[Pkg-libvirt-maintainers] Bug#905036: libvirt0: qemu sandbox option prevents built-in qemu smb server from working
Andrey Skvortsov
andrej.skvortzov at gmail.com
Mon Jul 30 22:13:03 BST 2018
Package: libvirt0
Version: 4.5.0-1
Severity: normal
Dear Maintainer,
some virtual machines uses built-in qemu samba to share directory with host.
This is done using 'qemu:commandline' tag in VM xml file.
<qemu:commandline>
<qemu:arg value='-netdev'/>
<qemu:arg value='user,id=hostnet0,smb=/home/user/KVM/shared'/>
<qemu:arg value='-device'/>
<qemu:arg value='virtio-net-
pci,netdev=hostnet0,id=net0,bus=pci.0,addr=0x9'/>
</qemu:commandline>
After upgrading from 4.2.0-2 to 4.3.0-1 this does not work anymore. The reason
is that since 4.3.0-1
following command line options are added to qemu command line:
'-sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny'
elevateprivileges=deny causes corresponding qemu thread to be killed as soon as
samba share is accessed.
I don't think this is a major problem and it should be fixed. Sandbox is a good
thing.
This bug report just points that upgrading (for example, from stretch to
buster)
could cause problems in some cases.
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.17.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libvirt0 depends on:
ii libacl1 2.2.52-3+b1
ii libapparmor1 2.12-5
ii libaudit1 1:2.8.3-1+b1
ii libavahi-client3 0.7-4
ii libavahi-common3 0.7-4
ii libc6 2.27-5
ii libcap-ng0 0.7.9-1
ii libcurl3-gnutls 7.60.0-2
ii libdbus-1-3 1.12.8-3
ii libdevmapper1.02.1 2:1.02.145-4.1
ii libgnutls30 3.5.19-1
ii libnl-3-200 3.4.0-1
ii libnl-route-3-200 3.4.0-1
ii libnuma1 2.0.11-2.2
ii libsasl2-2 2.1.27~101-g0780600+dfsg-3.1
ii libselinux1 2.8-1+b1
ii libssh2-1 1.8.0-1
ii libxml2 2.9.4+dfsg1-7+b1
ii libyajl2 2.1.0-2+b3
Versions of packages libvirt0 recommends:
ii lvm2 2.02.176-4.1
libvirt0 suggests no packages.
-- no debconf information
More information about the Pkg-libvirt-maintainers
mailing list