mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-23 22:25:25 +00:00
qemu_conf: add new configuration key bridge_helper
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
parent
5c1cfea403
commit
78d7c3c569
@ -60,6 +60,7 @@ module Libvirtd_qemu =
|
||||
|
||||
let process_entry = str_entry "hugetlbfs_mount"
|
||||
| bool_entry "clear_emulator_capabilities"
|
||||
| str_entry "bridge_helper"
|
||||
| bool_entry "set_process_name"
|
||||
| int_entry "max_processes"
|
||||
| int_entry "max_files"
|
||||
|
@ -301,6 +301,14 @@
|
||||
#hugetlbfs_mount = "/dev/hugepages"
|
||||
|
||||
|
||||
# Path to the setuid helper for creating tap devices. This executable
|
||||
# is used to create <source type='bridge'> interfaces when libvirtd is
|
||||
# running unprivileged. libvirt invokes the helper directly, instead
|
||||
# of using "-netdev bridge", for security reasons.
|
||||
#bridge_helper = "/usr/libexec/qemu-bridge-helper"
|
||||
|
||||
|
||||
|
||||
# If clear_emulator_capabilities is enabled, libvirt will drop all
|
||||
# privileged capabilities of the QEmu/KVM emulator. This is enabled by
|
||||
# default.
|
||||
|
@ -241,6 +241,7 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged)
|
||||
}
|
||||
}
|
||||
#endif
|
||||
cfg->bridgeHelperName = strdup("/usr/libexec/qemu-bridge-helper");
|
||||
|
||||
cfg->clearEmulatorCapabilities = true;
|
||||
|
||||
@ -290,6 +291,7 @@ static void virQEMUDriverConfigDispose(void *obj)
|
||||
|
||||
VIR_FREE(cfg->hugetlbfsMount);
|
||||
VIR_FREE(cfg->hugepagePath);
|
||||
VIR_FREE(cfg->bridgeHelperName);
|
||||
|
||||
VIR_FREE(cfg->saveImageFormat);
|
||||
VIR_FREE(cfg->dumpImageFormat);
|
||||
@ -497,6 +499,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
|
||||
GET_VALUE_BOOL("auto_start_bypass_cache", cfg->autoStartBypassCache);
|
||||
|
||||
GET_VALUE_STR("hugetlbfs_mount", cfg->hugetlbfsMount);
|
||||
GET_VALUE_STR("bridge_helper", cfg->bridgeHelperName);
|
||||
|
||||
GET_VALUE_BOOL("mac_filter", cfg->macFilter);
|
||||
|
||||
|
@ -116,6 +116,7 @@ struct _virQEMUDriverConfig {
|
||||
|
||||
char *hugetlbfsMount;
|
||||
char *hugepagePath;
|
||||
char *bridgeHelperName;
|
||||
|
||||
bool macFilter;
|
||||
|
||||
|
@ -49,6 +49,7 @@ module Test_libvirtd_qemu =
|
||||
{ "auto_dump_bypass_cache" = "0" }
|
||||
{ "auto_start_bypass_cache" = "0" }
|
||||
{ "hugetlbfs_mount" = "/dev/hugepages" }
|
||||
{ "bridge_helper" = "/usr/libexec/qemu-bridge-helper" }
|
||||
{ "clear_emulator_capabilities" = "1" }
|
||||
{ "set_process_name" = "1" }
|
||||
{ "max_processes" = "0" }
|
||||
|
Loading…
Reference in New Issue
Block a user