libvirt/docs
Daniel P. Berrangé 1902356231 qemu: keep capabilities when running QEMU as root
When QEMU uid/gid is set to non-root this is pointless as if we just
used a regular setuid/setgid call, the process will have all its
capabilities cleared anyway by the kernel.

When QEMU uid/gid is set to root, this is almost (always?) never
what people actually want. People make QEMU run as root in order
to access some privileged resource that libvirt doesn't support
yet and this often requires capabilities. As a result they have
to go find the qemu.conf param to turn this off. This is not
viable for libguestfs - they want to control everything via the
XML security label to request running as root regardless of the
qemu.conf settings for user/group.

Clearing capabilities was implemented originally because there
was a proposal in Fedora to change permissions such that root,
with no capabilities would not be able to compromise the system.
ie a locked down root account. This never went anywhere though,
and as a result clearing capabilities when running as root does
not really get us any security benefit AFAICT. The root user
can easily do something like create a cronjob, which will then
faithfully be run with full capabilities, trivially bypassing
the restriction we place.

IOW, our clearing of capabilities is both useless from a security
POV, and breaks valid use cases when people need to run as root.

This removes the clear_emulator_capabilities configuration
option from qemu.conf, and always runs QEMU with capabilities
when root.  The behaviour when non-root is unchanged.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-12-11 16:01:20 +00:00
..
fonts docs: Add monospaced Overpass fonts 2016-11-21 13:15:12 +01:00
gitdm gitdm: Add missing entries 2019-11-05 12:12:14 +01:00
html
internals util: purge all code for testing OOM handling 2019-09-13 10:05:17 +01:00
js docs: Fix Blog Planet links 2019-06-20 17:01:44 +02:00
kbase docs: add a kbase page about RPM packaging options 2019-12-04 16:10:28 +00:00
logos docs: add SVGs for sticker logos 2019-08-29 12:46:33 +01:00
manpages docs: convert virkeycode*/virkeyname* man pages from pod to rst 2019-12-11 14:28:41 +00:00
schemas conf: domaincaps: Add 'backup' feature flag 2019-12-10 12:41:58 +01:00
32favicon.png
404.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
acl.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
aclpolkit.html.in docs: relax CSS context match for pretty tables 2019-12-04 15:48:28 +00:00
android-chrome-192x192.png docs: add full set of "favicon" files to support modern clients 2017-08-02 17:00:11 +01:00
android-chrome-256x256.png docs: add full set of "favicon" files to support modern clients 2017-08-02 17:00:11 +01:00
api_extension.html.in docs: Make anchors follow HTML5 2019-08-28 13:39:26 +02:00
api.html.in docs: Grammar and spelling fixes 2018-05-03 12:40:37 +01:00
apple-touch-icon.png docs: add full set of "favicon" files to support modern clients 2017-08-02 17:00:11 +01:00
apps.html.in docs: Add virt-lightning app 2019-04-09 16:59:49 +02:00
architecture.fig
architecture.gif
architecture.html.in docs: remove mention of legacy Xen driver 2018-04-09 11:38:47 -06:00
auditlog.html.in conf: Audit TPM emulator device at domain startup 2018-06-06 10:48:41 -04:00
auth.html.in xenapi: remove driver 2019-09-03 15:37:54 -06:00
bindings.html.in docs: introduce libvirt-dbus binding 2018-03-23 12:59:56 +01:00
browserconfig.xml docs: add full set of "favicon" files to support modern clients 2017-08-02 17:00:11 +01:00
bugs.html.in docs: remove mention of legacy Xen driver 2018-04-09 11:38:47 -06:00
cgroups.html.in doc: cgroups: Remove unwanted references to systemd 2019-11-15 15:45:20 +01:00
compiling.html.in build: mandate use of a build dir != src dir 2019-11-08 17:07:35 +01:00
contact.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
contribute.html.in docs: Grammar and spelling fixes 2018-05-03 12:40:37 +01:00
csharp.html.in docs: update all GIT repo examples to use https:// protocol 2018-03-21 14:48:01 +00:00
dbus.html.in docs: Make anchors follow HTML5 2019-08-28 13:39:26 +02:00
devguide.html.in docs: update all GIT repo examples to use https:// protocol 2018-03-21 14:48:01 +00:00
