[PATCH v4 00/25] Fix and enable owner remembering

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is meant for next release to have the most time possible for
testing. Some of the patches were ACKed in v3 already but since they
don't make sense on their own I haven't pushed them.

v4 of:

https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html

As usual, you can find (not only these) patches on my github:

https://github.com/zippy2/libvirt  branch xattr_fixes_v4

diff to v3:
- Some new patches (qemusecuritytest and qemusecuritymock)
- Some other fixes raised by Cole in review of v3 (like double error
  reporting and others)
- Remembering is done only for paths that cannot be shared between
  domains. This renders refcounting needless because the refcounter
  can't ever be greater than one. Nevertheless, I'm keeping it in
  because in the long run I might come up with a solution to the problem
  of shared resources and having refcounters might help.

Michal Prívozník (25):
  qemusecuritymock: Mock virProcessRunInFork
  qemusecuritymock: Fix bit arithmetic
  qemusecuritymock: Actually set error on failure
  qemusecuritymock: Introduce and use freePaths()
  qemusecuritytest: Drop unused variable
  qemusecuritytest: Use AUTOFREE/AUTOUNREF
  qemusecuritytest: Fix capabilities loading
  tools: Slightly rework libvirt_recover_xattrs.sh
  virSecuritySELinuxRestoreAllLabel: Print @migrated in the debug
    message too
  virfile: Make virFileGetXAttr report errors
  virFileSetXAttr: Report error on failure
  virFileRemoveXAttr: Report error on failure
  security: Don't skip label restore on file systems lacking XATTRs
  security: Document @restore member of transaction list
  security_dac: Allow caller to suppress owner remembering
  security_selinux: Allow caller to suppress owner remembering
  qemusecuritymock: Allow some paths to be not restored
  security: Don't remember owner for shared resources
  security: Introduce virSecurityManagerMoveImageMetadata
  security_util: Introduce virSecurityMoveRememberedLabel
  security_dac: Implement virSecurityManagerMoveImageMetadata
  security_selinux: Implement virSecurityManagerMoveImageMetadata
  qemu_security: Implement qemuSecurityMoveImageMetadata
  qemu: Move image security metadata on snapshot activity
  Revert "qemu: Temporary disable owner remembering"

 docs/news.xml                      |  13 ++
 src/libvirt_private.syms           |   2 +
 src/qemu/libvirtd_qemu.aug         |   1 +
 src/qemu/qemu.conf                 |   5 +
 src/qemu/qemu_blockjob.c           |   6 +
 src/qemu/qemu_conf.c               |   4 +
 src/qemu/qemu_driver.c             |  17 +-
 src/qemu/qemu_security.c           |  19 +++
 src/qemu/qemu_security.h           |   5 +
 src/qemu/test_libvirtd_qemu.aug.in |   1 +
 src/security/security_dac.c        | 171 +++++++++++++++----
 src/security/security_driver.h     |   5 +
 src/security/security_manager.c    |  39 +++++
 src/security/security_manager.h    |   4 +
 src/security/security_nop.c        |  10 ++
 src/security/security_selinux.c    | 263 ++++++++++++++++++++---------
 src/security/security_stack.c      |  20 +++
 src/security/security_util.c       |  73 +++++++-
 src/security/security_util.h       |   5 +
 src/util/virfile.c                 |  78 +++++++--
 src/util/virfile.h                 |   5 +
 src/util/virprocess.h              |   3 +-
 tests/qemusecuritymock.c           |  76 +++++++--
 tests/qemusecuritytest.c           | 146 ++++++++++------
 tests/qemusecuritytest.h           |   4 +-
 tools/libvirt_recover_xattrs.sh    |  50 +++---
 26 files changed, 802 insertions(+), 223 deletions(-)

-- 
2.21.0

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux