# Master configuration file for the QEMU driver.# All settings described here

1. # Master configuration file for the QEMU driver.
2. # All settings described here are optional - if omitted, sensible
3. # defaults are used.
4.  
5. # Use of TLS requires that x509 certificates be issued. The default is
6. # to keep them in /etc/pki/qemu. This directory must contain
7. #
8. # ca-cert.pem - the CA master certificate
9. # server-cert.pem - the server certificate signed with ca-cert.pem
10. # server-key.pem - the server private key
11. #
12. # and optionally may contain
13. #
14. # dh-params.pem - the DH params configuration file
15. #
16. #default_tls_x509_cert_dir = "/etc/pki/qemu"
17.  
18.  
19. # The default TLS configuration only uses certificates for the server
20. # allowing the client to verify the server's identity and establish
21. # an encrypted channel.
22. #
23. # It is possible to use x509 certificates for authentication too, by
24. # issuing a x509 certificate to every client who needs to connect.
25. #
26. # Enabling this option will reject any client who does not have a
27. # certificate signed by the CA in /etc/pki/qemu/ca-cert.pem
28. #
29. #default_tls_x509_verify = 1
30.  
31. #
32. # Libvirt assumes the server-key.pem file is unencrypted by default.
33. # To use an encrypted server-key.pem file, the password to decrypt
34. # the PEM file is required. This can be provided by creating a secret
35. # object in libvirt and then to uncomment this setting to set the UUID
36. # of the secret.
37. #
38. # NB This default all-zeros UUID will not work. Replace it with the
39. # output from the UUID for the TLS secret from a 'virsh secret-list'
40. # command and then uncomment the entry
41. #
42. #default_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
43.  
44.  
45. # VNC is configured to listen on 127.0.0.1 by default.
46. # To make it listen on all public interfaces, uncomment
47. # this next option.
48. #
49. # NB, strong recommendation to enable TLS + x509 certificate
50. # verification when allowing public access
51. #
52. #vnc_listen = "0.0.0.0"
53.  
54. # Enable this option to have VNC served over an automatically created
55. # unix socket. This prevents unprivileged access from users on the
56. # host machine, though most VNC clients do not support it.
57. #
58. # This will only be enabled for VNC configurations that have listen
59. # type=address but without any address specified. This setting takes
60. # preference over vnc_listen.
61. #
62. #vnc_auto_unix_socket = 1
63.  
64. # Enable use of TLS encryption on the VNC server. This requires
65. # a VNC client which supports the VeNCrypt protocol extension.
66. # Examples include vinagre, virt-viewer, virt-manager and vencrypt
67. # itself. UltraVNC, RealVNC, TightVNC do not support this
68. #
69. # It is necessary to setup CA and issue a server certificate
70. # before enabling this.
71. #
72. #vnc_tls = 1
73.  
74.  
75. # In order to override the default TLS certificate location for
76. # vnc certificates, supply a valid path to the certificate directory.
77. # If the provided path does not exist then the default_tls_x509_cert_dir
78. # path will be used.
79. #
80. #vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
81.  
82.  
83. # The default TLS configuration only uses certificates for the server
84. # allowing the client to verify the server's identity and establish
85. # an encrypted channel.
86. #
87. # It is possible to use x509 certificates for authentication too, by
88. # issuing a x509 certificate to every client who needs to connect.
89. #
90. # Enabling this option will reject any client who does not have a
91. # certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
92. #
93. # If this option is not supplied, it will be set to the value of
94. # "default_tls_x509_verify".
95. #
96. #vnc_tls_x509_verify = 1
97.  
98.  
99. # The default VNC password. Only 8 bytes are significant for
100. # VNC passwords. This parameter is only used if the per-domain
101. # XML config does not already provide a password. To allow
102. # access without passwords, leave this commented out. An empty
103. # string will still enable passwords, but be rejected by QEMU,
104. # effectively preventing any use of VNC. Obviously change this
105. # example here before you set this.
106. #
107. #vnc_password = "XYZ12345"
108.  
109.  
110. # Enable use of SASL encryption on the VNC server. This requires
111. # a VNC client which supports the SASL protocol extension.
