[Libguestfs] virt-copy-in - how do I get the selinux relabeling done for the file?
Richard W.M. Jones
rjones at redhat.com
Sun Dec 24 14:20:22 UTC 2017
On Sun, Dec 24, 2017 at 03:59:33PM +0200, Yaniv Kaul wrote:
> On Sun, Dec 24, 2017 at 3:49 PM, Richard W.M. Jones <rjones at redhat.com>
> wrote:
>
> > On Sun, Dec 24, 2017 at 02:15:44PM +0200, Yaniv Kaul wrote:
> > > I'm copying a file into a VM using virt-copy-in - which is great, but the
> > > file is wrongly labeled.
> > > How can I fix that?
> >
> > Hi Yaniv,
> >
> > The easiest thing is to run this after doing the virt-copy-in:
> >
> > virt-customize -a disk.img --selinux-relabel
> >
> > which will run this code:
> >
> > https://github.com/libguestfs/libguestfs/blob/master/
> > customize/SELinux_relabel.ml#L27
> >
> > That requires an extra launch of the appliance, so if you were very
> > concerned about doing this most efficiently then you could do
> > something like this instead:
> >
> > guestfish -a disk.img -i <<EOF
> > copy-in files [...] /target/dir
> > selinux-relabel /etc/selinux/targeted/contexts/files/file_contexts / force:true
In case it's not clear, this parameter ^^^
controls the scope of the relabelling, so you can relabel parts of the
filesystem if you want to. It's basically a wrapper around
‘setfiles’:
https://github.com/libguestfs/libguestfs/blob/dab065a8eed6c6d8d9c53956393566812cfe6a2e/daemon/selinux-relabel.c#L87
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW
More information about the Libguestfs
mailing list