QA:Testcase Virtualization Seccomp Sandboxing

This page was last edited on 30 October 2012, at 01:27.

From Fedora Project Wiki

Description

Run your VMs using seccomp filter for improved security against qemu exploits. For more details, please see:

http://fedoraproject.org/wiki/Features/Syscall_Filters

Setup

Nothing beyond the initial test day setup (basically a function F18 VM).

This is all currently broken
QEMU guests fail at startup using libvirt + seccomp: [bz 855192]

How to test

Verify a VM starts up fine, to start.
Stop all VMs
Edit /etc/libvirt/qemu.conf, change seccomp_sandbox = 1
Restart libvirtd
Start a VM, connect to the graphical console with virt-manager
Verify that the VM seems to be behaving as usual.

Expected Results

No obvious errors occur, guests seem to function like normal after all the steps.

Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_Virtualization_Seccomp_Sandboxing&oldid=309127"

Virtualization Test Cases

Copyright © 2024 Red Hat, Inc. and others. All Rights Reserved. For comments or queries, please contact us.

The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community maintained site. Red Hat is not responsible for content.