[Libguestfs] virt-copy-in - how do I get the selinux relabeling done for the file?
Richard W.M. Jones
rjones at redhat.com
Sun Dec 24 13:49:33 UTC 2017
On Sun, Dec 24, 2017 at 02:15:44PM +0200, Yaniv Kaul wrote:
> I'm copying a file into a VM using virt-copy-in - which is great, but the
> file is wrongly labeled.
> How can I fix that?
Hi Yaniv,
The easiest thing is to run this after doing the virt-copy-in:
virt-customize -a disk.img --selinux-relabel
which will run this code:
https://github.com/libguestfs/libguestfs/blob/master/customize/SELinux_relabel.ml#L27
That requires an extra launch of the appliance, so if you were very
concerned about doing this most efficiently then you could do
something like this instead:
guestfish -a disk.img -i <<EOF
copy-in files [...] /target/dir
selinux-relabel /etc/selinux/targeted/contexts/files/file_contexts / force:true
EOF
That isn't quite the same as the virt-customize code above, and in
particular it assumes that you're using the "targeted" policy and you
don't have the buggy version of RHEL 6, but it's near enough for most
purposes. If you want to do any better you'd need to write a custom
script in Python or whatever.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top
More information about the Libguestfs
mailing list