similar to: libvirt-sandbox on Ubuntu with SELinux

Displaying 20 results from an estimated 10000 matches similar to: "libvirt-sandbox on Ubuntu with SELinux"

2014 Jan 29
1
libvirt-sandbox question.
I hope this question isn't considered too off topic for this list, I am trying to reach the libvirt-sandbox developers, but I could not find a libvirt-sandbox specific mailing list, and it seemed to me that libvirt-sandbox was a part of libvirt itself. I am trying to port libvirt-sandbox to run on a CentOS 6.5 system. This wasn't too hard but, I had to do the following: I have used the
2014 Sep 18
2
Using custom QEMU binaries with libvirt
Hi all, I compiled a custom version of QEMU 2.0.0 and I am having hard times to make it available to libvirt. Just to clarify, if I execute /usr/local/bin/qemu-system-x86_64 it does performs good. But when I put this very same path to <emulator> tag in a domain configutation, when i start the domain I get error: Failed to start domain vm1 error: internal error: process exited while
2015 Jan 06
2
ubuntu virsh snapshot-create-as gives Error -22 while writing VM
Hello all, I'm trying to create an online internal snapshot to work with Cuckoo Sandbox. I keep receiving this -22 error below on my Ubuntu system and I'm out of ideas, been at it for a while so any help is appreciated. root@cuckoo-sec:~# virsh snapshot-create-as cuckoo cuckoo-snap1 "Cuckoo Snapshot" error: operation failed: Error -22 while writing VM $ uname -a Linux
2019 Oct 23
1
dns_tkey_negotiategss: TKEY is unacceptable
I found another reason for this error: dns_tkey_negotiategss: TKEY is unacceptable After much head scratching it was due to the Apparmour configuration recommended in the WiKi at: https://wiki.samba.org/index.php/BIND9_DLZ_AppArmor_and_SELinux_Integration The section for Apparmor which recommends adding lines to /etc/apparmor.d/local/usr.sbin.named, I had to change the line: from:
2014 Sep 25
2
Missing security model in 1.2.8?
I have successfully (I believe) built (rebuilt on Ubuntu 14.04), installed, and used libvirt 1.2.2. Behaviorally I can't tell the difference between what I've built and what Ubuntu distributes. Specifically, "virsh capabilities" shows this: <secmodel> <model>apparmor</model> <doi>0</doi> </secmodel>
2014 Apr 16
2
Re: LXC + USB passthrough = Operation not permitted
Yeah, AppArmor is enabled, but I put everything (that I could find) into complain mode: $ sudo apparmor_status apparmor module is loaded. 12 profiles are loaded. 3 profiles are in enforce mode. lxc-container-default lxc-container-default-with-mounting lxc-container-default-with-nesting 9 profiles are in complain mode. /sbin/dhclient /usr/bin/lxc-start
2014 Aug 21
1
virt-sandbox-service
Is there any documentation/tutorial that explains how to use virt-sandbox-service? After looking at some writeups about virt-sandbox-service, this looks like a good tool for something I need to do. But, following the "examples" I cannot get anything to work correctly. With a simple xfce install with httpd, lighttpd, and libvirt-sandbox installed, I tried: 1. virt-sandbox-service
2017 Nov 11
11
[Bug 103689] New: there is an exploitable page fault that can be reliably triggered from the chromium sandbox can possibly lead to remote attackers causing a denial of service condition or possibly running system code.
