LinuxSecurity.com: It was discovered that libvirt, a library for interfacing with different virtualization systems, did not properly check for read-only connections. This allowed a local attacker to perform a denial of service (crash) or possibly escalate privileges. [More...]
Hi all,
I would like to get some ideas and opinions on matter of libvirt netfilter application in KVM environment. I am looking for some easy way to control it with an API and possible experience with that and its performance in real life application.
Thanks for all ideas (0 Replies)
VIRT-LOGIN-SHELL(1) Virtualization Support VIRT-LOGIN-SHELL(1)NAME
virt-login-shell - tool to execute a shell within a container matching the users name
SYNOPSIS
virt-login-shell
DESCRIPTION
The virt-login-shell program is a setuid shell that is used to join an LXC container that matches the user's name. If the container is not
running, virt-login-shell will attempt to start the container. virt-sandbox-shell is not allowed to be run by root. Normal users will get
added to a container that matches their username, if it exists, and they are configured in /etc/libvirt/virt-login-shell.conf.
The basic structure of most virt-login-shell usage is:
virt-login-shell
OPTIONS -h, --help
Display command line help usage then exit.
-V, --version
Display version information then exit.
CONFIG
By default, virt-login-shell will execute the /bin/sh program for the user. You can modify this behaviour by defining the shell variable
in /etc/libvirt/virt-login-shell.conf.
eg. shell = [ "/bin/ksh", "--login"]
By default no users are allowed to use virt-login-shell, if you want to allow certain users to use virt-login-shell, you need to modify the
allowed_users variable in /etc/libvirt/virt-login-shell.conf.
eg. allowed_users = [ "tom", "dick", "harry" ]
BUGS
Report any bugs discovered to the libvirt community via the mailing list "http://libvirt.org/contact.html" or bug tracker
"http://libvirt.org/bugs.html". Alternatively report bugs to your software distributor / vendor.
AUTHORS
Please refer to the AUTHORS file distributed with libvirt.
Daniel Walsh <dwalsh at redhat dot com>
COPYRIGHT
Copyright (C) 2013 Red Hat, Inc., and the authors listed in the libvirt AUTHORS file.
LICENSE
virt-login-shell is distributed under the terms of the GNU LGPL v2+. This is free software; see the source for copying conditions. There
is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE
SEE ALSO virsh(1), <http://www.libvirt.org/>
libvirt-1.1.1 2014-06-17 VIRT-LOGIN-SHELL(1)