11:10 a.m.
is there a mechanism for customizing VMM settings on a per-user
basis? i ask since i'd like to test guestfish and libguestfs on a
recently-created VM but, by default, new VM images are created in
/var/lib/libvirt/images, and that directory is not accessible to
non-root users.
as a non-root user, if i was about to start working with VMs, i'd
like to be able to invoke "virt-manager" and, *before* creating any
VMs, set some config options, such as where my images are going to go
(ideally, in a personal images directory). that would make those
images accessible to my account.
but if i fire up "virt-manager", i can see "Edit" ->
"Preferences"
but that doesn't allow me that kind of per-user configuration. does
that kind of configuration even exist? and, with those default
settings and permissions, how *would* one use libguestfs and guestfish
as a regular user?
or am i once again missing something critical?
rday
--
========================================================================
Robert P. J. Day Waterloo, Ontario, CANADA
Linux Consulting, Training and Annoying Kernel Pedantry.
Web page: http://crashcourse.ca
Linked In: http://www.linkedin.com/in/rpjday
Twitter: http://twitter.com/rpjday
========================================================================
12:15 p.m.
On 04/21/2009 12:10 PM, Robert P. J. Day wrote:
is there a mechanism for customizing VMM settings on a per-user
basis? i ask since i'd like to test guestfish and libguestfs on a
recently-created VM but, by default, new VM images are created in
/var/lib/libvirt/images, and that directory is not accessible to
non-root users.
as a non-root user, if i was about to start working with VMs, i'd
like to be able to invoke "virt-manager" and, *before* creating any
VMs, set some config options, such as where my images are going to go
(ideally, in a personal images directory). that would make those
images accessible to my account.
but if i fire up "virt-manager", i can see "Edit" ->
"Preferences"
but that doesn't allow me that kind of per-user configuration. does
that kind of configuration even exist? and, with those default
settings and permissions, how *would* one use libguestfs and guestfish
as a regular user?
Per user configuration is handled by gconf, so if user1 changed a
setting in Preferences, user2 would still have the default.
However, there is no global way yet to change what the 'default' storage
location is. There is a place in the new VM wizard to type in a manual
path to provision (such as your home directory), which would then allow
you to use libguestfs on it.
- Cole
1:07 p.m.
On Tue, 21 Apr 2009, Cole Robinson wrote:
Per user configuration is handled by gconf, so if user1 changed a
setting in Preferences, user2 would still have the default.
However, there is no global way yet to change what the 'default'
storage location is. There is a place in the new VM wizard to type
in a manual path to provision (such as your home directory), which
would then allow you to use libguestfs on it.
so is there a simple way to move an existing VM disk image from one
location to another that doesn't confuse the VMM?
rday
--
========================================================================
Robert P. J. Day Waterloo, Ontario, CANADA
Linux Consulting, Training and Annoying Kernel Pedantry.
Web page: http://crashcourse.ca
Linked In: http://www.linkedin.com/in/rpjday
Twitter: http://twitter.com/rpjday
========================================================================
1:18 p.m.
On 04/21/2009 02:07 PM, Robert P. J. Day wrote:
On Tue, 21 Apr 2009, Cole Robinson wrote:
> Per user configuration is handled by gconf, so if user1 changed a
> setting in Preferences, user2 would still have the default.
>
> However, there is no global way yet to change what the 'default'
> storage location is. There is a place in the new VM wizard to type
> in a manual path to provision (such as your home directory), which
> would then allow you to use libguestfs on it.
so is there a simple way to move an existing VM disk image from one
location to another that doesn't confuse the VMM?
Not sure what you mean by confuse VMM, but there isn't any way to move
around disk images in virt-manager. If you create a guest with disk at
/foo/disk.img, then move the image to /bar/disk.img, the old libvirt
guest configuration won't know where the disk is anymore.
You can remove the virtual disk from the VM in virt-manager, then add a
new virtual disk pointing to the new path. Or you can use 'virsh edit
vmname' from the command line and change the path.
- Cole
2:45 p.m.
On Tue, 21 Apr 2009, Cole Robinson wrote:
On 04/21/2009 02:07 PM, Robert P. J. Day wrote:
> On Tue, 21 Apr 2009, Cole Robinson wrote:
>
>> Per user configuration is handled by gconf, so if user1 changed a
>> setting in Preferences, user2 would still have the default.
