Re: [libvirt] [PATCH v3 0/5] RFC: grant KVM guests retain arbitrary capabilities
On 01/20/2012 07:25 AM, Taku Izumi wrote:
OK. I'll try to implement like this way.
No, I think your current patch is fine. Perhaps in the future we can
try to implement cgroup-based whitelists in the kernel.
In any case adding rawio (which is a per-process capability) to a <disk>
element would be wrong.
Paolo