[libvirt] [PATCH v2 0/3] expose baselabel for each sec model/virt type
Giuseppe Scrivano
gscrivan at redhat.com
Thu Sep 5 11:49:42 UTC 2013
Now each security model can define its own base label, that describes
the default security context used by libvirt to run an hypervisor
process. This information is exposed to users trough the host
capabilities XML.
Giuseppe Scrivano (3):
security: add new internal function "virSecurityManagerGetBaseLabel"
capabilities: add baselabel per sec driver/virt type to secmodel
capabilities: document and test "<baselabel>"
docs/schemas/capability.rng | 8 ++++
src/conf/capabilities.c | 60 +++++++++++++++++++++++++++-
src/conf/capabilities.h | 14 +++++++
src/libvirt_private.syms | 2 +
src/qemu/qemu_conf.c | 11 +++--
src/security/security_apparmor.c | 7 ++++
src/security/security_dac.c | 26 +++++++++++-
src/security/security_driver.h | 3 ++
src/security/security_manager.c | 15 +++++++
src/security/security_manager.h | 2 +
src/security/security_nop.c | 9 +++++
src/security/security_selinux.c | 9 +++++
src/security/security_stack.c | 8 ++++
tests/capabilityschemadata/caps-qemu-kvm.xml | 2 +
tests/capabilityschemadata/caps-test3.xml | 2 +
15 files changed, 172 insertions(+), 6 deletions(-)
--
1.8.3.1
More information about the libvir-list
mailing list