>>
>> However, there is no global way yet to change what the 'default'
>> storage location is. There is a place in the new VM wizard to
>> type in a manual path to provision (such as your home directory),
>> which would then allow you to use libguestfs on it.
>
> so is there a simple way to move an existing VM disk image from
> one location to another that doesn't confuse the VMM?
Not sure what you mean by confuse VMM, but there isn't any way to move
around disk images in virt-manager.
right, i noticed that. however, ...
If you create a guest with disk at /foo/disk.img, then move the
image to /bar/disk.img, the old libvirt guest configuration won't
know where the disk is anymore.
so where does virt-manager keep track of where the various images
are? obviously, if that was easily editable, that would be a
solution. but, as you say, the current incarnation of virt-manager
doesn't support that.
You can remove the virtual disk from the VM in virt-manager, then
add a new virtual disk pointing to the new path.
um ... you can? how? as in, how through the graphical
virt-manager? i'm assuming what you mean is that you can take an
*existing* VM image file and somehow register it with the current VMM.
or are you talking about something else?
Or you can use 'virsh edit vmname' from the command line and
change
the path.
i'm not sure how that solves the problem once you move that image
elsewhere and virt-manager can't find it. or am i just being confused
again?
rday
--
========================================================================
Robert P. J. Day Waterloo, Ontario, CANADA
Linux Consulting, Training and Annoying Kernel Pedantry.
Web page: http://crashcourse.ca
Linked In: http://www.linkedin.com/in/rpjday
Twitter: http://twitter.com/rpjday
========================================================================
2:51 p.m.
On Tue, Apr 21, 2009 at 03:45:41PM -0400, Robert P. J. Day wrote:
> Or you can use 'virsh edit vmname' from the command line
and change
> the path.
i'm not sure how that solves the problem once you move that image
elsewhere and virt-manager can't find it. or am i just being confused
again?
'virsh edit' is exactly what you want to do. That edits the libvirt
configuration for a VM, which is what virt-manager and the other tools
all use.
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/
2:58 p.m.
On Tue, 21 Apr 2009, Richard W.M. Jones wrote:
On Tue, Apr 21, 2009 at 03:45:41PM -0400, Robert P. J. Day wrote:
> > Or you can use 'virsh edit vmname' from the command line and
> > change the path.
>
> i'm not sure how that solves the problem once you move that
> image elsewhere and virt-manager can't find it. or am i just
> being confused again?
'virsh edit' is exactly what you want to do. That edits the libvirt
configuration for a VM, which is what virt-manager and the other
tools all use.
ah, gotcha ... and with that, i can modify both the name of the VM
and its image file path. that's what i was looking for, thanks. i
really have to finish reading all the help files one of these days.
rday
--
========================================================================
Robert P. J. Day Waterloo, Ontario, CANADA
Linux Consulting, Training and Annoying Kernel Pedantry.
Web page: http://crashcourse.ca
Linked In: http://www.linkedin.com/in/rpjday
Twitter: http://twitter.com/rpjday
========================================================================
3 p.m.
On 04/21/2009 03:45 PM, Robert P. J. Day wrote:
On Tue, 21 Apr 2009, Cole Robinson wrote:
> On 04/21/2009 02:07 PM, Robert P. J. Day wrote:
>> On Tue, 21 Apr 2009, Cole Robinson wrote:
>>
>>> Per user configuration is handled by gconf, so if user1 changed a
>>> setting in Preferences, user2 would still have the default.
>>>
>>> However, there is no global way yet to change what the 'default'
>>> storage location is. There is a place in the new VM wizard to
>>> type in a manual path to provision (such as your home directory),
>>> which would then allow you to use libguestfs on it.
>> so is there a simple way to move an existing VM disk image from
>> one location to another that doesn't confuse the VMM?
> Not sure what you mean by confuse VMM, but there isn't any way to move
> around disk images in virt-manager.
right, i noticed that. however, ...
> If you create a guest with disk at /foo/disk.img, then move the
> image to /bar/disk.img, the old libvirt guest configuration won't
> know where the disk is anymore.
so where does virt-manager keep track of where the various images
are? obviously, if that was easily editable, that would be a
solution. but, as you say, the current incarnation of virt-manager
doesn't support that.
