similar to: limit memory and CPU when using libvirt-sandbox

Displaying 20 results from an estimated 20000 matches similar to: "limit memory and CPU when using libvirt-sandbox"

2013 Jan 29
1
Fail to build libvirt-sandbox under ubuntu 12.10
I'm trying to build libvirt-sandbox under ubuntu 12.10 sudo apt-get install git build-essential lxc libvirt-bin libvirt-glib-1.0 libglib2.0-0 libglib2.0-dev gtk-doc-tools libxml2-dev libselinux-dev git clone git://libvirt.org/libvirt-sandbox.git cd libvirt-sandbox sudo ./autobuild The error I'm getting: make[2]: Entering directory `/home/user/libvirt-sandbox/build/bin' CC
2014 Jan 29
1
libvirt-sandbox question.
I hope this question isn't considered too off topic for this list, I am trying to reach the libvirt-sandbox developers, but I could not find a libvirt-sandbox specific mailing list, and it seemed to me that libvirt-sandbox was a part of libvirt itself. I am trying to port libvirt-sandbox to run on a CentOS 6.5 system. This wasn't too hard but, I had to do the following: I have used the
2015 Mar 07
1
Unable to start sandbox: Kernel module dir /lib/modules/3.18.5-x86_64-linode52/kernel does not exist
Dear all, I have been trying to set up the set up Libvirt Sandbox without success. I want to use virt-sandbox in order to run untrusted programs in a secure environment. I am had no knowledge about virtualization until a couple of days ago, so I am probably doing something wrong. The scenario is the following: Linode instance. OS that I have tried: Ubuntu 14.04, Ubuntu 14, Fedora 21. Both
2011 Jun 23
1
sandbox for OS X
Hi, The systrace and rlimit sandboxes have been committed and will be in snapshots dated 20110623 and later. This diff adds support for pre-auth privsep sandboxing using the OS X sandbox_init(3) service. It's a bit disappointing that the OS X developers chose such as namespace-polluting header and function names "sandbox.h", "sandbox_init()", etc. It already forced me to
2013 Nov 20
1
libvirt-sandbox on Ubuntu with SELinux
I'm attempting to build/use libvirt-sandbox on Ubuntu 12.xx. Although I'm still working through dependency issues (including the need for libvirt >= 1.0.2 which is not packaged for ubuntu 12.xx) to build the sandbox code, I have a forward looking question. It appears libvirt-bin for Ubuntu likes apparmor as does most Ubuntu based packages using a LSM impl. However, as I understand
2014 Jan 13
2
Re: libvirt on armhf with selinux driver
On 01/13/2014 04:50 PM, Michal Privoznik wrote: > On 13.01.2014 16:10, Ivan Gooten wrote: >> hi, >> >> recently i've been busy with libvirt(d) v1.2.0 on armhf and i see, even >> if selinux sec driver is enabled on the configure stage, the driver is >> not finally created. these configure parameters are: >> >> --with-selinux >>
2012 May 18
6
[Bug 2011] New: sandbox selection needs some kind of fallback mechanism
https://bugzilla.mindrot.org/show_bug.cgi?id=2011 Bug #: 2011 Summary: sandbox selection needs some kind of fallback mechanism Classification: Unclassified Product: Portable OpenSSH Version: 6.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2
2013 Aug 14
1
virt-sandbox of X applications
Is it possible to use virt-sandbox to confine X applications? Dave
2006 Sep 16
10
Mongrel and Sandbox
Z-Man, DHH recently said: "And [_why''s] latest work on sandbox looks stellar. Making it drop-dead easy to run multiple Rails applications in the same Mongrel process without conflicts. Thumbs up to both him and Matz for getting Sandbox on track for inclusion with the next Ruby release." Does that mean what I think it means - that one or more Mongrel processes may one day be
2014 Aug 21
1
virt-sandbox-service
Is there any documentation/tutorial that explains how to use virt-sandbox-service? After looking at some writeups about virt-sandbox-service, this looks like a good tool for something I need to do. But, following the "examples" I cannot get anything to work correctly. With a simple xfce install with httpd, lighttpd, and libvirt-sandbox installed, I tried: 1. virt-sandbox-service
2014 Aug 22
1
Re: How to enable SELinux driver for libvirt?
