rpm/libvirt
SHA256
1
0
Fork 0
forked from pool/libvirt
Code Pull Requests Activity
9decd8f3cc
libvirt/suse-qemu-conf.patch
James Fehlig 9decd8f3cc - Update to libvirt 1.0.5.1 stable release 
- qemu: Fix cgroup handling when setting VCPU BW
  - daemon: fix leak after listing all volumes
  - Fix iohelper usage with streams opened for read
  - util: fix virFileOpenAs return value and resulting error logs
  - iscsi: don't leak portal string when starting a pool
  - don't mention disk controllers in generic controller errors
  - conf: don't crash on a tpm device with no backends
  - qemu: allocate network connections sooner during domain startup
  -  Make detect_scsi_host_caps a function on all architectures
  - Fix release of resources with lockd plugin
  - Fix potential use of undefined variable in remote dispatch code
  - Fix F_DUPFD_CLOEXEC operation args
  - qemu: fix stupid typos in VFIO cgroup setup/teardown
  - network: fix network driver startup for qemu:///session
- Remove patches that are included in the 1.0.5.1 release
  0471637d-cgroups-vcpu-bw.patch, a2214c52-iohelper.patch,
  ca697e90-CVE-2013-1962.patch

OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=266
2013-05-21 18:02:56 +00:00

38 lines
1.4 KiB
Diff
Raw Blame History

Index: libvirt-1.0.5.1/src/qemu/qemu.conf
===================================================================
--- libvirt-1.0.5.1.orig/src/qemu/qemu.conf
+++ libvirt-1.0.5.1/src/qemu/qemu.conf
@@ -169,7 +169,16 @@
# a special value; security_driver can be set to that value in
# isolation, but it cannot appear in a list of drivers.
#
+# SUSE Note:
+# Currently, Apparmor is the default security framework in SUSE
+# distros. If Apparmor is enabled on the host, libvirtd is
+# generously confined but users must opt-in to confine qemu
+# instances. Change this to 'apparmor' to enable Apparmor
+# confinement of qemu instances.
+#
#security_driver = "selinux"
+# security_driver = "apparmor"
+security_driver = "none"
# If set to non-zero, then the default security labeling
# will make guests confined. If set to zero, then guests
@@ -365,6 +374,15 @@
#allow_disk_format_probing = 1
+# SUSE note:
+# Many lock managers, sanlock included, will kill the resources
+# they protect when terminated. E.g. the sanlock daemon will kill
+# any virtual machines for which it holds disk leases when the
+# daemon is stopped or restarted. Administrators must be vigilant
+# when enabling a lock manager since simply updating the manager
+# may cause it to be restarted, potentially killing the resources
+# it protects.
+#
# To enable 'Sanlock' project based locking of the file
# content (to prevent two VMs writing to the same
# disk), uncomment this
View Git Blame Copy Permalink