After looking at the code, it seems that disabling the user.virtfs
namespace was the intended behaviour. I have created a patch
implementing nesting instead of disabling.
I do not know if this is the right way to do it, but I did some limited
testing and it seemed ok.
** Patch added: "nested-virt
Public bug reported:
I do not know whether this is a bug or a feature request, but on a 9p
virtfs with security_model=mapped-xattr, access to extended attributes
starting with "user.virtfs" coming from the guest seem to be silently
ignored. Would it not be more correct to use some sort of "escapin