For starters, virt-manager keeps track of barely anything itself. Most
info about storage or VMs is received from libvirt.
That said, I'm not sure I understand exactly what you want. Could you
lay out:
- The exact steps you are taking
- What you would like/expect to see from vmm/libvirt
- What you are actually seeing from vmm/libvirt
> You can remove the virtual disk from the VM in virt-manager,
then
> add a new virtual disk pointing to the new path.
um ... you can? how? as in, how through the graphical
virt-manager? i'm assuming what you mean is that you can take an
*existing* VM image file and somehow register it with the current VMM.
or are you talking about something else?
On F11:
- Select a shutoff VM in the manager window, hit the 'Open' button on
the bottom row.
- Select the details tab.
- Select the disk device (probably 'hda' or 'vda') whose path you changed
- Click the 'Remove' button on the bottom
- Click the 'Add Hardware' button on the bottom left
- Select 'Storage', click 'Next'
- Browse->Browse Local->Select the new disk location
- Make sure 'Device Type' is the same as the original disk
- Next->Finish
Hope that helps,
Cole
> Or you can use 'virsh edit vmname' from the command line
and change
> the path.
i'm not sure how that solves the problem once you move that image
elsewhere and virt-manager can't find it. or am i just being confused
again?
rday
--
========================================================================
Robert P. J. Day Waterloo, Ontario, CANADA
Linux Consulting, Training and Annoying Kernel Pedantry.
Web page: http://crashcourse.ca
Linked In: http://www.linkedin.com/in/rpjday
Twitter: http://twitter.com/rpjday
========================================================================
1:12 p.m.
On Tue, Apr 21, 2009 at 12:10:31PM -0400, Robert P. J. Day wrote:
is there a mechanism for customizing VMM settings on a per-user
basis? i ask since i'd like to test guestfish and libguestfs on a
recently-created VM but, by default, new VM images are created in
/var/lib/libvirt/images, and that directory is not accessible to
non-root users.
as a non-root user, if i was about to start working with VMs, i'd
like to be able to invoke "virt-manager" and, *before* creating any
VMs, set some config options, such as where my images are going to go
(ideally, in a personal images directory). that would make those
images accessible to my account.
but if i fire up "virt-manager", i can see "Edit" ->
"Preferences"
but that doesn't allow me that kind of per-user configuration. does
that kind of configuration even exist? and, with those default
settings and permissions, how *would* one use libguestfs and guestfish
as a regular user?
or am i once again missing something critical?
There are two classes of libvirt driver connection
- Privileged, per-host connections
- Unprivileged, per-user connections
Xen provides a per-host connection. UserModeLinux and QEMU provide
both (qemu:///system and qemu:///session). VirtualBox just proivides
a per-user instance (vbox:///session) and so on.
Now by default in Fedora, when connecting to QEMU, virt-manager will
use the privileged per-host connection, so VMs end up in the system
directory /var/lib/libvirt/images.
Our goal (perhaps for F12) should be for local desktop virt use
cases to use the unprivileged QEMU connection qemu://session
by default, and have VM disk images stored in your home directory
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
1:33 p.m.
New subject: customizing VMM on a per-user basis to use libguestfs?
On 04/21/2009 02:12 PM, Daniel P. Berrange wrote:
On Tue, Apr 21, 2009 at 12:10:31PM -0400, Robert P. J. Day wrote:
> is there a mechanism for customizing VMM settings on a per-user
> basis? i ask since i'd like to test guestfish and libguestfs on a
> recently-created VM but, by default, new VM images are created in
> /var/lib/libvirt/images, and that directory is not accessible to
> non-root users.
>
> as a non-root user, if i was about to start working with VMs, i'd
> like to be able to invoke "virt-manager" and, *before* creating any
> VMs, set some config options, such as where my images are going to go
> (ideally, in a personal images directory). that would make those
> images accessible to my account.
>
> but if i fire up "virt-manager", i can see "Edit" ->
"Preferences"
> but that doesn't allow me that kind of per-user configuration. does
> that kind of configuration even exist? and, with those default
> settings and permissions, how *would* one use libguestfs and guestfish
> as a regular user?
