Re: [libvirt] [PATCH 4/4] qemu: make qemu processes to retain capabilities
On Mon, Jan 30, 2012 at 06:11:50PM +0900, Taku Izumi wrote:
This patch revises qemuProcessStart() function for qemu
processes to retain arbitrary capabilities.
Signed-off-by: Taku Izumi <izumi.taku(a)jp.fujitsu.com>
Signed-off-by: Shota Hirae <m11g1401(a)hibikino.ne.jp>
---
src/qemu/qemu_process.c | 1 +
1 file changed, 1 insertion(+)
Index: libvirt/src/qemu/qemu_process.c
===================================================================
--- libvirt.orig/src/qemu/qemu_process.c
+++ libvirt/src/qemu/qemu_process.c
@@ -3334,6 +3334,7 @@ int qemuProcessStart(virConnectPtr conn,
driver->clearEmulatorCapabilities);
if (driver->clearEmulatorCapabilities)
virCommandClearCaps(cmd);
+ virCommandAllowCap(cmd, vm->def->process_caps);
Following on from my command in the first patch, we should be doing
for (i = 0 ; i < vm->def->ndisks ; i++) {
if (vm->def->disks[i].rawio)
virCommandAllowCap(cmd, CAP_SYS_RAWIO);
}
And, in qemuDomainObjCheckDiskTaint() you need to add code which
does
if (disk->rawio)
qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, logFD);
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|