External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-11-03 11:51:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
a97e17c4e2
libvirt/docs/kbase.html.in
Daniel P. Berrangé 958d6ebe53 docs: add a kbase explaining security protections for QEMU passthrough 
When using command line passthrough users will often trip up over the
security protections like SELinux, DAC, namespaces, etc which will
deny access to files they are passing. This document explains the
various protections and how to deal with their policy, and/or how
to disable them.

Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-24 12:52:24 +00:00

43 lines
1.6 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<body class="docs">
<h2>Knowledge base</h2>
<div class="panel">
<dl>
<dt><a href="kbase/locking.html">Disk locking</a></dt>
<dd>Ensuring exclusive guest access to disks with
<a href="kbase/locking-lockd.html">virtlockd</a> or
<a href="kbase/locking-sanlock.html">Sanlock</a></dd>
<dt><a href="kbase/secureusage.html">Secure usage</a></dt>
<dd>Secure usage of the libvirt APIs</dd>
<dt><a href="kbase/launch_security_sev.html">Launch security</a></dt>
<dd>Securely launching VMs with AMD SEV</dd>
<dt><a href="kbase/domainstatecapture.html">Domain state
capture</a></dt>
<dd>Comparison between different methods of capturing domain
state</dd>
<dt><a href="kbase/rpm-deployment.html">RPM deployment</a></dt>
<dd>Explanation of the different RPM packages and illustration of
which to pick for installation</dd>
<dt><a href="kbase/backing_chains.html">Backing chain management</a></dt>
<dd>Explanation of how disk backing chain specification impacts libvirt's
behaviour and basic troubleshooting steps of disk problems.</dd>
<dt><a href="kbase/qemu-passthrough-security.html">Security with QEMU passthrough</a></dt>
<dd>Examination of the security protections used for QEMU and how they need
configuring to allow use of QEMU passthrough with host files/devices.</dd>
</dl>
</div>
<br class="clear"/>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink