[libvirt] [PATCH 0/8] Honour current process label when generating SELinux labels
Viktor Mihajlovski
mihajlov at linux.vnet.ibm.com
Fri Aug 17 12:56:32 UTC 2012
On 08/16/2012 07:43 PM, Daniel J Walsh wrote:
>>
>
> Yes the security context should be system_u:object_r:svirt_image_t:s0:c786,c986
> These patches should have just affected the Process label not the file label.
> On the file label we should alter the role on the file label to include object_r.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAlAtMVIACgkQrlYvE4MpobMYqQCgz+d7yeXhYXTz0IGFIsRYUqJl
> GGgAniHHX21m7D5BHZgeMHskS8zww4B1
> =Ex2S
> -----END PGP SIGNATURE-----
>
I've submitted a patch to leave the role unaltered if the base context
role is object_r. Maybe not the most elegant way, but it works for me.
--
Mit freundlichen Grüßen/Kind Regards
Viktor Mihajlovski
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
More information about the libvir-list
mailing list