Virtiofs xattr options on domain xml
ksobrenat32
ksobrenat32 at null.8shield.net
Wed May 18 22:53:46 UTC 2022
Hi!
I have a debian 11 (bullseye) machine running libvirtd version 7.0.0 and
a RHEL 9 virtual machine that I need to share a disk and though about
virtiofs.
The disk is a btrfs disk and I have successfully mount it with:
<filesystem type='mount' accessmode='passthrough'>
<driver type='virtiofs' queue='1024'/>
<binary path='/usr/lib/qemu/virtiofsd' xattr='on'>
<cache mode='always'/>
<lock posix='on' flock='on'/>
</binary>
<source dir='/mnt/WD-Disk'/>
<target dir='media'/>
<alias name='fs0'/>
<address type='pci' domain='0x0000' bus='0x07' slot='0x00'
function='0x0'/>
</filesystem>
The problem I have is with selinux, when I try to change the context of
a file inside the virtual machine I get a 'Operation not permitted'
error, I can change the context in the Debian host and see the changes
in the virtual machine but I would want to be able to change the context
from the vm to able to use podman containers with selinux enabled.
I see on the docs
https://qemu.readthedocs.io/en/latest/tools/virtiofsd.html#selinux-support
you can run virtiofsd with a xattr option so it is compatible with
selinux but I do not find a way to change the domain xml to add this
option, is there a way to add this option? Does a better option exists
(maybe on the guest side)?
More information about the libvirt-users
mailing list