[libvirt] [PATCH v2 00/18] Implement original label remembering

Michal Privoznik mprivozn at redhat.com
Thu Nov 29 13:52:15 UTC 2018 

v2 of:

https://www.redhat.com/archives/libvir-list/2018-November/msg00862.html

diff to v1:
- in 03/18 I've implemented FreeBSD support as discussed in v1

Michal Prívozník (18):
  security: Unify header conditionals
  util: Introduce xattr getter/setter/remover
  security: Include security_util
  security_dac: Restore label on failed chown() attempt
  virSecurityDACTransactionRun: Implement rollback
  virSecurityDACRestoreAllLabel: Reorder device relabeling
  virSecurityDACRestoreAllLabel: Restore more labels
  security_dac: Allow callers to enable/disable label remembering/recall
  security_dac: Remember old labels
  virSecurityDACRestoreImageLabelInt: Restore even shared/RO disks
  security_selinux: Track if transaction is restore
  security_selinux: Remember old labels
  security_selinux: Restore label on failed setfilecon() attempt
  virSecuritySELinuxTransactionRun: Implement rollback
  virSecuritySELinuxRestoreAllLabel: Reorder device relabeling
  virSecuritySELinuxRestoreAllLabel: Restore more labels
  tools: Provide a script to recover fubar'ed XATTRs setup
  qemu.conf: Allow users to enable/disable label remembering

 src/libvirt_private.syms           |   3 +
 src/qemu/libvirtd_qemu.aug         |   1 +
 src/qemu/qemu.conf                 |   6 +
 src/qemu/qemu_conf.c               |   4 +
 src/qemu/test_libvirtd_qemu.aug.in |   1 +
 src/security/Makefile.inc.am       |   2 +
 src/security/security_apparmor.h   |   6 +-
 src/security/security_dac.c        | 212 +++++++++++++++++-------
 src/security/security_dac.h        |   6 +-
 src/security/security_driver.h     |   6 +-
 src/security/security_manager.h    |   6 +-
 src/security/security_nop.h        |   6 +-
 src/security/security_selinux.c    | 256 +++++++++++++++++++++--------
 src/security/security_selinux.h    |   6 +-
 src/security/security_stack.h      |   6 +-
 src/security/security_util.c       | 226 +++++++++++++++++++++++++
 src/security/security_util.h       |  32 ++++
 src/util/virfile.c                 | 121 ++++++++++++++
 src/util/virfile.h                 |  11 ++
 tools/Makefile.am                  |   1 +
 tools/libvirt_recover_xattrs.sh    |  89 ++++++++++
 21 files changed, 857 insertions(+), 150 deletions(-)
 create mode 100644 src/security/security_util.c
 create mode 100644 src/security/security_util.h
 create mode 100755 tools/libvirt_recover_xattrs.sh

-- 
2.18.1

More information about the libvir-list mailing list