[libvirt] libvirt and dmesg
Hi all, il try to find the way to obtain the same use as in the lxc config file lxc.kmsg=0 how to do that, with the xml of a lxc domain, i make lot of try without success . is there another way to deny access to the dmesg for a libvirt lxc domain ? --- Kogitae AE Infogérance Linux / Administrateur Système le Domaine Picard 21-23 rue de la cornée 70800 Anjeux -------------------------- Tel : +33 (0)3 68 33 53 64 IRC : http://kogitae.fr/irc ------------------------------------ 9h-12h & 14h-18h / Lundi au Vendredi Sur RDV en dehors
Hello Pierre-Jacques, First note that you posted your message on the developer's mailing list. For such user questions, rather email: https://www.redhat.com/mailman/listinfo/libvirt-users According to https://linuxcontainers.org/lxc/manpages//man5/lxc.container.conf.5.html lxc.kmsg is only used to symlink /dev/kmsg to /dev/console. Thus setting this to 0 only results in the lack of that symlink. libvirt doesn't setup this link at all, may be it is coming from the lxc domain root file system. On Wed, 2017-03-15 at 08:49 +0100, Michel Pierre-Jacques wrote:
Hi all, il try to find the way to obtain the same use as in the lxc config file lxc.kmsg=0
how to do that, with the xml of a lxc domain, i make lot of try without success .
is there another way to deny access to the dmesg for a libvirt lxc domain ?
From what I see, dmesg doesn't necessarily requires /dev/kmsg (at least on opensuse). So blocking it may be more tricky. May be you should tell us more how you setup your container.
-- Cedric
thank's Cedric i try this way, like i do with lxcfs and libvirt for having good counter on the lxc domain side ( RAM / disk / CPu ) i post her because i'm not sure it's a way of using or a limit of libvirt, i try the other mailing list too in the future On Wed, 15 Mar 2017 09:53:15 +0100 Cedric Bosdonnat <cbosdonnat@suse.com> wrote:
Hello Pierre-Jacques,
First note that you posted your message on the developer's mailing list. For such user questions, rather email: https://www.redhat.com/mailman/listinfo/libvirt-users
According to https://linuxcontainers.org/lxc/manpages//man5/lxc.container.conf.5.html lxc.kmsg is only used to symlink /dev/kmsg to /dev/console. Thus setting this to 0 only results in the lack of that symlink. libvirt doesn't setup this link at all, may be it is coming from the lxc domain root file system.
On Wed, 2017-03-15 at 08:49 +0100, Michel Pierre-Jacques wrote:
Hi all, il try to find the way to obtain the same use as in the lxc config file lxc.kmsg=0
how to do that, with the xml of a lxc domain, i make lot of try without success .
is there another way to deny access to the dmesg for a libvirt lxc domain ?
From what I see, dmesg doesn't necessarily requires /dev/kmsg (at least on opensuse). So blocking it may be more tricky. May be you should tell us more how you setup your container.
-- Cedric
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
--- Kogitae AE Infogérance Linux / Administrateur Système le Domaine Picard 21-23 rue de la cornée 70800 Anjeux -------------------------- Tel : +33 (0)3 68 33 53 64 IRC : http://kogitae.fr/irc ------------------------------------ 9h-12h & 14h-18h / Lundi au Vendredi Sur RDV en dehors
participants (2)
-
Cedric Bosdonnat -
Michel Pierre-Jacques