112. # Examples include vinagre, virt-viewer and virt-manager
113. # itself. UltraVNC, RealVNC, TightVNC do not support this
114. #
115. # It is necessary to configure /etc/sasl2/qemu.conf to choose
116. # the desired SASL plugin (eg, GSSPI for Kerberos)
117. #
118. #vnc_sasl = 1
119.  
120.  
121. # The default SASL configuration file is located in /etc/sasl2/
122. # When running libvirtd unprivileged, it may be desirable to
123. # override the configs in this location. Set this parameter to
124. # point to the directory, and create a qemu.conf in that location
125. #
126. #vnc_sasl_dir = "/some/directory/sasl2"
127.  
128.  
129. # QEMU implements an extension for providing audio over a VNC connection,
130. # though if your VNC client does not support it, your only chance for getting
131. # sound output is through regular audio backends. By default, libvirt will
132. # disable all QEMU sound backends if using VNC, since they can cause
133. # permissions issues. Enabling this option will make libvirtd honor the
134. # QEMU_AUDIO_DRV environment variable when using VNC.
135. #
136. #vnc_allow_host_audio = 0
137.  
138.  
139.  
140. # SPICE is configured to listen on 127.0.0.1 by default.
141. # To make it listen on all public interfaces, uncomment
142. # this next option.
143. #
144. # NB, strong recommendation to enable TLS + x509 certificate
145. # verification when allowing public access
146. #
147. #spice_listen = "0.0.0.0"
148.  
149.  
150. # Enable use of TLS encryption on the SPICE server.
151. #
152. # It is necessary to setup CA and issue a server certificate
153. # before enabling this.
154. #
155. #spice_tls = 1
156.  
157.  
158. # In order to override the default TLS certificate location for
159. # spice certificates, supply a valid path to the certificate directory.
160. # If the provided path does not exist then the default_tls_x509_cert_dir
161. # path will be used.
162. #
163. #spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice"
164.  
165.  
166. # Enable this option to have SPICE served over an automatically created
167. # unix socket. This prevents unprivileged access from users on the
168. # host machine.
169. #
170. # This will only be enabled for SPICE configurations that have listen
171. # type=address but without any address specified. This setting takes
172. # preference over spice_listen.
173. #
174. #spice_auto_unix_socket = 1
175.  
176.  
177. # The default SPICE password. This parameter is only used if the
178. # per-domain XML config does not already provide a password. To
179. # allow access without passwords, leave this commented out. An
180. # empty string will still enable passwords, but be rejected by
181. # QEMU, effectively preventing any use of SPICE. Obviously change
182. # this example here before you set this.
183. #
184. #spice_password = "XYZ12345"
185.  
186.  
187. # Enable use of SASL encryption on the SPICE server. This requires
188. # a SPICE client which supports the SASL protocol extension.
189. #
190. # It is necessary to configure /etc/sasl2/qemu.conf to choose
191. # the desired SASL plugin (eg, GSSPI for Kerberos)
192. #
193. #spice_sasl = 1
194.  
195. # The default SASL configuration file is located in /etc/sasl2/
196. # When running libvirtd unprivileged, it may be desirable to
197. # override the configs in this location. Set this parameter to
198. # point to the directory, and create a qemu.conf in that location
199. #
200. #spice_sasl_dir = "/some/directory/sasl2"
201.  
202. # Enable use of TLS encryption on the chardev TCP transports.
203. #
204. # It is necessary to setup CA and issue a server certificate
205. # before enabling this.
206. #
207. #chardev_tls = 1
208.  
209.  
210. # In order to override the default TLS certificate location for character
211. # device TCP certificates, supply a valid path to the certificate directory.
212. # If the provided path does not exist then the default_tls_x509_cert_dir
213. # path will be used.
214. #
215. #chardev_tls_x509_cert_dir = "/etc/pki/libvirt-chardev"
216.  
217.  
218. # The default TLS configuration only uses certificates for the server
219. # allowing the client to verify the server's identity and establish
220. # an encrypted channel.
221. #
222. # It is possible to use x509 certificates for authentication too, by
223. # issuing a x509 certificate to every client who needs to connect.
224. #
225. # Enabling this option will reject any client who does not have a
226. # certificate signed by the CA in /etc/pki/libvirt-chardev/ca-cert.pem
227. #
228. #chardev_tls_x509_verify = 1
229.  
230.  
