[libvirt] [PATCH] apparmor: implement AppArmorSetFDLabel()
Daniel Veillard
veillard at redhat.com
Mon Jun 20 03:58:00 UTC 2011
On Thu, Jun 16, 2011 at 02:01:34PM -0500, Jamie Strandboge wrote:
> During a savevm operation, libvirt will now use fd migration if qemu
> supports it. When the AppArmor driver is enabled, AppArmorSetFDLabel()
> is used but since this function simply returns '0', the dynamic AppArmor
> profile is not updated and AppArmor blocks access to the save file. This
> patch implements AppArmorSetFDLabel() to get the pathname of the file by
> resolving the fd symlink in /proc, and then gives that pathname to
> reload_profile(), which fixes 'virsh save' when AppArmor is enabled.
>
> Passes 'check' and 'syntax-check' (though po_check failed for unrelated
> reasons).
>
> Reference: https://launchpad.net/bugs/795800
ACK, and pushed,
thanks !
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel at veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
More information about the libvir-list
mailing list