Displaying 20 results from an estimated 10000 matches similar to: "libvirt-sandbox on Ubuntu with SELinux"
2014 Jan 29
1
libvirt-sandbox question.
I hope this question isn't considered too off topic for this list, I am
trying to reach the libvirt-sandbox developers, but I could not find a
libvirt-sandbox specific mailing list, and it seemed to me that
libvirt-sandbox was a part of libvirt itself.
I am trying to port libvirt-sandbox to run on a CentOS 6.5 system. This
wasn't too hard but, I had to do the following:
I have used the
2014 Sep 18
2
Using custom QEMU binaries with libvirt
Hi all,
I compiled a custom version of QEMU 2.0.0 and I am having hard times to
make it available to libvirt. Just to clarify, if I execute
/usr/local/bin/qemu-system-x86_64
it does performs good. But when I put this very same path to <emulator>
tag in a domain configutation, when i start the domain I get
error: Failed to start domain vm1
error: internal error: process exited while
2015 Jan 06
2
ubuntu virsh snapshot-create-as gives Error -22 while writing VM
Hello all, I'm trying to create an online internal snapshot to work with
Cuckoo Sandbox.
I keep receiving this -22 error below on my Ubuntu system and I'm out of
ideas, been at it for a while so any help is appreciated.
root@cuckoo-sec:~# virsh snapshot-create-as cuckoo cuckoo-snap1 "Cuckoo
Snapshot"
error: operation failed: Error -22 while writing VM
$ uname -a
Linux
2019 Oct 23
1
dns_tkey_negotiategss: TKEY is unacceptable
I found another reason for this error: dns_tkey_negotiategss: TKEY is unacceptable
After much head scratching it was due to the Apparmour configuration recommended in the WiKi at:
https://wiki.samba.org/index.php/BIND9_DLZ_AppArmor_and_SELinux_Integration
The section for Apparmor which recommends adding lines to /etc/apparmor.d/local/usr.sbin.named, I had to change the line:
from:
2014 Sep 25
2
Missing security model in 1.2.8?
I have successfully (I believe) built (rebuilt on Ubuntu 14.04), installed, and used libvirt 1.2.2. Behaviorally I can't tell the difference between what I've built and what Ubuntu distributes.
Specifically, "virsh capabilities" shows this:
<secmodel>
<model>apparmor</model>
<doi>0</doi>
</secmodel>
2014 Apr 16
2
Re: LXC + USB passthrough = Operation not permitted
Yeah, AppArmor is enabled, but I put everything (that I could find) into
complain mode:
$ sudo apparmor_status
apparmor module is loaded.
12 profiles are loaded.
3 profiles are in enforce mode.
lxc-container-default
lxc-container-default-with-mounting
lxc-container-default-with-nesting
9 profiles are in complain mode.
/sbin/dhclient
/usr/bin/lxc-start
2014 Aug 21
1
virt-sandbox-service
Is there any documentation/tutorial that explains how to use
virt-sandbox-service?
After looking at some writeups about virt-sandbox-service, this looks
like a good tool for something I need to do. But, following the
"examples" I cannot get anything to work correctly.
With a simple xfce install with httpd, lighttpd, and libvirt-sandbox
installed, I tried:
1. virt-sandbox-service
2017 Nov 11
11
[Bug 103689] New: there is an exploitable page fault that can be reliably triggered from the chromium sandbox can possibly lead to remote attackers causing a denial of service condition or possibly running system code.
https://bugs.freedesktop.org/show_bug.cgi?id=103689
Bug ID: 103689
Summary: there is an exploitable page fault that can be
reliably triggered from the chromium sandbox can
possibly lead to remote attackers causing a denial of
service condition or possibly running system code.
Product: xorg
2013 Jan 29
1
Fail to build libvirt-sandbox under ubuntu 12.10
I'm trying to build libvirt-sandbox under ubuntu 12.10
sudo apt-get install git build-essential lxc libvirt-bin libvirt-glib-1.0
libglib2.0-0 libglib2.0-dev gtk-doc-tools libxml2-dev libselinux-dev
git clone git://libvirt.org/libvirt-sandbox.git
cd libvirt-sandbox
sudo ./autobuild
The error I'm getting:
make[2]: Entering directory `/home/user/libvirt-sandbox/build/bin'
CC
2012 Jul 02
1
rlimit sandbox on cygwin
Hi all.
I have an old windows VM with an oldish cygwin that I use for the
regression tests. Investigating one of the test failures, I see that
it's for UsePrivilegeSeparation=sandbox, and it seems to be because
setrlimit(RLIMIT_FSIZE, ...) is not supported.