https://bugs.freedesktop.org/show_bug.cgi?id=103689 Bug ID: 103689 Summary: there is an exploitable page fault that can be reliably triggered from the chromium sandbox can possibly lead to remote attackers causing a denial of service condition or possibly running system code. Product: xorg
2013 Jan 29
1
Fail to build libvirt-sandbox under ubuntu 12.10
I'm trying to build libvirt-sandbox under ubuntu 12.10 sudo apt-get install git build-essential lxc libvirt-bin libvirt-glib-1.0 libglib2.0-0 libglib2.0-dev gtk-doc-tools libxml2-dev libselinux-dev git clone git://libvirt.org/libvirt-sandbox.git cd libvirt-sandbox sudo ./autobuild The error I'm getting: make[2]: Entering directory `/home/user/libvirt-sandbox/build/bin' CC
2012 Jul 02
1
rlimit sandbox on cygwin
Hi all. I have an old windows VM with an oldish cygwin that I use for the regression tests. Investigating one of the test failures, I see that it's for UsePrivilegeSeparation=sandbox, and it seems to be because setrlimit(RLIMIT_FSIZE, ...) is not supported. IMO, this isn't a big loss, since the most useful thing in the rlimit "sandbox" is the descriptor limits. Can anyone see
2011 Jun 23
1
sandbox for OS X
Hi, The systrace and rlimit sandboxes have been committed and will be in snapshots dated 20110623 and later. This diff adds support for pre-auth privsep sandboxing using the OS X sandbox_init(3) service. It's a bit disappointing that the OS X developers chose such as namespace-polluting header and function names "sandbox.h", "sandbox_init()", etc. It already forced me to
2014 Apr 17
2
Re: LXC + USB passthrough = Operation not permitted
Further followups! We are correlating DEBUG-level output from libvirt with the libvirt 1.2.2 code to try to figure out what libvirt is doing under the hood. Even though we have the log level set to 1 (info) in our libvirtd.conf, we are not seeing the VIR_DEBUG() [1] statements being printed out. There are tons of other presumably-debug lines of output showing up in our log. We are sort of
2015 Mar 07
1
Unable to start sandbox: Kernel module dir /lib/modules/3.18.5-x86_64-linode52/kernel does not exist
Dear all, I have been trying to set up the set up Libvirt Sandbox without success. I want to use virt-sandbox in order to run untrusted programs in a secure environment. I am had no knowledge about virtualization until a couple of days ago, so I am probably doing something wrong. The scenario is the following: Linode instance. OS that I have tried: Ubuntu 14.04, Ubuntu 14, Fedora 21. Both
2013 Jan 28
1
limit memory and CPU when using libvirt-sandbox
I'm considering using virt-sandbox with lxc to sandbox and execute untrusted code like python scripts and compiled C code. Is it possible to limit CPU and Memory like is possible with lxc-execute and a config file? What are the defaults security settings? Is it completely isolated by default? What's the difference between lxc-execute and libvirt-sandbox? How can I use it in ubuntu?
2007 Nov 11
1
Paypal Library - How to stop payments going to sandbox
I am using the Paypal Library for ruby (http://dist.leetsoft.com/api/paypal/) I have been testing it in development mode and the paypal sandbox site. Now I have moved my application into production mode but the paypal url still goes to the sandbox site: https://www.sandbox.paypal.com/cgi-bin/webscr How do I change the paypal URL? -- Posted via http://www.ruby-forum.com/.
2012 Apr 27
3
rails console --sandbox is only half-baked
Recently I''ve found out some mentions to the "--sandbox" parameter to the "rails console" command. And I found the idea interesting, but since I''m using Sequel instead of ActiveRecord I guessed this wouldn''t work for me. But after talking about this subject in the Sequel mailing list, Jeremy Evans has brought to my attention that there are some
2012 May 18
6
[Bug 2011] New: sandbox selection needs some kind of fallback mechanism
https://bugzilla.mindrot.org/show_bug.cgi?id=2011 Bug #: 2011 Summary: sandbox selection needs some kind of fallback mechanism Classification: Unclassified Product: Portable OpenSSH Version: 6.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2
2015 Sep 16
2
Re: libvirt 1.19: could not open drive file (permission denied)
@requillart Don't get me wrong. It's no problem to use other partitions. Only, you have to add the location to the storage pool of libvirt... Sorry, no experience with gnome-boxes. @crequill Add a new storage pool with the destination /home/crequill/VM You can't fool apparmour with a link... Also with adding the storage pool, it's easier to get a clear picture of the usage of your
2015 Oct 22
0
[Bug 1940] Selinux based sandbox
https://bugzilla.mindrot.org/show_bug.cgi?id=1940 Jakub Jelen <jjelen at redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jjelen at redhat.com --- Comment #18 from Jakub Jelen <jjelen at redhat.com> --- (In reply to Damien Miller
2014 Aug 22
1
Re: How to enable SELinux driver for libvirt?
于 2014年08月21日 20:58, Eric Blake 写道: > On 08/21/2014 01:38 AM, Qiang Guan wrote: >> Hi guys, >> >> It seems libvirt disable SELinux driver by default. > You need to provide more details to substantiate your claim. What > platform are you running on, and what version of libvirt? Did you build > it yourself or are you using the pre-built distro version? > >