[libvirt] [PATCH] conf: format runtime DAC seclabel, unless MIGRATABLE
Cole Robinson
crobinso at redhat.com
Wed Apr 27 17:06:37 UTC 2016
On 04/27/2016 03:30 AM, Martin Kletzander wrote:
> On Sat, Apr 23, 2016 at 02:51:26PM -0400, Cole Robinson wrote:
>> We historically format runtime seclabel selinux/apparmor values,
>> however we skip formatting runtime DAC values. This was added in
>>
>> commit 990e46c4542349f838e001d30638872576c389e9
>> Author: Marcelo Cerri <mhcerri at linux.vnet.ibm.com>
>> Date: Fri Aug 31 13:40:41 2012 +0200
>>
>> conf: Avoid formatting auto-generated DAC labels
>>
>> to maintain migration compatibility with libvirt < 0.10.0.
>>
>> However the formatting was skipped unconditionally. Instead only
>> skip formatting in the VIR_DOMAIN_DEF_FORMAT_MIGRATABLE case.
>>
>
> This all makes sense, but when I started tying it I've found it may
> still cause some problems. Probably. The problem is that I have no
> idea whether it's safer to use number or a name as the uid/gid. But
> since we have that parsing code in place and this patch is not about
> that, so we can deal with that later.
>
> ACK
Thanks, I'll push after the release
- Cole
More information about the libvir-list
mailing list