docs.html.in docs: introduce rst2man as a mandatory tool for building docs 2019-12-11 14:28:41 +00:00
downloads.html.in docs: update Perl download to point to modern CPAN site 2019-04-04 12:33:55 +01:00
drivers.html.in docs: Update drivers page to link to storage.html 2019-05-06 07:33:01 -04:00
drvbhyve.html.in docs: bhyve: warn about bhyve:commandline risks 2019-02-01 22:08:55 +04:00
drvesx.html.in docs: mention lifted vCPUs restriction for esx 2019-11-14 14:55:56 +01:00
drvhyperv.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
drvlxc.html.in docs: Grammar and spelling fixes 2018-05-03 12:40:37 +01:00
drvnodedev.html.in docs: documentation for vfio-ccw passthrough 2018-05-14 12:27:47 -04:00
drvopenvz.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
drvphyp.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
drvqemu.html.in qemu: keep capabilities when running QEMU as root 2019-12-11 16:01:20 +00:00
drvremote.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
drvtest.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
drvvbox.html.in docs: Update vbox driver documentation. 2017-11-07 17:50:15 -05:00
drvvirtuozzo.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
drvvmware.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
drvxen.html.in libxl: Drop support for parsing sxpr format in libxlConnectDomainXMLFromNative 2019-07-09 10:27:19 +02:00
errors.html.in docs: Grammar and spelling fixes 2018-05-03 12:40:37 +01:00
favicon-16x16.png docs: add full set of "favicon" files to support modern clients 2017-08-02 17:00:11 +01:00
favicon-32x32.png docs: add full set of "favicon" files to support modern clients 2017-08-02 17:00:11 +01:00
favicon.ico docs: add full set of "favicon" files to support modern clients 2017-08-02 17:00:11 +01:00
firewall.html.in network: allow configuring firewalld zone for virtual network bridge device 2019-02-01 12:57:13 -05:00
format.html.in backup: Document new XML for backups 2019-12-10 12:41:56 +01:00
formatbackup.html.in backup: Document new XML for backups 2019-12-10 12:41:56 +01:00
formatcaps.html.in Drop UML driver 2018-12-17 17:52:46 +01:00
formatcheckpoint.html.in backup: Document new XML for backups 2019-12-10 12:41:56 +01:00
formatdomain.html.in conf: pass in default architecture via domain XML options 2019-12-09 10:15:16 +00:00
formatdomaincaps.html.in conf: domaincaps: Add 'backup' feature flag 2019-12-10 12:41:58 +01:00
formatnetwork.html.in docs: formatnetwork: Document xmlns:dnsmasq 2019-07-17 17:18:56 -04:00
formatnetworkport.html.in docs: fix some typos in networkport documentation 2019-06-18 14:35:43 +02:00
formatnode.html.in xml: nodedev: make pci capability class element optional 2019-03-22 12:59:56 +03:00
formatnwfilter.html.in Drop UML driver 2018-12-17 17:52:46 +01:00
formatsecret.html.in docs: Extend Secret XML documentation with vtpm usage type 2019-07-26 10:31:00 +01:00
formatsnapshot.html.in backup: Prevent snapshots and checkpoints at same time 2019-07-29 08:22:29 -05:00
formatstorage.html.in storage: optional 'refresh' elemement on pool 2019-03-19 16:46:21 +01:00
formatstoragecaps.html.in caps: drop requiredSourceElements from storage pool capabilities 2019-03-07 12:01:09 +01:00
formatstorageencryption.html.in storage: Disallow create/resize of qcow2 encrypted images 2018-06-26 14:02:43 -04:00
genaclperms.pl docs: relax CSS context match for pretty tables 2019-12-04 15:48:28 +00:00
generic.css docs: add styling for <tt> element 2019-12-04 15:48:28 +00:00
goals.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
governance.html.in docs/governance: Clarify the version number of the LGPL 2019-01-25 14:04:20 +01:00
hacking.html.in docs: hacking: add missing code element 2019-11-12 16:46:29 +01:00
hooks.html.in network: convert hook script to take a network port XML 2019-06-17 15:19:54 +01:00
hvsupport.pl docs: generate files into build dir and stop distributing them 2019-10-23 14:46:26 +02:00
index.html.in backup: Document new XML for backups 2019-12-10 12:41:56 +01:00
internals.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
java.html.in docs: update all GIT repo examples to use https:// protocol 2018-03-21 14:48:01 +00:00
