(→Fedora Xen List: none this week) |
|||
| Line 8: | Line 8: | ||
=== Libvirt List === | === Libvirt List === | ||
Revision as of 08:58, 19 January 2009
Virtualization
In this section, we cover discussion on the @et-mgmnt-tools-list, @fedora-xen-list, @libvirt-list and @ovirt-devel-list of Fedora virtualization technologies.
Contributing Writer: Dale Bewley
Libvirt List
This section contains the discussion happening on the libvir-list.
sVirt 0.30 Released
James Morris announced[1] "the release of v0.30 of sVirt[2], a project to add security labeling support to Linux-based virtualization.
[1] http://www.redhat.com/archives/libvir-list/2009-January/msg00158.html
[2] http://selinuxproject.org/page/SVirt
sVirt Qemu Hurdles
Daniel J Walsh began to work on the svirt lock down of the qemu process, and
saw[1] a problem with "the 
qemu
"The problem with this is the act of installing an image or setting up the environment an image runs within requires much more privileges then actually running the image."
"SELinux runs best when one processes forks/execs another process this allows us to run the two processes under different labels. Each process with the privileges required to run."
[1] http://www.redhat.com/archives/libvir-list/2009-January/msg00198.html
Fine Grained Access Controls
Konrad Eriksson desired[1] is "an addition[2] to
Daniel P. Berrange pointed[3] out how this relates
to sVirt. "At this stage sVirt is primarily about protecting guests from each other, and protecting the host from guests. Konrad's suggestions are about protecting guests/hosts from administrators, by providing more fine grained control over what libvirt APIs an admin can invoke & on what objects. Both bits of work are required & are complementary to each other."
[1] http://www.redhat.com/archives/libvir-list/2009-January/msg00282.html
[2] http://wiki.libvirt.org/page/TodoFineGrainedSecurity
[3] http://www.redhat.com/archives/libvir-list/2009-January/msg00362.html
oVirt Devel List
This section contains the discussion happening on the ovirt-devel list.