On Wed, May 25, 2016 at 05:06:27PM +0200, Peter Krempa wrote: > On Wed, May 25, 2016 at 16:53:25 +0200, Peter Krempa wrote: > > On Mon, May 23, 2016 at 20:01:18 +0200, Ján Tomko wrote: > > > Add support for the slic_table to the security drivers. > > > > In this case, you should add a note to the documentation that the file > > is not treated as shared and should be copied for every VM to avoid > > problems as with shared kernel files. > > > > > --- > > > src/security/security_dac.c | 5 +++++ > > > src/security/security_selinux.c | 5 +++++ > > > src/security/virt-aa-helper.c | 4 ++++ > > > 3 files changed, 14 insertions(+)a > > > > > > diff --git a/src/security/security_dac.c b/src/security/security_dac.c > > > index df3ed47..442ce70 100644 > > > --- a/src/security/security_dac.c > > > +++ b/src/security/security_dac.c > > > @@ -1218,6 +1218,11 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr, > > > def->os.dtb, user, group) < 0) > > > return -1; > > > > > > + if (def->os.slic_table && > > > + virSecurityDACSetOwnership(priv, NULL, > > > + def->os.slic_table, user, group) < 0) > > > + return -1; > > > + > > > return 0; > > > } > > > > > > > All 3 security driver IMPLs are missing addition to > > virSecurity.*RestoreAllLabel. > > I've noticed that they are actually considered shared, thus ACK without > any change. Thanks, I have pushed the series now. Jan -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list