kbase.html.in docs: add a kbase page about RPM packaging options 2019-12-04 16:10:28 +00:00
libvirt-daemon-arch.fig
libvirt-daemon-arch.png
libvirt-driver-arch.fig
libvirt-driver-arch.png
libvirt-object-model.fig
libvirt-object-model.png
libvirt-virConnect-example.fig
libvirt-virConnect-example.png
libvirt.css docs: relax CSS context match for pretty tables 2019-12-04 15:48:28 +00:00
logging.html.in util: drop support for stack traces with logging 2019-10-18 16:25:17 +01:00
main.css docs: make website responsive for mobile devices 2017-08-07 14:44:40 +01:00
Makefile.am docs: convert virkeycode*/virkeyname* man pages from pod to rst 2019-12-11 14:28:41 +00:00
manifest.json docs: Fix syntax-check error 2017-08-02 15:00:28 -04:00
migration-managed-direct.fig
migration-managed-direct.png
migration-managed-p2p.fig
migration-managed-p2p.png
migration-native.fig
migration-native.png
migration-tunnel.fig
migration-tunnel.png
migration-unmanaged-direct.fig
migration-unmanaged-direct.png
migration.html.in docs: relax CSS context match for pretty tables 2019-12-04 15:48:28 +00:00
mobile.css docs: add advanced search capabilities 2019-04-11 15:20:17 +01:00
mstile-150x150.png docs: add full set of "favicon" files to support modern clients 2017-08-02 17:00:11 +01:00
newapi.xsl docs: relax CSS context match for pretty tables 2019-12-04 15:48:28 +00:00
news-2005.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2006.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2007.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2008.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2009.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2010.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2011.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2012.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2013.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2014.html.in maint: Typo fix for whether 2019-07-09 10:42:39 -05:00
news-2015.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-2016.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
news-ascii.xsl maint: Update references to ChangeLog* 2019-04-03 09:46:02 +02:00
news-html.xsl docs: news: add per-release links 2019-07-17 17:34:08 +02:00
news.rng docs: Move news.rng out of docs/schemas 2017-04-05 09:51:51 +02:00
news.xml docs: document some recent news items 2019-12-06 15:55:30 +00:00
node.fig
node.gif
nss.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
page.xsl docs: generate permalinks correctly for rst2html output 2019-12-04 15:48:28 +00:00
pci-hotplug.html.in docs: Advertise pcie-to-pci-bridge for use on q35 2019-06-20 10:03:22 +02:00
php.html.in docs: update all GIT repo examples to use https:// protocol 2018-03-21 14:48:01 +00:00
platforms.html.in docs: fix repology link for qemu-kvm package 2018-10-23 16:16:36 +01:00
python.html.in docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
remote.html.in docs: move docs about remote driver URIs into URI docs 2019-12-04 15:48:28 +00:00
securityprocess.html.in docs: link to security.libvirt.org website 2018-03-16 17:05:56 +00:00
site.xsl docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
storage.html.in docs: RBD pool only supports raw volumes 2019-07-12 17:09:43 +02:00
strategy.html.in docs: attempt to document the general libvirt dev strategy 2019-10-01 13:08:01 +01:00
structures.fig
styleguide.rst docs: describe the basic RST structure for a man page 2019-12-11 14:28:41 +00:00
subsite.xsl docs: switch to using HTML5 doctype declaration 2017-08-02 17:00:11 +01:00
support.html.in docs: Grammar and spelling fixes 2018-05-03 12:40:37 +01:00
testapi.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
testsuites.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
testtck.html.in Use https:// links for most sites 2017-10-16 10:22:34 +01:00
tlscerts.html.in docs: split TLS certificate setup into its own file 2019-12-04 15:48:28 +00:00
uri.html.in docs: move docs about remote driver URIs into URI docs 2019-12-04 15:48:28 +00:00
virshcmdref.html.in docs: update all GIT repo examples to use https:// protocol 2018-03-21 14:48:01 +00:00
windows.html.in build: mandate use of a build dir != src dir 2019-11-08 17:07:35 +01:00
wrapstring.xsl