to LXC namespaces
On Wed, Dec 26, 2012 at 10:43:56AM +0900, Kamezawa Hiroyuki wrote:
(2012/12/22 2:08), Daniel P. Berrange wrote:
>This series introduces an LXC specific library libvirt-lxc.so
>which adds ability for a process to connect to the namespaces
>used by an LXC container from outside. It uses FD passing
>magic to allow the caller to connect, even if it is not root.
>
Can any user can execute any commands in a LXC guest by
# virsh -c lxc:/// lxc-enter-namespace demo -- <command>
without any limitation ?
Well you need to be authorized to connect to lxc:/// first,
which by default requires you to authorize as root on the
host
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|