[libvirt] [PATCH RFC 1/3] security_dac: Remember owner prior chown() and restore on relabel
Michal Privoznik
mprivozn at redhat.com
Wed Feb 27 10:30:31 UTC 2013
On 27.02.2013 11:21, Daniel P. Berrange wrote:
> On Tue, Feb 26, 2013 at 05:08:40PM +0100, Michal Privoznik wrote:
>> Currently, if we label a file to match qemu process DAC label, we
>> do not store the original owner anywhere. So when relabeling
>> back, the only option we have is to relabel to root:root
>> which is obviously wrong.
>>
>> However, bare remembering is not enough. We need to keep track of
>> how many times we labeled a file so only the last restore
>> chown()-s file back to the original owner.
>
> Your patches don't deal with this scenario correctly I'm afraid.
> A shared file may be on NFS, so simply ref-counting inside
> libvirtd doesn't cut it. We need a ref count visible to all
> libvirtd instances that can see the file. My thought is that
> we ought to make use of an extended attribute for recording
> the ref count and original ownership.
>
> Daniel
>
Okay, but I think we should not deal with NFS at all. If a disk is
shared libvirt should not event try to label it. And if so, then
definitely not relabel it back.
Michal
More information about the libvir-list
mailing list