231. # Uncomment and use the following option to override the default secret
232. # UUID provided in the default_tls_x509_secret_uuid parameter.
233. #
234. # NB This default all-zeros UUID will not work. Replace it with the
235. # output from the UUID for the TLS secret from a 'virsh secret-list'
236. # command and then uncomment the entry
237. #
238. #chardev_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
239.  
240.  
241. # By default, if no graphical front end is configured, libvirt will disable
242. # QEMU audio output since directly talking to alsa/pulseaudio may not work
243. # with various security settings. If you know what you're doing, enable
244. # the setting below and libvirt will passthrough the QEMU_AUDIO_DRV
245. # environment variable when using nographics.
246. #
247. nographics_allow_host_audio = 1
248.  
249.  
250. # Override the port for creating both VNC and SPICE sessions (min).
251. # This defaults to 5900 and increases for consecutive sessions
252. # or when ports are occupied, until it hits the maximum.
253. #
254. # Minimum must be greater than or equal to 5900 as lower number would
255. # result into negative vnc display number.
256. #
257. # Maximum must be less than 65536, because higher numbers do not make
258. # sense as a port number.
259. #
260. #remote_display_port_min = 5900
261. #remote_display_port_max = 65535
262.  
263. # VNC WebSocket port policies, same rules apply as with remote display
264. # ports. VNC WebSockets use similar display <-> port mappings, with
265. # the exception being that ports start from 5700 instead of 5900.
266. #
267. #remote_websocket_port_min = 5700
268. #remote_websocket_port_max = 65535
269.  
270. # The default security driver is SELinux. If SELinux is disabled
271. # on the host, then the security driver will automatically disable
272. # itself. If you wish to disable QEMU SELinux security driver while
273. # leaving SELinux enabled for the host in general, then set this
274. # to 'none' instead. It's also possible to use more than one security
275. # driver at the same time, for this use a list of names separated by
276. # comma and delimited by square brackets. For example:
277. #
278. # security_driver = [ "selinux", "apparmor" ]
279. #
280. # Notes: The DAC security driver is always enabled; as a result, the
281. # value of security_driver cannot contain "dac". The value "none" is
282. # a special value; security_driver can be set to that value in
283. # isolation, but it cannot appear in a list of drivers.
284. #
285. #security_driver = "selinux"
286.  
287. # If set to non-zero, then the default security labeling
288. # will make guests confined. If set to zero, then guests
289. # will be unconfined by default. Defaults to 1.
290. #security_default_confined = 1
291.  
292. # If set to non-zero, then attempts to create unconfined
293. # guests will be blocked. Defaults to 0.
294. #security_require_confined = 1
295.  
296. # The user for QEMU processes run by the system instance. It can be
297. # specified as a user name or as a user id. The qemu driver will try to
298. # parse this value first as a name and then, if the name doesn't exist,
299. # as a user id.
300. #
301. # Since a sequence of digits is a valid user name, a leading plus sign
302. # can be used to ensure that a user id will not be interpreted as a user
303. # name.
304. #
305. # Some examples of valid values are:
306. #
307. # user = "qemu" # A user named "qemu"
308. # user = "+0" # Super user (uid=0)
309. # user = "100" # A user named "100" or a user with uid=100
310. #
311. #user = "root"
312. user = "1000"
313.  
314. # The group for QEMU processes run by the system instance. It can be
315. # specified in a similar way to user.
316. group="1000"
317.  
318. # Whether libvirt should dynamically change file ownership
319. # to match the configured user/group above. Defaults to 1.
320. # Set to 0 to disable file ownership changes.
321. #dynamic_ownership = 1
322.  
323.  
324. # What cgroup controllers to make use of with QEMU guests
325. #
326. # - 'cpu' - use for schedular tunables
327. # - 'devices' - use for device whitelisting
328. # - 'memory' - use for memory tunables
329. # - 'blkio' - use for block devices I/O tunables
330. # - 'cpuset' - use for CPUs and memory nodes
331. # - 'cpuacct' - use for CPUs statistics.
332. #
333. # NB, even if configured here, they won't be used unless
334. # the administrator has mounted cgroups, e.g.:
335. #
336. # mkdir /dev/cgroup
337. # mount -t cgroup -o devices,cpu,memory,blkio,cpuset none /dev/cgroup
338. #
339. # They can be mounted anywhere, and different controllers
340. # can be mounted in different locations. libvirt will detect
341. # where they are located.
