[Virtio-fs] restorcon/SELinux virtiofs question
Vivek Goyal
vgoyal at redhat.com
Thu Nov 19 18:16:35 UTC 2020
On Thu, Nov 19, 2020 at 10:52:51AM -0600, Harry G. Coin wrote:
> Hello virtiofs team. I need clarification about a 'restorecon' selinux
> guest giving an 'operation not supported' response.
>
> If the host fs is btrfs (with xattr enabled in virtiofsd) but not
> running SELinux,
I suspect that on host setxattr(security.selinux) is failing with
"operation not supported".
What do you mean by host "not running SELinux". SElinux is not compiled
in? Or it is disabled or in passive mode?
Is it working with filesystems other than btrfs, say ext4 or xfs.
Now qemu supports xattr remapping. You might want to run virtiofsd
to remap security.selinux. I think that might get you going till
the root cause of the issue is found.
Vivek
> and the guest has virtiofs root with selinux active,
> what version [if any] for virtiofs is necessary before I can expect the
> restorecon command to operate properly? (Or, maybe I've missed a config
> setting somewhere?)
>
> Packages such as freeipa fail to install because they issue dozens of
> 'restorecon' calls which fail using virtiofs.
>
> Thanks,
>
> Harry Coin
>
>
>
>
> _______________________________________________
> Virtio-fs mailing list
> Virtio-fs at redhat.com
> https://www.redhat.com/mailman/listinfo/virtio-fs
More information about the Virtio-fs
mailing list