![]() $ qemu-system-x86_64 -sandbox on,elevateprivi leges=deny -daemonize a hint in the documentation of the flags that elevateprivileges AND daemonize contradict -or. ![]() html#isolation- mechanisms) states that sanboxing " disables system calls that are not needed by QEMU", but setsid obviously is needed. The documentation ( https:/ /qemu.readthedo cs.io/en/ latest/ system/ security. Since the os_daemonize libc-call uses the syscall setsid, qemu gets killed by the signal 13 (SIGSYS). This behavior got introduced by 0546c0609cb5a8d 90c1cbac8e0d64b 5a048bbb19 where the sandbox options gets parsed and enforced *before* daemonizing. Qemu fails silently with exit code 1 when using daemonize and the sandbox option elevateprivileg es=deny.
0 Comments
Leave a Reply. |