[libvirt] [PATCHv5 14/23] blockjob: allow mirroring under SELinux
Jiri Denemark
jdenemar at redhat.com
Thu Apr 19 21:04:42 UTC 2012
On Mon, Apr 16, 2012 at 23:06:05 -0600, Eric Blake wrote:
> This copies heavily from qemuDomainSnapshotCreateSingleDiskActive(),
> in order to set the SELinux label, obtain locking manager lease, and
> audit the fact that we hand a new file over to qemu. Alas, releasing
> the lease and label on failure or at the end of the mirroring is a
> trickier prospect (we would have to know the backing chain of both
> source and destination, and be sure not to revoke rights to any part
> of the chain that is shared), so for now, virDomainBlockJobAbort
> still leaves things locked and labeled.
>
> * src/qemu/qemu_driver.c (qemuDomainBlockCopy): Set up labeling.
> ---
>
> was 14/18 in v4
> v5: remove label on failure of 'drive-mirror'
>
> src/qemu/qemu_driver.c | 69 +++++++++++++++++++++++++++++++++++++++++------
> 1 files changed, 60 insertions(+), 9 deletions(-)
OK
Jirka
More information about the libvir-list
mailing list