[Libguestfs] [PATCH 2/2] Use setfiles from the appliance for the SELinux relabel (RHBZ#1089100).

Pino Toscano ptoscano at redhat.com
Thu Aug 7 13:01:10 UTC 2014


On Tuesday 27 May 2014 18:02:16 Richard W.M. Jones wrote:
> On Tue, May 27, 2014 at 04:43:31PM +0200, Pino Toscano wrote:
> > At this point I'm thinking the best option would be making the root
> > a
> > normal (mandatory) argument, leaving path and contexts as optional
> > (with the former being "/" as default value, and the latter as
> > "find it from the root").
> 
> IIUC, that would force people to use inspection in order to relabel
> filesystems.  That would prevent Colin's use-case (because libguestfs
> cannot currently inspect ostree guests, although that in itself is a
> bug, certainly once ostree becomes established and widely used).

(Taking this back from the dust...)

The problem with making the root optional is that the SELinux tools need 
to know what is the root of the system where files are being relabeled, 
since contexts are relative to this root.

After all, in Colin's use case OSTree should know where are all the 
roots already, shouldn't it?

-- 
Pino Toscano




More information about the Libguestfs mailing list