Re: [libvirt] [PATCHv3 3/2] qemu: don't request cgroup ACL access for /dev/net/tun
On 03/10/2011 09:27 AM, Laine Stump wrote:
On 03/09/2011 05:12 PM, Eric Blake wrote:
> Since libvirt always passes /dev/net/tun to qemu via fd, we should
> never trigger the cases where qemu tries to directly open the
> device. Therefore, it is safer to deny the cgroup device ACL.
>
> * src/qemu/qemu_cgroup.c (defaultDeviceACL): Remove /dev/net/tun.
> * src/qemu/qemu.conf (cgroup_device_acl): Reflect this change.
> - "/dev/rtc", "/dev/hpet",
"/dev/net/tun",
> + "/dev/rtc", "/dev/hpet",
> NULL,
> };
> #define DEVICE_PTY_MAJOR 136
ACK.
Thanks; pushed (actually, I pushed this prior to 2/2).
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)