[libvirt] Thoughts on svirt configuration files.
Daniel J Walsh
dwalsh at redhat.com
Mon Apr 6 19:05:57 UTC 2009
Currently we do not want to hard code virtual image names into libvirt,
so libvirt and virtual-manager can use libselinux to get the default
image label and process label. svirt_t and svirt_image_t. The idea was
one policy writer might want his virtual images labeled differently than
One problem with this is I added to interfaces one for the domain, and
one for the image label. Now we realize we have other images.
process Label - svirt_t:MCS
Exclusive RW Image - svirt_image_t:MCS
Shared RW Image - svirt_image_t:s0
Read Only Image - virt_content_t:s0
So I am suggesting that we remove the virtual_image_context file and
allowing policy writers to define context in the virtual_domain_context
files but have multiple records and multiple fields.
Something like a space separated list where each field corresponds to above.
Then you could add optional types with similar fields
Since SELinux just returns a path, the virt team could choose the format
of the file if a space separated list is not addequate. (xml?) Name
Value Pairs? Policy writers would have to enter the format that is chosen.
I am thinking we might eventually want to allow an admin to select
dynamic labels but specify alternative types.
So svirt_t would be default but if someone wanted svirt_nonet_t, they
could choose that also and get separation with a different type.
More information about the libvir-list