>
> or am i once again missing something critical?
There are two classes of libvirt driver connection
- Privileged, per-host connections
- Unprivileged, per-user connections
Xen provides a per-host connection. UserModeLinux and QEMU provide
both (qemu:///system and qemu:///session). VirtualBox just proivides
a per-user instance (vbox:///session) and so on.
Now by default in Fedora, when connecting to QEMU, virt-manager will
use the privileged per-host connection, so VMs end up in the system
directory /var/lib/libvirt/images.
Our goal (perhaps for F12) should be for local desktop virt use
cases to use the unprivileged QEMU connection qemu://session
by default, and have VM disk images stored in your home directory
How would we allow KVM access? Unix groups or something else?
- Cole
2:04 p.m.
New subject: customizing VMM on a per-user basis to use libguestfs?
On Tue, Apr 21, 2009 at 02:33:54PM -0400, Cole Robinson wrote:
On 04/21/2009 02:12 PM, Daniel P. Berrange wrote:
> On Tue, Apr 21, 2009 at 12:10:31PM -0400, Robert P. J. Day wrote:
>> is there a mechanism for customizing VMM settings on a per-user
>> basis? i ask since i'd like to test guestfish and libguestfs on a
>> recently-created VM but, by default, new VM images are created in
>> /var/lib/libvirt/images, and that directory is not accessible to
>> non-root users.
>>
>> as a non-root user, if i was about to start working with VMs, i'd
>> like to be able to invoke "virt-manager" and, *before* creating any
>> VMs, set some config options, such as where my images are going to go
>> (ideally, in a personal images directory). that would make those
>> images accessible to my account.
>>
>> but if i fire up "virt-manager", i can see "Edit" ->
"Preferences"
>> but that doesn't allow me that kind of per-user configuration. does
>> that kind of configuration even exist? and, with those default
>> settings and permissions, how *would* one use libguestfs and guestfish
>> as a regular user?
>>
>> or am i once again missing something critical?
>
> There are two classes of libvirt driver connection
>
> - Privileged, per-host connections
> - Unprivileged, per-user connections
>
>
> Xen provides a per-host connection. UserModeLinux and QEMU provide
> both (qemu:///system and qemu:///session). VirtualBox just proivides
> a per-user instance (vbox:///session) and so on.
>
> Now by default in Fedora, when connecting to QEMU, virt-manager will
> use the privileged per-host connection, so VMs end up in the system
> directory /var/lib/libvirt/images.
>
> Our goal (perhaps for F12) should be for local desktop virt use
> cases to use the unprivileged QEMU connection qemu://session
> by default, and have VM disk images stored in your home directory
>
How would we allow KVM access? Unix groups or something else?
Two options
- A UNIX group for /dev/kvm
- Just make it world writable
In theory now KVM no longer pins all guest RAM into host RAM, it is
reasonable safe to allow users to access it without any restrictions.
(eg option 2) Will need to confirm with KVM developers if this is
really so, but that was the intention last time i asked them.
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
11 a.m.
New subject: customizing VMM on a per-user basis to use libguestfs?
Daniel P. Berrange wrote:
On Tue, Apr 21, 2009 at 12:10:31PM -0400, Robert P. J. Day wrote:
> is there a mechanism for customizing VMM settings on a per-user
> basis? i ask since i'd like to test guestfish and libguestfs on a
> recently-created VM but, by default, new VM images are created in
> /var/lib/libvirt/images, and that directory is not accessible to
> non-root users.
>
> as a non-root user, if i was about to start working with VMs, i'd
> like to be able to invoke "virt-manager" and, *before* creating any
> VMs, set some config options, such as where my images are going to go
> (ideally, in a personal images directory). that would make those
> images accessible to my account.
>
> but if i fire up "virt-manager", i can see "Edit" ->
"Preferences"
> but that doesn't allow me that kind of per-user configuration. does
> that kind of configuration even exist? and, with those default
> settings and permissions, how *would* one use libguestfs and guestfish
> as a regular user?
>
> or am i once again missing something critical?