342. #
343. #cgroup_controllers = [ "cpu", "devices", "memory", "blkio", "cpuset", "cpuacct" ]
344.  
345. # This is the basic set of devices allowed / required by
346. # all virtual machines.
347. #
348. # As well as this, any configured block backed disks,
349. # all sound device, and all PTY devices are allowed.
350. #
351. # This will only need setting if newer QEMU suddenly
352. # wants some device we don't already know about.
353. #
354. cgroup_device_acl = [
355. "/dev/kvm",
356. "/dev/input/by-id/usb-04d9_USB_Keyboard-event-kbd",
357. "/dev/input/by-id/usb-Logitech_Gaming_Mouse_G502_157D356F3034-event-mouse",
358. "/dev/input/by-id/usb-Logitech_Gaming_Mouse_G502_157D356F3034-if01-event-kbd"
359. ]
360. # "/dev/null", "/dev/full", "/dev/zero",
361. # "/dev/random", "/dev/urandom",
362. # "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
363. # "/dev/rtc","/dev/hpet", "/dev/vfio/vfio"
364. #]
365. #
366. # RDMA migration requires the following extra files to be added to the list:
367. # "/dev/infiniband/rdma_cm",
368. # "/dev/infiniband/issm0",
369. # "/dev/infiniband/issm1",
370. # "/dev/infiniband/umad0",
371. # "/dev/infiniband/umad1",
372. # "/dev/infiniband/uverbs0"
373.  
374.  
375. # The default format for Qemu/KVM guest save images is raw; that is, the
376. # memory from the domain is dumped out directly to a file. If you have
377. # guests with a large amount of memory, however, this can take up quite
378. # a bit of space. If you would like to compress the images while they
379. # are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz"
380. # for save_image_format. Note that this means you slow down the process of
381. # saving a domain in order to save disk space; the list above is in descending
382. # order by performance and ascending order by compression ratio.
383. #
384. # save_image_format is used when you use 'virsh save' or 'virsh managedsave'
385. # at scheduled saving, and it is an error if the specified save_image_format
386. # is not valid, or the requested compression program can't be found.
387. #
388. # dump_image_format is used when you use 'virsh dump' at emergency
389. # crashdump, and if the specified dump_image_format is not valid, or
390. # the requested compression program can't be found, this falls
391. # back to "raw" compression.
392. #
393. # snapshot_image_format specifies the compression algorithm of the memory save
394. # image when an external snapshot of a domain is taken. This does not apply
395. # on disk image format. It is an error if the specified format isn't valid,
396. # or the requested compression program can't be found.
397. #
398. #save_image_format = "raw"
399. #dump_image_format = "raw"
400. #snapshot_image_format = "raw"
401.  
402. # When a domain is configured to be auto-dumped when libvirtd receives a
403. # watchdog event from qemu guest, libvirtd will save dump files in directory
404. # specified by auto_dump_path. Default value is /var/lib/libvirt/qemu/dump
405. #
406. #auto_dump_path = "/var/lib/libvirt/qemu/dump"
407.  
408. # When a domain is configured to be auto-dumped, enabling this flag
409. # has the same effect as using the VIR_DUMP_BYPASS_CACHE flag with the
410. # virDomainCoreDump API. That is, the system will avoid using the
411. # file system cache while writing the dump file, but may cause
412. # slower operation.
413. #
414. #auto_dump_bypass_cache = 0
415.  
416. # When a domain is configured to be auto-started, enabling this flag
417. # has the same effect as using the VIR_DOMAIN_START_BYPASS_CACHE flag
418. # with the virDomainCreateWithFlags API. That is, the system will
419. # avoid using the file system cache when restoring any managed state
420. # file, but may cause slower operation.
421. #
422. #auto_start_bypass_cache = 0
423.  
424. # If provided by the host and a hugetlbfs mount point is configured,
425. # a guest may request huge page backing. When this mount point is
426. # unspecified here, determination of a host mount point in /proc/mounts
427. # will be attempted. Specifying an explicit mount overrides detection
428. # of the same in /proc/mounts. Setting the mount point to "" will
429. # disable guest hugepage backing. If desired, multiple mount points can
430. # be specified at once, separated by comma and enclosed in square
431. # brackets, for example:
432. #
433. # hugetlbfs_mount = ["/dev/hugepages2M", "/dev/hugepages1G"]
434. #
435. # The size of huge page served by specific mount point is determined by
436. # libvirt at the daemon startup.
