On 11.09.2014 13:13, Daniel P. Berrange wrote:
On Wed, Sep 10, 2014 at 03:26:06PM +0200, Michal Privoznik wrote:
I know I've sent several versions like ages ago, so this should
not start with v1, but hey, this is completely new approach, so
I'm gonna start from 1.
Here, the virtlockd is misused to hold the original seclabels
(although only DAC label is implemented so far). Even more, it
does a reference counting, so that only the last label restore
does the job, not the previous ones.
Ah interesting approach. Do you have a pointer to your most
recent posting of the previous approach for comparison. I
remember seeing it before, but I'm being unlucky finding it
in the archives right now.
I believe this was my last approach:
http://www.redhat.com/archives/libvir-list/2014-March/msg00826.html
The idea there was to have a file to keep original labels and use
virtlockd to ensure mutual exclusion of multiple daemons. But I must say
stripping the file and moving it into virtlockd (approach presented in
this patch set) looks better to me.
Michal
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list