[libvirt] [PATCH] conf: format runtime DAC seclabel, unless MIGRATABLE
Martin Kletzander
mkletzan at redhat.com
Wed Apr 27 07:30:48 UTC 2016
On Sat, Apr 23, 2016 at 02:51:26PM -0400, Cole Robinson wrote:
>We historically format runtime seclabel selinux/apparmor values,
>however we skip formatting runtime DAC values. This was added in
>
>commit 990e46c4542349f838e001d30638872576c389e9
>Author: Marcelo Cerri <mhcerri at linux.vnet.ibm.com>
>Date: Fri Aug 31 13:40:41 2012 +0200
>
> conf: Avoid formatting auto-generated DAC labels
>
>to maintain migration compatibility with libvirt < 0.10.0.
>
>However the formatting was skipped unconditionally. Instead only
>skip formatting in the VIR_DOMAIN_DEF_FORMAT_MIGRATABLE case.
>
This all makes sense, but when I started tying it I've found it may
still cause some problems. Probably. The problem is that I have no
idea whether it's safer to use number or a name as the uid/gid. But
since we have that parsing code in place and this patch is not about
that, so we can deal with that later.
ACK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20160427/5411860c/attachment-0001.sig>
More information about the libvir-list
mailing list