libvirt/suse-qemu-conf.patch
James Fehlig bfc56c3413 - Update to libvirt 1.2.0
- Add support for gluster pool
  - Separation of python binding
  - vbox: add support for 4.3 APIs
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Updated and renamed clone.patch to ia64-clone.patch

OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=334
2013-12-06 18:39:18 +00:00

38 lines
1.4 KiB
Diff

Index: libvirt-1.2.0/src/qemu/qemu.conf
===================================================================
--- libvirt-1.2.0.orig/src/qemu/qemu.conf
+++ libvirt-1.2.0/src/qemu/qemu.conf
@@ -200,7 +200,16 @@
# a special value; security_driver can be set to that value in
# isolation, but it cannot appear in a list of drivers.
#
+# SUSE Note:
+# Currently, Apparmor is the default security framework in SUSE
+# distros. If Apparmor is enabled on the host, libvirtd is
+# generously confined but users must opt-in to confine qemu
+# instances. Change this to 'apparmor' to enable Apparmor
+# confinement of qemu instances.
+#
#security_driver = "selinux"
+# security_driver = "apparmor"
+security_driver = "none"
# If set to non-zero, then the default security labeling
# will make guests confined. If set to zero, then guests
@@ -402,6 +411,15 @@
#allow_disk_format_probing = 1
+# SUSE note:
+# Many lock managers, sanlock included, will kill the resources
+# they protect when terminated. E.g. the sanlock daemon will kill
+# any virtual machines for which it holds disk leases when the
+# daemon is stopped or restarted. Administrators must be vigilant
+# when enabling a lock manager since simply updating the manager
+# may cause it to be restarted, potentially killing the resources
+# it protects.
+#
# To enable 'Sanlock' project based locking of the file
# content (to prevent two VMs writing to the same
# disk), uncomment this