IMO, this isn't a big loss, since the most useful thing in the rlimit
"sandbox" is the descriptor limits. Can anyone see
2011 Jun 23
1
sandbox for OS X
Hi,
The systrace and rlimit sandboxes have been committed and will be in
snapshots dated 20110623 and later. This diff adds support for
pre-auth privsep sandboxing using the OS X sandbox_init(3) service.
It's a bit disappointing that the OS X developers chose such as
namespace-polluting header and function names "sandbox.h",
"sandbox_init()", etc. It already forced me to
2014 Apr 17
2
Re: LXC + USB passthrough = Operation not permitted
Further followups!
We are correlating DEBUG-level output from libvirt with the libvirt 1.2.2
code to try to figure out what libvirt is doing under the hood.
Even though we have the log level set to 1 (info) in our libvirtd.conf, we
are not seeing the VIR_DEBUG() [1] statements being printed out. There are
tons of other presumably-debug lines of output showing up in our log. We
are sort of
Unable to start sandbox: Kernel module dir /lib/modules/3.18.5-x86_64-linode52/kernel does not exist
2015 Mar 07
1
Unable to start sandbox: Kernel module dir /lib/modules/3.18.5-x86_64-linode52/kernel does not exist
Dear all,
I have been trying to set up the set up Libvirt Sandbox without success.
I want to use virt-sandbox in order to run untrusted programs in a secure
environment. I am had no knowledge about virtualization until a couple of
days ago, so I am probably doing something wrong.
The scenario is the following:
Linode instance. OS that I have tried: Ubuntu 14.04, Ubuntu 14, Fedora 21.
Both
2013 Jan 28
1
limit memory and CPU when using libvirt-sandbox
I'm considering using virt-sandbox with lxc to sandbox and execute
untrusted code like python scripts and compiled C code.
Is it possible to limit CPU and Memory like is possible with lxc-execute
and a config file?
What are the defaults security settings? Is it completely isolated by
default?
What's the difference between lxc-execute and libvirt-sandbox?
How can I use it in ubuntu?
2007 Nov 11
1
Paypal Library - How to stop payments going to sandbox
I am using the Paypal Library for ruby
(http://dist.leetsoft.com/api/paypal/)
I have been testing it in development mode and the paypal sandbox site.
Now I have moved my application into production mode but the paypal url
still goes to the sandbox site:
https://www.sandbox.paypal.com/cgi-bin/webscr
How do I change the paypal URL?
--
Posted via http://www.ruby-forum.com/.
2012 Apr 27
3
rails console --sandbox is only half-baked
Recently I''ve found out some mentions to the "--sandbox" parameter to
the "rails console" command.
And I found the idea interesting, but since I''m using Sequel instead of
ActiveRecord I guessed this wouldn''t work for me.
But after talking about this subject in the Sequel mailing list, Jeremy
Evans has brought to my attention that there are some
2012 May 18
6
[Bug 2011] New: sandbox selection needs some kind of fallback mechanism
https://bugzilla.mindrot.org/show_bug.cgi?id=2011
Bug #: 2011
Summary: sandbox selection needs some kind of fallback
mechanism
Classification: Unclassified
Product: Portable OpenSSH
Version: 6.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
2015 Sep 16
2
Re: libvirt 1.19: could not open drive file (permission denied)
@requillart
Don't get me wrong. It's no problem to use other partitions. Only, you have to add the location to the storage pool of libvirt...
Sorry, no experience with gnome-boxes.
@crequill
Add a new storage pool with the destination /home/crequill/VM
You can't fool apparmour with a link...
Also with adding the storage pool, it's easier to get a clear picture of the usage of your
2015 Oct 22
0
[Bug 1940] Selinux based sandbox
https://bugzilla.mindrot.org/show_bug.cgi?id=1940
Jakub Jelen <jjelen at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jjelen at redhat.com
--- Comment #18 from Jakub Jelen <jjelen at redhat.com> ---
(In reply to Damien Miller
2014 Aug 22
1
Re: How to enable SELinux driver for libvirt?
于 2014年08月21日 20:58, Eric Blake 写道:
> On 08/21/2014 01:38 AM, Qiang Guan wrote:
>> Hi guys,
>>
>> It seems libvirt disable SELinux driver by default.
> You need to provide more details to substantiate your claim. What
> platform are you running on, and what version of libvirt? Did you build
> it yourself or are you using the pre-built distro version?
>
>