Re: [libvirt] Updated James Morris patch to apply to libvirt-0.6.0 version

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Another patch off latest repository.

This patch does not require the XML to include a label, although this is
still supported.

Implemented most of the comments from Jim.  make check and make
syntax-check passes, Added seclabeltest.c to run in tests, Updated
capability.rng, although not really sure I did it right.

This patch will generate random MCS Labels and relabels the image files
to match.  Seems to work well on F11.

I will back port some policy to allow it to work on F10.

I think we need a mechanism in libvirtd.conf to turn this off.   And
allow perhaps three modes.

svirt=Disabled.  No Security Driver.
svirt=MLS (Requires context in xml, no relabel of disks)
svirt=Standard, (If no XML label, then random generate one and reset
file context).

How should I read config from libvirt.conf and and not enable he
SecurityModel?



http://people.fedoraproject.org/~dwalsh/SELinux/svirt.patch



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmoTyMACgkQrlYvE4MpobPuHwCgkJqZenEwCWov96tTv+h3x8ec
wmEAoMecJotrN009adtO3JOmkNLR3uXN
=waHN
-----END PGP SIGNATURE-----

--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]