Gentoo, a friend of Devuan's run in Qemu/Libvirt with grsecurity policy enabled (12)
To understand how much work it is for me (and the American very dear to me, to whom lots of us are thankful for his privacy-friendly revelations, so useful for democracy in the world, is quoted to have said how --paraphrasing-- grsecurity is too hard to be easily used by the general public), you should visit the developing topic in the grsecurity forumsLibvirt virtualization policies
So, I installed --in the libvirt way-- Gentoo installation CD with virt-install, and ran it with virt-viewer.
Importantly, virt-install is part of my sans-dbus virt-manager installation. dbus --or d-bus-- is not in my system, it's a dangerous friend of systemd's, I don't want it at home here:GUI-less (non-dbus) virt-manager (to run Tails in Gentoo)
First I had to run it with grsecurity's RBAC policy disabled.
Then I eventually (see how complex it is in the grsecurity forums topic linked above) figured out what was missing in the policy, and I ran it with grsecurity enabled --with the programs around libvirt in learning mode.
The files necessary for this study are listed in:
dump_170306_0026_g0n.pcap dump_170306_0026_g0n_SSLKEYLOGFILE.txt dump_170306_1430_g0n.pcap Screen_170306_0026_g0n.webm Screen_170306_1430_g0n.webmand verify to: ls-1pg12.sum signed by: ls-1pg12.sum.asc
You might find dump_dlo.sh script from my uncenz program more useful then downloading each file separately.