[libvirt] Questions about virtlogd
Daniel P. Berrange
berrange at redhat.com
Tue Jun 7 13:21:17 UTC 2016
On Tue, Jun 07, 2016 at 01:11:53PM +0100, Wei Liu wrote:
> Hello libvirt maintainers,
>
> Libvirt implements virtlogd in version 1.3 which now handles logging
> for QEMU process. I am wondering if it is possible to make it a
> separate package and maintain stable interfaces for external users?
Ok, so you're essentially asking for us to create a libvirt-logd.so
library for talking to virtlogd, which would basically contain the
code currently in src/logging/log_manager.c
That's certainly possible from a technical POV, but the real question
is whether we want to do that from a policy POV, given the greater
support implications that has.
> This is related to XSA-180 / CVE-2014-3672 (unrestricted QEMU
> logging). We are evaluating using virtlogd vs writing our own
> solution. I believe there are still some open questions on how exactly
> the integration could be done but let's worry about that later.
I must admit I'm not familiar with the division of responsibility
for managing QEMU between the Xen provided libxl library(s) and
the libvirt libxl driver code. Naively I would expect the libvirt
libxl driver code to deal with virtlogd and then configure the
Xen libxl library / QEMU accordingly. Your request seems to imply
that you will need the Xen libxl library to directly talk to
virtlogd instead.
Is there any way in which it would be practical for the libvirt
libxl driver to talk to virtlogd to acquire the file descriptors
to use and pass those file descriptors down to the libxl library ?
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list