From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1N640M-0003bK-2p
	for qemu-devel@nongnu.org; Thu, 05 Nov 2009 10:12:06 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1N640G-0003UF-Ro
	for qemu-devel@nongnu.org; Thu, 05 Nov 2009 10:12:05 -0500
Received: from [199.232.76.173] (port=56213 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1N640G-0003Tv-L8
	for qemu-devel@nongnu.org; Thu, 05 Nov 2009 10:12:00 -0500
Received: from mx1.redhat.com ([209.132.183.28]:24216)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <berrange@redhat.com>) id 1N640F-0004n4-NG
	for qemu-devel@nongnu.org; Thu, 05 Nov 2009 10:12:00 -0500
Date: Thu, 5 Nov 2009 15:11:54 +0000
From: "Daniel P. Berrange" <berrange@redhat.com>
Subject: Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for
	qemu
Message-ID: <20091105151154.GF689@redhat.com>
References: <1257294485-27015-1-git-send-email-aliguori@us.ibm.com>
	<4AF2E247.3090409@redhat.com> <4AF2E7CE.8010506@us.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <4AF2E7CE.8010506@us.ibm.com>
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: Mark McLoughlin <markmc@redhat.com>, Arnd Bergmann <arndbergmann@googlemail.com>, Juan Quintela <quintela@redhat.com>, Dustin Kirkland <kirkland@canonical.com>, qemu-devel@nongnu.org, Michael Tsirkin <mst@redhat.com>, Avi Kivity <avi@redhat.com>

On Thu, Nov 05, 2009 at 08:57:18AM -0600, Anthony Liguori wrote:
> Avi Kivity wrote:
> >>At least with KVM support, this is probably the most common use case 
> >>which means
> >>that most of our users are running qemu as root.  That's terrible.
> >>   
> >
> >Most of our users run managed systems.
> 
> I consider management software as a user.  Today, most management 
> software launches qemu as root.  libvirt is just getting around to 
> fixing this although they still are running it as a single user instead 
> of as the user requesting the vm be launched.

We have two modes of operating in libvirt.

 - The 'system' instance. The libvirtd daemon runs privileged in order
   to allow full management of all host services including network
   and storage. The QEMU vms run under a 'qemu' user.  This is intended
   for server virtualization use cases.

 - The 'session' instance. The libvirtd daemon runs unprivileged as the
   user account accessing it. The QEMU vms run under the users own
   account too. This is intended for desktop virtualization use cases.

The main problem is that we've never really used the 'session' instances,
since networking configs are rather limited to pretty much just SLIRP 
and people expect full bridging.  I think this patch series you've
done is invaluable and will let us finally make full use of the libvirt
'session' instances for desktop virt, running everything unprivileged.


Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|