[libvirt-users] How to enable SELinux driver for libvirt?
Eric Blake
eblake at redhat.com
Thu Aug 21 12:58:40 UTC 2014
On 08/21/2014 01:38 AM, Qiang Guan wrote:
> Hi guys,
>
> It seems libvirt disable SELinux driver by default.
You need to provide more details to substantiate your claim. What
platform are you running on, and what version of libvirt? Did you build
it yourself or are you using the pre-built distro version?
Fedora-based distributions (and that includes RHEL and CentOS) ship the
distro version with SELinux support ON by default. However, actually
using SELinux when the support is present depends on your
/etc/libvirt/*.conf settings: qemu.conf uses SELinux by default, while
lxc.conf has to be manually tweaked to turn on the use of SELinux
(that's because proper labeling for an LXC container is a lot more
involved). That said, the conf files only give defaults, and it is
still possible to do per-domain use of SELinux (the virt-sandbox app is
one that always tries to use SELinux labeling when creating LXC guests,
regardless of the *.conf defaults).
> How to enable SELinux driver for libvirt?
If you self-compiled, make sure you had the right devel libraries
present to ensure the SELinux support is compiled in. If you are using
a distro, you may want to file a support ticket with your distro provider.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 539 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20140821/4afed114/attachment.sig>
More information about the libvirt-users
mailing list