于 2014年08月21日 20:58, Eric Blake 写道: > On 08/21/2014 01:38 AM, Qiang Guan wrote: >> Hi guys, >> >> It seems libvirt disable SELinux driver by default. > You need to provide more details to substantiate your claim. What > platform are you running on, and what version of libvirt? Did you build > it yourself or are you using the pre-built distro version? > >
2006 Nov 08
2
Sandboxing
Hi. This is mostly hypothetical, just because I want to see how knowledgeable people would go about achieving it: I want to sandbox Mozilla Firefox. For the sake of example, I'm running it under my own user account. The idea is that it should be allowed to connect to the X server, it should be allowed to write to ~/.mozilla and /tmp. I expect some configurations would want access to audio
2014 Aug 21
2
How to enable SELinux driver for libvirt?
Hi guys, It seems libvirt disable SELinux driver by default. How to enable SELinux driver for libvirt? -- ------------ Jackie Best Regards
2012 Jul 02
1
rlimit sandbox on cygwin
Hi all. I have an old windows VM with an oldish cygwin that I use for the regression tests. Investigating one of the test failures, I see that it's for UsePrivilegeSeparation=sandbox, and it seems to be because setrlimit(RLIMIT_FSIZE, ...) is not supported. IMO, this isn't a big loss, since the most useful thing in the rlimit "sandbox" is the descriptor limits. Can anyone see
2016 Dec 06
1
How can openstack retrieve the CPU usage of a lxc via libvirt?
Dear all, I want to have a view of lxc CPU usage in openstack Dashboard. According the Openstack official site , Openstack Ceilometer can poll libvirt daemon to obtain CPU usage of a virtual machine. I tried the command locally on the libvirtd host "virsh -c lxc:/// domjobinfo", I got an error "error: this function is not supported by the connection driver:
2011 Jun 22
3
sandbox pre-auth privsep child
Hi, This patch (relative to -HEAD) defines an API to allow sandboxing of the pre-auth privsep child and a couple of sandbox implementations. The idea here is to heavily restrict what the network-face pre-auth process can do. This was the original intent behind dropping to a dedicated uid and chrooting to an empty directory, but even this still allows a compromised slave process to make new
2007 Nov 11
1
Paypal Library - How to stop payments going to sandbox
I am using the Paypal Library for ruby (http://dist.leetsoft.com/api/paypal/) I have been testing it in development mode and the paypal sandbox site. Now I have moved my application into production mode but the paypal url still goes to the sandbox site: https://www.sandbox.paypal.com/cgi-bin/webscr How do I change the paypal URL? -- Posted via http://www.ruby-forum.com/.
2012 Jan 29
2
Sandbox Error Running Wine Live
Again, I have another program that will not run Live with Wine, but if I run it as root it does run. It seems as if this "Running Live" issue is being ignored, although Running Live is a common feature with many Linux distros and is one great security environment vs. Running off hard disk. Yet having to run as root to get apps going in Live environment is occurning with more apps as I
2012 Apr 27
3
rails console --sandbox is only half-baked
Recently I''ve found out some mentions to the "--sandbox" parameter to the "rails console" command. And I found the idea interesting, but since I''m using Sequel instead of ActiveRecord I guessed this wouldn''t work for me. But after talking about this subject in the Sequel mailing list, Jeremy Evans has brought to my attention that there are some
2013 Dec 20
1
sandbox-rlimit and ptrace.
I was wondering if the following attack would be feasible once I'm able to break into rlimit sandbox. Because sandboxed process that handles unauthenticated session is running as the 'sshd' user I was wondering if this could be used to jump between processes using ptrace(2). For example if I find a bug in the code executed before authentication I could use ptrace(2) to attach to