437. #
438. # NB, within these mount points, guests will create memory backing
439. # files in a location of $MOUNTPOINT/libvirt/qemu
440. #
441. #hugetlbfs_mount = "/dev/hugepages"
442.  
443.  
444. # Path to the setuid helper for creating tap devices. This executable
445. # is used to create <source type='bridge'> interfaces when libvirtd is
446. # running unprivileged. libvirt invokes the helper directly, instead
447. # of using "-netdev bridge", for security reasons.
448. #bridge_helper = "/usr/lib/qemu/qemu-bridge-helper"
449.  
450.  
451.  
452. # If clear_emulator_capabilities is enabled, libvirt will drop all
453. # privileged capabilities of the QEmu/KVM emulator. This is enabled by
454. # default.
455. #
456. # Warning: Disabling this option means that a compromised guest can
457. # exploit the privileges and possibly do damage to the host.
458. #
459. #clear_emulator_capabilities = 1
460.  
461.  
462. # If enabled, libvirt will have QEMU set its process name to
463. # "qemu:VM_NAME", where VM_NAME is the name of the VM. The QEMU
464. # process will appear as "qemu:VM_NAME" in process listings and
465. # other system monitoring tools. By default, QEMU does not set
466. # its process title, so the complete QEMU command (emulator and
467. # its arguments) appear in process listings.
468. #
469. #set_process_name = 1
470.  
471.  
472. # If max_processes is set to a positive integer, libvirt will use
473. # it to set the maximum number of processes that can be run by qemu
474. # user. This can be used to override default value set by host OS.
475. # The same applies to max_files which sets the limit on the maximum
476. # number of opened files.
477. #
478. #max_processes = 0
479. #max_files = 0
480.  
481. # If max_core is set to a non-zero integer, then QEMU will be
482. # permitted to create core dumps when it crashes, provided its
483. # RAM size is smaller than the limit set.
484. #
485. # Be warned that the core dump will include a full copy of the
486. # guest RAM, if the 'dump_guest_core' setting has been enabled,
487. # or if the guest XML contains
488. #
489. # <memory dumpcore="on">...guest ram...</memory>
490. #
491. # If guest RAM is to be included, ensure the max_core limit
492. # is set to at least the size of the largest expected guest
493. # plus another 1GB for any QEMU host side memory mappings.
494. #
495. # As a special case it can be set to the string "unlimited" to
496. # to allow arbitrarily sized core dumps.
497. #
498. # By default the core dump size is set to 0 disabling all dumps
499. #
500. # Size is a positive integer specifying bytes or the
501. # string "unlimited"
502. #
503. #max_core = "unlimited"
504.  
505. # Determine if guest RAM is included in QEMU core dumps. By
506. # default guest RAM will be excluded if a new enough QEMU is
507. # present. Setting this to '1' will force guest RAM to always
508. # be included in QEMU core dumps.
509. #
510. # This setting will be ignored if the guest XML has set the
511. # dumpcore attribute on the <memory> element.
512. #
513. #dump_guest_core = 1
514.  
515. # mac_filter enables MAC addressed based filtering on bridge ports.
516. # This currently requires ebtables to be installed.
517. #
518. #mac_filter = 1
519.  
520.  
521. # By default, PCI devices below non-ACS switch are not allowed to be assigned
522. # to guests. By setting relaxed_acs_check to 1 such devices will be allowed to
523. # be assigned to guests.
524. #
525. #relaxed_acs_check = 1
526.  
527.  
528. # If allow_disk_format_probing is enabled, libvirt will probe disk
529. # images to attempt to identify their format, when not otherwise
530. # specified in the XML. This is disabled by default.
531. #
532. # WARNING: Enabling probing is a security hole in almost all
533. # deployments. It is strongly recommended that users update their
534. # guest XML <disk> elements to include <driver type='XXXX'/>
535. # elements instead of enabling this option.
536. #
537. #allow_disk_format_probing = 1
538.  
539.  
