libvirt

mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-03-20 07:59:00 +00:00

Go to file

Serge E. Hallyn 28209ca05e Don't use CLONE_NEWUSER for now

Until now, user namespaces have not done much, but (for that
reason) have been innocuous to glob in with other CLONE_
flags.  Upcoming userns development, however, will make tasks
cloned with CLONE_NEWUSER far more restricted.  In particular,
for some time they will be unable to access files with anything
other than the world access perms.

This patch assumes that noone really needs the user namespaces
to be enabled.  If that is wrong, then we can try a more
baroque patch where we create a file owned by a test userid with
700 perms and, if we can't access it after setuid'ing to that
userid, then return 0.  Otherwise, assume we are using an
older, 'harmless' user namespace implementation.

Comments appreciated.  Is it ok to do this?

Signed-off-by: Serge Hallyn <serge.hallyn@canonical.com>

2011-02-09 08:23:37 -07:00

.gnulib @ 2f41af6508

build: fix 'make check' with older git

2011-01-21 15:40:46 -07:00

daemon

sysinfo: implement the remote protocol

2011-02-08 19:29:46 -07:00

docs

sysinfo: implement the public API

2011-02-08 19:29:44 -07:00

examples

Prevent overfilling of self-pipe in python event loop

2011-01-28 11:48:27 +00:00

include

sysinfo: expose new API

2011-02-08 19:21:26 -07:00

maint: update to latest gnulib

2010-11-17 10:13:12 -07:00

Update Dutch and Polish localizations

2011-02-08 21:01:38 +08:00

python

python: Use PyCapsule API if available

2011-01-10 15:18:05 -05:00

src

Don't use CLONE_NEWUSER for now

2011-02-09 08:23:37 -07:00

tests

qemu: Implement blkio tunable XML configuration and parsing.

2011-02-08 11:43:45 -07:00

tools

sysinfo: implement virsh support

2011-02-08 19:29:48 -07:00

.dir-locals.el

misc: encode the Emacs suggstions from HACKING into a .dir-locals.el file

2010-11-01 10:22:58 -06:00

.gitignore

Release of libvirt-0.8.7

2011-01-04 03:37:17 +01:00

.gitmodules

make .gnulib a submodule

2009-07-08 16:17:51 +02:00

.mailmap

maint: update an email address preference

2010-08-10 08:13:22 -06:00

.x-sc_avoid_ctype_macros

exempt gnulib from ctype-macros prohibition

2008-10-28 17:36:31 +00:00

.x-sc_avoid_if_before_free

avoid a "make syntax-check" failure

2009-07-09 20:00:37 +02:00

.x-sc_avoid_write

Introduce new APIs for spawning processes

2010-12-02 16:00:44 -07:00

.x-sc_bindtextdomain

maint: update to latest gnulib

2010-11-17 10:13:12 -07:00

.x-sc_m4_quote_check

syntax-check: enable more checks

2009-02-03 13:08:36 +00:00

.x-sc_po_check

build: avoid false positive syntax-check failure

2010-10-19 09:28:35 -06:00

.x-sc_prohibit_always_true_header_tests

build: update gnulib

2010-05-06 14:35:38 -06:00

.x-sc_prohibit_asprintf

util: add virVasprintf

2010-12-02 11:23:15 -07:00

.x-sc_prohibit_close

maint: reject raw close, popen in 'make syntax-check'

2011-01-29 10:36:47 -07:00

.x-sc_prohibit_empty_lines_at_EOF

tests: test RHEL 6.0 qemu-kvm -help parsing

2010-12-13 16:30:02 -07:00

.x-sc_prohibit_fork_wrappers

maint: reject raw close, popen in 'make syntax-check'

2011-01-29 10:36:47 -07:00

.x-sc_prohibit_gethostby

Various syntax-check fixes.

2009-10-26 10:34:05 +01:00

.x-sc_prohibit_gethostname

Add a new syntax-check rule for gethostname.

