[PATCH v2] selinux label: restore all labels when some labels fail to set
Michal Privoznik
mprivozn at redhat.com
Fri Nov 13 14:33:34 UTC 2020
On 11/13/20 10:47 AM, Jin Yan wrote:
> Hi Michal,
> I found this problem while performing migration, based on
> libvirt version: 6.2.0
> SELinux mode: permissive
>
> Steps:
> 1. start a vm configured with pipe-type serial port.
> <serial type='pipe'>
> <source path='/tmp/test_pipe'/>
> <target type='system-serial' port='1'>
> <model name='pl011'/>
> </target>
> </serial>
> 2. migrate vm to Dst-side where no '/tmp/test_pipe' exits.
> 3. migration failed in Dst-side qemuProcessLaunch, and the path's label
> that
> has been set is not restored ('/var/lib/libvirt/qemu/nvram/XXX.fd').
>
> I have no idea why 2)rollback you mentioned didn't work.
>
>
I'm not sure. I could not reproduce with the current master. Is it
possible for you to try the master?
Michal
More information about the libvir-list
mailing list