[libvirt] [RFC] secdrivers remembering original labels
Michal Privoznik
mprivozn at redhat.com
Fri Jul 27 07:56:23 UTC 2018
Dear list,
we have this very old bug [1] that I just keep pushing in front of me. I
made several attempts to fix it. However, none of them made into the
tree. I guess it's time to have discussion what to do about it. IIRC,
the algorithm that I implemented last was to keep original label in
XATTRs (among with some ref counter) and the last one to restore the
label will look there and find the original label. There was a problem
with two libvirtds fighting over a file on shared FS.
So I guess my question is can we come up with a design that would work?
Or at least work to the extent that we're satisfied with?
Personally, I like the XATTRs approach. And to resolve the NFS race we
can invent yet another lockspace to guard labelling - I also have a bug
for that [2] (although, I'm not that familiar with lockspaces). I guess
doing disk metadata locking is not going to be trivial, is it?
Michal
1: https://bugzilla.redhat.com/show_bug.cgi?id=547546
2: https://bugzilla.redhat.com/show_bug.cgi?id=1524792
More information about the libvir-list
mailing list