2009-10-26 10:34:27 +01:00

.x-sc_prohibit_gettext_noop

build: fix syntax-check problems

2010-04-12 16:43:05 -06:00

.x-sc_prohibit_have_config_h

maint: sync from coreutils

2009-01-29 18:06:19 +00:00

.x-sc_prohibit_HAVE_MBRTOWC

maint: sync from coreutils

2009-01-29 18:06:19 +00:00

.x-sc_prohibit_nonreentrant

Tighten up nonreentrant syntax-check.

2009-10-26 10:33:42 +01:00

.x-sc_prohibit_readlink

Add a rule to check for uses of readlink.

2010-01-22 09:42:35 -05:00

.x-sc_prohibit_sprintf

maint: avoid remaining sprintf uses

2010-11-17 10:13:12 -07:00

.x-sc_prohibit_strncpy

Avoid checking against strncpy in virsh.c

2010-10-12 19:26:10 +02:00

.x-sc_prohibit_test_minus_ao

build: fix syntax-check problems

2010-04-12 16:43:05 -06:00

.x-sc_prohibit_VIR_ERR_NO_MEMORY

Various syntax-check fixes.

2009-10-26 10:34:05 +01:00

.x-sc_prohibit_xmlGetProp

maint: prohibit most uses of xmlGetProp

2010-11-24 15:23:43 -07:00

.x-sc_require_config_h

Various syntax-check fixes.

2009-10-26 10:34:05 +01:00

.x-sc_require_config_h_first

Misc syntax-check fixes

2009-09-21 14:41:47 +01:00

.x-sc_trailing_blank

build: exempt *.ico files from the trailing blank check

2008-10-16 13:28:07 +00:00

.x-sc_unmarked_diagnostics

build: import latest gnulib

2010-04-02 10:18:55 -06:00

acinclude.m4

maint: turn on gcc logical-op checking

2010-07-28 15:25:36 +02:00

AUTHORS

Adding Michal Novotny for previous patch

2011-02-09 10:05:19 +08:00

autobuild.sh

test: fix commandtest under autobuild.sh

2010-12-13 16:04:56 -07:00

autogen.sh

Fix setup of lib directory with autogen.sh --system

2011-01-26 14:54:23 +00:00

bootstrap

maint: support --no-git option during autogen.sh

2011-01-21 09:45:37 -07:00

bootstrap.conf

build: avoid corrupted gnulib/tests/Makefile

2011-01-24 17:19:25 -07:00

cfg.mk

smartcard: add domain conf support

2011-02-03 19:28:53 -07:00

ChangeLog-old

generate ChangeLog from git logs into distribution tarball

2009-07-08 16:17:51 +02:00

configure.ac

build: fix parted detection at configure time

2011-02-01 09:05:05 -07:00

COPYING.LIB

remove all trailing blank lines

2009-07-16 15:06:42 +02:00

HACKING

maint: document dislike of mismatched if/else bracing

2011-01-05 11:05:28 -07:00

libvirt.pc.in

* libvirt.pc.in: applied patch from Daniel Berrange to fix --cflags

2006-03-24 13:18:12 +00:00

libvirt.spec.in

spec: Start libvirt-guests only if it's on in current runlevel

2011-01-19 15:01:52 +01:00

Makefile.am

maint: reject raw close, popen in 'make syntax-check'

2011-01-29 10:36:47 -07:00

Makefile.nonreentrant

Ban use of all inet_* functions

2010-10-22 11:59:23 +01:00

mingw32-libvirt.spec.in

Add dtrace static probes in libvirtd

2010-10-22 12:00:39 +01:00

README

Correct typos in the documentation (Atsushi SAKAI)

2008-01-24 10:15:13 +00:00

README-hacking

maint: relax git minimum version

2010-02-24 14:29:27 -05:00

TODO

Update todo list file to point at bugzilla/website

2010-10-13 16:45:26 +01:00

README

         LibVirt : simple API for virtualization

  Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.

Daniel Veillard <veillard@redhat.com>

Description

Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.

Readme 735 MiB

Languages

C 95.1%

Python 2%

Meson 0.9%

Shell 0.6%

Perl 0.5%

Other 0.8%