[libvirt] [PATCH v3 2/3] security: Introduce SetSocketLabel
Daniel P. Berrange
berrange at redhat.com
Fri Aug 26 09:41:08 UTC 2011
On Fri, Aug 26, 2011 at 10:23:47AM +0200, Jiri Denemark wrote:
> This API labels all sockets created until ClearSocketLabel is called in
> a way that a vm can access them (i.e., they are labeled with svirt_t
> based label in SELinux).
> ---
> Notes:
> Version 3:
> - new patch
>
> src/libvirt_private.syms | 1 +
> src/security/security_dac.c | 9 +++++++++
> src/security/security_driver.h | 3 +++
> src/security/security_manager.c | 10 ++++++++++
> src/security/security_manager.h | 2 ++
> src/security/security_nop.c | 7 +++++++
> src/security/security_selinux.c | 38 ++++++++++++++++++++++++++++++++++++++
> src/security/security_stack.c | 17 +++++++++++++++++
> 8 files changed, 87 insertions(+), 0 deletions(-)
Again need a stub for apparmour
ACK if that is added.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list