[Thincrust-devel] selinux security context
David Lutterkort
lutter at redhat.com
Fri Nov 7 00:11:34 UTC 2008
On Wed, 2008-10-29 at 22:23 +0100, Alan Pevec wrote:
> Kay Williams wrote:
> > Would it make sense for appliance-creator to automatically set the
> > selinux context to created images?
>
> I think it would make sense that virt-image sets the SELinux context
> when installing the appliance image.
virt-image doesn't really muck with the disk images, it just creates
libvirt XML that points to those disk images; sure, we could stick a few
chcon calls into virt-image to make that simpler, but I'd feel a little
dirty doing that.
What we are missing right now is any tooling around appliance
deployment, because we have no appliance packaging ;) Once we had that,
the flow would be more like 'download appliance package', 'run deploy
tool to extract everything into proper places', 'run virt-image on that
to create VM'[1]
David
[1] Not that the user necessarily has to run these as separate commands,
but that's the flow that should happen behind the scenes
More information about the Thincrust-devel
mailing list