[libvirt] [PATCH] sec_manager: Refuse to start domain with unsupported seclabel
Eric Blake
eblake at redhat.com
Tue Apr 2 16:38:11 UTC 2013
On 04/02/2013 10:07 AM, Michal Privoznik wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=947387
>
> If a user configures a domain to use a seclabel of a specific type,
> but the appropriate driver is not accessible, we should refuse to
> start the domain. For instance, if user requires selinux, but it is
> either non present in the system, or is just disabled, we should not
> start the domain. Moreover, since we are touching only those labels we
> have a security driver for, the other labels may confuse libvirt when
> reconnecting to a domain on libvirtd restart. In our selinux example,
> when starting up a domain, missing security label is okay, as we
> auto-generate one. But later, when libvirt is re-connecting to a live
> qemu instance, we parse a state XML, where security label is required
> and it is an error if missing:
>
> error : virSecurityLabelDefParseXML:3228 : XML error: security label
> is missing
>
> This results in a qemu process left behind without any libvirt control.
> ---
> src/security/security_manager.c | 15 ++++++++++++++-
> 1 file changed, 14 insertions(+), 1 deletion(-)
ACK.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130402/d497a475/attachment-0001.sig>
More information about the libvir-list
mailing list