On 07/25/2013 11:06 AM, Daniel P. Berrange wrote:
On Sat, Jul 20, 2013 at 07:46:33AM -0400, dwalsh@redhat.com wrote:
From: Dan Walsh <dwalsh@redhat.com>
Openshift wants to have their gears stuck into a container when they login to the system. virt-login-shell will join a running gear with the username of the person running it, or attempt to start the container if it is not running. (Currently containers do not exist if they are not running, so I can not test this feature. But the code is there).
This tool needs to be setuid since joining a container (nsjoin) requires privs. The root user is not allowed to execute this command. When this tool is run by a normal user it will only join the "users" container.
Only users who are listed as valid_users in /etc/libvirt/virt-login-shell.conf are allowed to join containers using this tool. By default no users are allowed. ---
ACK to this patch.
Technically since we're post freeze we shouldn't commit this until 1.1.2, but since this is an entirely new program perhaps we could make an exception here ? Thoughts ?
It was posted pre-freeze; the only reason it didn't make freeze was lack of timely review.
It doesn't hugely matter either way, it'd just make life a little easier to have it in 1.1.1
I see little risk in including it in 1.1.1, since it really is a new feature without touching existing code. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org