[libvirt-users] How to enable SELinux driver for libvirt?

[Qiang Guan]

于 2014年08月21日 20:58, Eric Blake 写道:
> On 08/21/2014 01:38 AM, Qiang Guan wrote:
>> Hi guys,
>>
>> It seems libvirt disable SELinux driver by default.
> You need to provide more details to substantiate your claim.  What
> platform are you running on, and what version of libvirt?  Did you build
> it yourself or are you using the pre-built distro version?
>
> Fedora-based distributions (and that includes RHEL and CentOS) ship the
> distro version with SELinux support ON by default.  However, actually
> using SELinux when the support is present depends on your
> /etc/libvirt/*.conf settings: qemu.conf uses SELinux by default, while
> lxc.conf has to be manually tweaked to turn on the use of SELinux
> (that's because proper labeling for an LXC container is a lot more
> involved).  That said, the conf files only give defaults, and it is
> still possible to do per-domain use of SELinux (the virt-sandbox app is
> one that always tries to use SELinux labeling when creating LXC guests,
> regardless of the *.conf defaults).
>
>> How to enable SELinux driver for libvirt?
> If you self-compiled, make sure you had the right devel libraries
> present to ensure the SELinux support is compiled in.  If you are using
> a distro, you may want to file a support ticket with your distro provider.
>
Hi, Eric, thanks for help.
I'm using ubuntu14.04 with libvirt of version 1.2.2 from ubuntu trusty 
source.
I want to use SELinux labeling with dynamic type for my lxc which is 
started by libvirt API.

I don't know whether SELinux support is compiled in the ubuntu release.
How can I recognize whether SELinux is compiled in libvirt of a release 
version?
If compiled, which configure need to be set to enable SELinux driver for 
libvirt?

-- 
------------
Jackie
Best Regards