| Line 46: | Line 46: | ||
[1] https://www.redhat.com/archives/libvir-list/2008-August/msg00757.html | [1] https://www.redhat.com/archives/libvir-list/2008-August/msg00757.html | ||
==== | ==== sVirt: XML Representation of Security Labels ==== | ||
[[JamesMorris|James Morris]] continued[1] work on the sVirt project by investigating how and when to label the resources accessed by domains. | [[JamesMorris|James Morris]] continued[1] work on the [http://selinuxproject.org/page/SVirt sVirt] project by investigating how and when to label the resources accessed by domains and proposed an XML representation of these labels. | ||
[1] https://www.redhat.com/archives/libvir-list/2008-August/msg00740.html | [1] https://www.redhat.com/archives/libvir-list/2008-August/msg00740.html | ||
==== LXC: Making the Private Root Filesystem More Secure ==== | |||
After committing the private root filesystem code for LXC [[DanielBerrange|Daniel P. Berrange]] noted[1] that [http://libcg.sourceforge.net cgroups] supports device ACLs which could defend against 'mknod' escapes into the host OS devices. | |||
[1] https://www.redhat.com/archives/libvir-list/2008-August/msg00734.html | |||
==== Exposing Unique Hypervisor Features ==== | |||
Nguyen Anh Quynh asked[1] how libvirt can expose the unique features of a | |||
given hypervisor such as the monitor interface of Qemu. [[DanielBerrange|Daniel P. Berrange]] responded[2] by stating the policy for adding new APIs to libvirt is that the conceptual representation has to be applicable to multiple hypervisors and unique concepts may be exposed if they can be represented in a way which | |||
would also make sense for other hypervisors in the future. This goal is also stated in the libvirt architecture [http://libvirt.org/intro.html document]. | |||
[1] https://www.redhat.com/archives/libvir-list/2008-August/msg00693.html | |||
[2] https://www.redhat.com/archives/libvir-list/2008-August/msg00701.html | |||
=== oVirt Devel List === | === oVirt Devel List === | ||
This section contains the discussion happening on the [https://www.redhat.com/mailman/listinfo/ovirt-devel ovirt-devel list]. | This section contains the discussion happening on the [https://www.redhat.com/mailman/listinfo/ovirt-devel ovirt-devel list]. | ||
Revision as of 05:52, 1 September 2008
Virtualization
In this section, we cover discussion on the @et-mgmnt-tools-list, @fedora-xen-list, @libvirt-list and @ovirt-devel-list of Fedora virtualization technologies.
Contributing Writer: Dale Bewley
Enterprise Management Tools List
This section contains the discussion happening on the et-mgmt-tools list
Fedora Xen List
This section contains the discussion happening on the fedora-xen list.
virt-what script detects running in a virtual machine
Richard W.M. Jones announced[1] version 1.0 of | virt-what which is a simple shell script that detects if you are running inside a virtual machine, and prints some "facts" about that virtual machine.
[1] https://www.redhat.com/archives/fedora-xen/2008-August/msg00039.html
Xen 3.3.0 Released
Pasi Kärkkäinen forwarded[1] from xen-devel an announcement of Xen 3.3.0. Pasi also followed up[2] on a thread from July where Daniel P. Berrange said about Fedora 10, "Even though we don't have any Dom0 I'll update it to 3.3.0 for the xen RPM and hypervisor. This will at least let people build their own legacy Xen kernel from upstream's 2.6.18 xen kernel"
[1] https://www.redhat.com/archives/fedora-xen/2008-August/msg00038.html
[2] https://www.redhat.com/archives/fedora-xen/2008-August/msg00029.html
Testing LiveCD Distros as DomU Guests
jean-Noël Chardron posted[1] a howto for testing live cd images by booting them in a DomU with virt-install.
[1] https://www.redhat.com/archives/fedora-xen/2008-August/msg00024.html
Libvirt List
This section contains the discussion happening on the libvir-list.
Daniel P. Berrange posted[1] a todo list for libvirt which was the product of a brainstorming session at Red Hat. Daniel offered this list as a good starting point for those wishing to assist in the development of libvirt.
[1] https://www.redhat.com/archives/libvir-list/2008-August/msg00718.html
Live Migration Sanity Checks
Chris Lalancette described[1] a feature that oVirt would like to see. The feature would be a set of sanity checks a caller could make to determine if live migration of a given virtual machine would be likely to succeed.
[1] https://www.redhat.com/archives/libvir-list/2008-August/msg00757.html
sVirt: XML Representation of Security Labels
James Morris continued[1] work on the sVirt project by investigating how and when to label the resources accessed by domains and proposed an XML representation of these labels.
[1] https://www.redhat.com/archives/libvir-list/2008-August/msg00740.html
LXC: Making the Private Root Filesystem More Secure
After committing the private root filesystem code for LXC Daniel P. Berrange noted[1] that cgroups supports device ACLs which could defend against 'mknod' escapes into the host OS devices.
[1] https://www.redhat.com/archives/libvir-list/2008-August/msg00734.html
Exposing Unique Hypervisor Features
Nguyen Anh Quynh asked[1] how libvirt can expose the unique features of a given hypervisor such as the monitor interface of Qemu. Daniel P. Berrange responded[2] by stating the policy for adding new APIs to libvirt is that the conceptual representation has to be applicable to multiple hypervisors and unique concepts may be exposed if they can be represented in a way which would also make sense for other hypervisors in the future. This goal is also stated in the libvirt architecture document.
[1] https://www.redhat.com/archives/libvir-list/2008-August/msg00693.html
[2] https://www.redhat.com/archives/libvir-list/2008-August/msg00701.html
oVirt Devel List
This section contains the discussion happening on the ovirt-devel list.