12 Dec
2014
12 Dec
'14
4:24 p.m.
Thanks. How are the rules managed so as to fit the VM system calls? Is tuning possible? recommended? Regards, 2014-12-09 17:32 GMT+01:00 Michal Privoznik <mprivozn@redhat.com>:
On 09.12.2014 15:24, Raymond Durand wrote:
How is libseccomp used/enabled/configured with KVM/QEMU Hypervisor?
You need to set seccomp_sandbox=1 in /etc/libvirt/qemu.conf and restart libvirtd. From now on, any qemu/kvm guest that libvirt starts will use seccomp or fail if qemu binary doesn't support it.
Michal