>
There are two classes of libvirt driver connection
- Privileged, per-host connections
- Unprivileged, per-user connections
Xen provides a per-host connection. UserModeLinux and QEMU provide
both (qemu:///system and qemu:///session). VirtualBox just proivides
a per-user instance (vbox:///session) and so on.
Now by default in Fedora, when connecting to QEMU, virt-manager will
use the privileged per-host connection, so VMs end up in the system
directory /var/lib/libvirt/images.
Our goal (perhaps for F12) should be for local desktop virt use
cases to use the unprivileged QEMU connection qemu://session
by default, and have VM disk images stored in your home directory
I'm not sure that home directory is where people would want images, I
suspect that an arbitrary location would be far more flexible. Using KVM
without a VMM, I can put images in someplace obvious, like
$HOME/virtual/Images (with install ISO images in ~/virtual/ISO) so my
virtual machines are not co-mingled with other things. My system stuff
is in /mnt/virtual/Images and people use it by using qemu-img to make a
local qcow2 images for their personal machines (including test config,
obviously).
Questions:
- did I make clear why some flexibility is desirable?
- is there any technical reason not to make this an arbitrary path?
--
bill davidsen <davidsen(a)tmr.com>
CTO TMR Associates, Inc
"You are disgraced professional losers. And by the way, give us our money
back."
- Representative Earl Pomeroy, Democrat of North Dakota
on the A.I.G. executives who were paid bonuses after a federal bailout.
11:25 a.m.
On Fri, Apr 24, 2009 at 12:00:13PM -0400, Bill Davidsen wrote:
I'm not sure that home directory is where people would want
images, I
suspect that an arbitrary location would be far more flexible. Using KVM
without a VMM, I can put images in someplace obvious, like
$HOME/virtual/Images (with install ISO images in ~/virtual/ISO) so my
virtual machines are not co-mingled with other things. My system stuff
is in /mnt/virtual/Images and people use it by using qemu-img to make a
local qcow2 images for their personal machines (including test config,
obviously).
Questions:
- did I make clear why some flexibility is desirable?
- is there any technical reason not to make this an arbitrary path?
You should note that this is primarily an SELinux labelling issue.
You can use virt-install to put the images wherever you like, but you
have to label that directory and/or the images with the correct label.
On F-10 something like this should work:
chcon system_u:object_r:virt_image_t:s0 /some/dir
virt-install --disk=path=/some/dir/image,size=10 [other virt-install opts...]
'Course you have to do both of those commands as root.
virt-manager also lets you specify the path when you create
file-backed guests.
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
New in Fedora 11: Fedora Windows cross-compiler. Compile Windows
programs, test, and build Windows installers. Over 70 libraries supprt'd
http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw
2:22 p.m.
New subject: customizing VMM on a per-user basis to use libguestfs?
On Fri, Apr 24, 2009 at 12:00:13PM -0400, Bill Davidsen wrote:
Daniel P. Berrange wrote:
>
>There are two classes of libvirt driver connection
>
> - Privileged, per-host connections
> - Unprivileged, per-user connections
>
>
>Xen provides a per-host connection. UserModeLinux and QEMU provide
>both (qemu:///system and qemu:///session). VirtualBox just proivides
>a per-user instance (vbox:///session) and so on.
>
>Now by default in Fedora, when connecting to QEMU, virt-manager will
>use the privileged per-host connection, so VMs end up in the system
>directory /var/lib/libvirt/images.
>
>Our goal (perhaps for F12) should be for local desktop virt use
>cases to use the unprivileged QEMU connection qemu://session
>by default, and have VM disk images stored in your home directory
>
I'm not sure that home directory is where people would want images, I
suspect that an arbitrary location would be far more flexible. Using KVM
without a VMM, I can put images in someplace obvious, like
$HOME/virtual/Images (with install ISO images in ~/virtual/ISO) so my
virtual machines are not co-mingled with other things. My system stuff
is in /mnt/virtual/Images and people use it by using qemu-img to make a
local qcow2 images for their personal machines (including test config,
obviously).
