[libvirt] [PATCH] news: rewording wrt NSS, virt-login-shell & split daemons

Daniel P. Berrangé posted 1 patch 2 weeks ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20190903151232.31792-1-berrange@redhat.com
Test syntax-check passed
docs/news.xml | 27 ++++++++++++++++++---------
1 file changed, 18 insertions(+), 9 deletions(-)

[libvirt] [PATCH] news: rewording wrt NSS, virt-login-shell & split daemons

Posted by Daniel P. Berrangé 2 weeks ago
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 docs/news.xml | 27 ++++++++++++++++++---------
 1 file changed, 18 insertions(+), 9 deletions(-)

diff --git a/docs/news.xml b/docs/news.xml
index bd112d56dc..f376e991cb 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -65,13 +65,13 @@
       </change>
       <change>
         <summary>
-          Split libvirtd into separate daemons
+          Experimental split of libvirtd into separate daemons
         </summary>
         <description>
           The big monolithic libvirtd daemon can now be replaced by smaller
-          per-driver daemons. Distributions can chose if they want the former
-          or the latter. The libvirtd is still kept around for backwards
-          compatibility.
+          per-driver daemons. The new split daemons are considered experimental
+          at this time and distributions are encouraged to continue using the
+          traditional libvirtd by default.
         </description>
       </change>
     </section>
@@ -136,13 +136,22 @@
       </change>
       <change>
         <summary>
-          Stop linking virt-login-shell and NSS plugins with libvirt.so
+          Stop linking NSS plugins with libvirt.so
         </summary>
         <description>
-          In order to allow libvirt to abort on out of memory, we need to stop
-          linking libvirt.so to virt-login-shell or the NSS plugins where we
-          don't want to abort. This change also resulted in smaller binaries
-          and libraries.
+          This reduces the amount of code and 3rd party libraries are that
+          loaded into all processes.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Split the setuid virt-login-shell binary into two pieces
+        </summary>
+        <description>
+          The setuid virt-login-shell binary is now a tiny shim that
+          sanitizes the process execution environment variables and
+          arguments, before launching the trusted virt-login-shell-helper
+          binary.
         </description>
       </change>
       <change>
-- 
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] news: rewording wrt NSS, virt-login-shell & split daemons

Posted by Laine Stump 2 weeks ago
On 9/3/19 11:12 AM, Daniel P. Berrangé wrote:
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>   docs/news.xml | 27 ++++++++++++++++++---------
>   1 file changed, 18 insertions(+), 9 deletions(-)


Reviewed-by: Laine Stump <laine@laine.org>


(but unfortunately too late to be in the release tarball :-/)


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list