[libvirt] [PATCH v4 15/25] security_dac: Allow caller to suppress owner remembering
Daniel P. Berrangé
berrange at redhat.com
Mon Jun 17 13:24:31 UTC 2019
On Thu, Apr 25, 2019 at 10:19:51AM +0200, Michal Privoznik wrote:
> One caller in particular (virSecurityDACSetImageLabelInternal)
> will want to have the feature turned on only in some cases.
> Introduce @remember member to _virSecurityDACChownItem to track
> whether caller wants to do owner remembering or not.
> The actual remembering is then enabled if both caller wanted it
> and the feature is turned on in the config file.
>
> Technically, we could skip over paths that don't have remember
> enabled when creating a list of paths to lock. We won't touch
> their XATTRs after all. Well, I rather play it safe and keep them
> on the locking list for now.
>
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> Reviewed-by: Cole Robinson <crobinso at redhat.com>
> ---
> src/security/security_dac.c | 63 ++++++++++++++++++++++---------------
> 1 file changed, 37 insertions(+), 26 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange at redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list