[libvirt] [PATCH 0/2] Manage SELinux labels on shared/readonly hostdev's
Michal Privoznik
mprivozn at redhat.com
Tue Dec 9 09:37:41 UTC 2014
On 26.11.2014 19:11, John Ferlan wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=1082521
>
> Patch 1 is innocuous and perhaps could have been pushed as trivial...
>
> For Patch 2 I wasn't sure if I should use the virSecuritySELinuxSetFilecon
> or virSecuritySELinuxSetFileconOptional, so I went with the latter since it
> follows what virSecuritySELinuxSetSecurityImageLabelInternal does. Beyond
> the check for shared/readonly, the other difference would be for the else
> condition which uses the Optional now as opposed to the previous code which
> would call virSecuritySELinuxSetSecurityHostdevLabelHelper and use the
> non optional call to set the label.
>
>
> John Ferlan (2):
> tests: Fix sharable typo
> security: Manage SELinux labels on shared/readonly hostdev's
>
> src/security/security_selinux.c | 58 ++++++++++++++++++++++++++++++++++-------
> tests/qemuargv2xmltest.c | 2 +-
> 2 files changed, 50 insertions(+), 10 deletions(-)
>
Oh, now that we are in the freeze I should explicitly state that this is
safe to push during the freeze - it's a bug fix, not a feature.
Michal
More information about the libvir-list
mailing list