I hinted earlier, but there are 2 core use cases too
- Local desktop virtualization. eg developers / Vmware workstation use case
- Server virtualization
Thes respectively map onto the 2 types of libvirt connection I talk about
above
- Unprivileged, per-user connections
- Privileged, per-host connections
Now, when I then talk about directories, we're only talking about
the 'default' out of the box config, which respectively will be
something like
- $HOME/VirtualImages
- /var/lib/libvirt/images
Libvirt (and virt-manager) has extensive storage management APIs now,
and can easily deal with alternative locations for storing images.
So if these default ones aren't suitable, then it'll be perectly
fine to tell virt-manager all images should live in /mnt/virtual/Images
instead.
Questions:
- did I make clear why some flexibility is desirable?
We've nothing against flexibility - we're really just considering the
default out of the box config.
- is there any technical reason not to make this an arbitrary path?
Historically SELinux has wanted images in particular locations. With
the introduction of SVirt in libvirt, we have much more advanced
SELinux integration and will in fact automatically re-label images
to match the needs of a VM. So allowing arbitary locations *and*
still being in compliance with SELinux policy is now practical
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
3:23 p.m.
New subject: customizing VMM on a per-user basis to use libguestfs?
Daniel P. Berrange wrote:
On Fri, Apr 24, 2009 at 12:00:13PM -0400, Bill Davidsen wrote:
> Daniel P. Berrange wrote:
>
>> There are two classes of libvirt driver connection
>>
>> - Privileged, per-host connections
>> - Unprivileged, per-user connections
>>
>>
>> Xen provides a per-host connection. UserModeLinux and QEMU provide
>> both (qemu:///system and qemu:///session). VirtualBox just proivides
>> a per-user instance (vbox:///session) and so on.
>>
>> Now by default in Fedora, when connecting to QEMU, virt-manager will
>> use the privileged per-host connection, so VMs end up in the system
>> directory /var/lib/libvirt/images.
>>
>> Our goal (perhaps for F12) should be for local desktop virt use
>> cases to use the unprivileged QEMU connection qemu://session
>> by default, and have VM disk images stored in your home directory
>>
>>
> I'm not sure that home directory is where people would want images, I
> suspect that an arbitrary location would be far more flexible. Using KVM
> without a VMM, I can put images in someplace obvious, like
> $HOME/virtual/Images (with install ISO images in ~/virtual/ISO) so my
> virtual machines are not co-mingled with other things. My system stuff
> is in /mnt/virtual/Images and people use it by using qemu-img to make a
> local qcow2 images for their personal machines (including test config,
> obviously).
>
I hinted earlier, but there are 2 core use cases too
- Local desktop virtualization. eg developers / Vmware workstation use case
- Server virtualization
Thes respectively map onto the 2 types of libvirt connection I talk about
above
- Unprivileged, per-user connections
- Privileged, per-host connections
Now, when I then talk about directories, we're only talking about
the 'default' out of the box config, which respectively will be
something like
- $HOME/VirtualImages
- /var/lib/libvirt/images
Libvirt (and virt-manager) has extensive storage management APIs now,
and can easily deal with alternative locations for storing images.
So if these default ones aren't suitable, then it'll be perectly
fine to tell virt-manager all images should live in /mnt/virtual/Images
instead.
No, those look like fine default choices, and as you note below labeling
can now be automated to solve problems like this before they happen. I'm
sadly aware of labeling problems, since I run a fair number of off-label
programs I have to setup myself.
Sounds as if the problem is addresses, thanks.
> Questions:
> - did I make clear why some flexibility is desirable?
>
We've nothing against flexibility - we're really just considering the
default out of the box config.
> - is there any technical reason not to make this an arbitrary path?
>
Historically SELinux has wanted images in particular locations. With
the introduction of SVirt in libvirt, we have much more advanced
SELinux integration and will in fact automatically re-label images
to match the needs of a VM. So allowing arbitary locations *and*
still being in compliance with SELinux policy is now practical
Daniel
--
bill davidsen <davidsen(a)tmr.com>
CTO TMR Associates, Inc
"You are disgraced professional losers. And by the way, give us our money
back."
- Representative Earl Pomeroy, Democrat of North Dakota
on the A.I.G. executives who were paid bonuses after a federal bailout.
5492
days inactive
5495
days old
14 comments
5 participants
participants (5)
-
Bill Davidsen -
Cole Robinson -
Daniel P. Berrange -
Richard W.M. Jones -
Robert P. J. Day