Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qemu

[Avi Kivity]

On 11/05/2009 04:57 PM, Anthony Liguori wrote:
> Avi Kivity wrote:
> > > At least with KVM support, this is probably the most common use case 
> > > which means
> > > that most of our users are running qemu as root.  That's terrible.
> >
> > Most of our users run managed systems.
>
> I consider management software as a user. 

It isn't.  A user is a person, and -net bridge helps people.

> Today, most management software launches qemu as root.  libvirt is 
> just getting around to fixing this although they still are running it 
> as a single user instead of as the user requesting the vm be launched.

That's a libvirt bug.  Maybe they should adopt your helper.

> The fundamental problem, is that to use qemu as a non-privileged user, 
> you need to go from userA -> root -> userB.  For the lazy, it's 
> easiest just to make userA == userB == root.  IMHO, the ideal thing is 
> to always be userA.

Agreed.

> If we make this easy for management software to do, they're more 
> likely to do the right thing.

But we're forcing our style of security management on them.  How to 
store permissions is the management system's job (and for a clu^Houd, it 
will typically be stored in a central database, not be scattered around 
/etc).

Again, IMO we should stick to making a guest work, and leave all the 
glue to management.

--
error compiling committee.c: too many arguments to function