540. # In order to prevent accidentally starting two domains that
541. # share one writable disk, libvirt offers two approaches for
542. # locking files. The first one is sanlock, the other one,
543. # virtlockd, is then our own implementation. Accepted values
544. # are "sanlock" and "lockd".
545. #
546. #lock_manager = "lockd"
547.  
548.  
549.  
550. # Set limit of maximum APIs queued on one domain. All other APIs
551. # over this threshold will fail on acquiring job lock. Specially,
552. # setting to zero turns this feature off.
553. # Note, that job lock is per domain.
554. #
555. #max_queued = 0
556.  
557. ###################################################################
558. # Keepalive protocol:
559. # This allows qemu driver to detect broken connections to remote
560. # libvirtd during peer-to-peer migration. A keepalive message is
561. # sent to the daemon after keepalive_interval seconds of inactivity
562. # to check if the daemon is still responding; keepalive_count is a
563. # maximum number of keepalive messages that are allowed to be sent
564. # to the daemon without getting any response before the connection
565. # is considered broken. In other words, the connection is
566. # automatically closed approximately after
567. # keepalive_interval * (keepalive_count + 1) seconds since the last
568. # message received from the daemon. If keepalive_interval is set to
569. # -1, qemu driver will not send keepalive requests during
570. # peer-to-peer migration; however, the remote libvirtd can still
571. # send them and source libvirtd will send responses. When
572. # keepalive_count is set to 0, connections will be automatically
573. # closed after keepalive_interval seconds of inactivity without
574. # sending any keepalive messages.
575. #
576. #keepalive_interval = 5
577. #keepalive_count = 5
578.  
579.  
580.  
581. # Use seccomp syscall whitelisting in QEMU.
582. # 1 = on, 0 = off, -1 = use QEMU default
583. # Defaults to -1.
584. #
585. #seccomp_sandbox = 1
586.  
587.  
588. # Override the listen address for all incoming migrations. Defaults to
589. # 0.0.0.0, or :: if both host and qemu are capable of IPv6.
590. #migration_address = "0.0.0.0"
591.  
592.  
593. # The default hostname or IP address which will be used by a migration
594. # source for transferring migration data to this host. The migration
595. # source has to be able to resolve this hostname and connect to it so
596. # setting "localhost" will not work. By default, the host's configured
597. # hostname is used.
598. #migration_host = "host.example.com"
599.  
600.  
601. # Override the port range used for incoming migrations.
602. #
603. # Minimum must be greater than 0, however when QEMU is not running as root,
604. # setting the minimum to be lower than 1024 will not work.
605. #
606. # Maximum must not be greater than 65535.
607. #
608. #migration_port_min = 49152
609. #migration_port_max = 49215
610.  
611.  
612.  
613. # Timestamp QEMU's log messages (if QEMU supports it)
614. #
615. # Defaults to 1.
616. #
617. #log_timestamp = 0
618.  
619.  
620. # Location of master nvram file
621. #
622. # When a domain is configured to use UEFI instead of standard
623. # BIOS it may use a separate storage for UEFI variables. If
624. # that's the case libvirt creates the variable store per domain
625. # using this master file as image. Each UEFI firmware can,
626. # however, have different variables store. Therefore the nvram is
627. # a list of strings when a single item is in form of:
628. # ${PATH_TO_UEFI_FW}:${PATH_TO_UEFI_VARS}.
629. # Later, when libvirt creates per domain variable store, this list is
630. # searched for the master image. The UEFI firmware can be called
631. # differently for different guest architectures. For instance, it's OVMF
632. # for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default
633. # follows this scheme.
634. nvram = [
635. "/usr/share/ovmf/x64/OVMF_CODE.fd:/usr/share/ovmf/x64/OVMF_VARS.fd"
636. ]
637. # The backend to use for handling stdout/stderr output from
638. # QEMU processes.
639. #
640. # 'file': QEMU writes directly to a plain file. This is the
641. # historical default, but allows QEMU to inflict a
642. # denial of service attack on the host by exhausting
643. # filesystem space
644. #
645. # 'logd': QEMU writes to a pipe provided by virtlogd daemon.
646. # This is the current default, providing protection
647. # against denial of service by performing log file
648. # rollover when a size limit is hit.
649. #
650. #stdio_handler = "logd"
651. #
652. clear_emulator_capabilities = 0