On Thu, Aug 22, 2019 at 05:19:03PM +0200, Michal Privoznik wrote:
For full explanation see 6/6, but here's a digest: GlusterFS via FUSE supports XATTRs but doesn't allow any SELinux label change (which is fortunate for us because migrations work at least). However, we need to treat this situation as "don't remember any seclabels" because if the source sets XATTRs and the migration destination tries to set different label this fails.
The series is safe for freeze as it was sent before the freeze and it fixes a bug, but we also need this in so that we get clean xattr values as soon as possible. One suggestion for a patch coming up as 7/6 (I couldn't look at that part of the code, but it was pre-existing and you didn't touch that part, unfortunately).
Michal Prívozník (6): virSecuritySELinuxGetProcessLabel: Fix comment virSecuritySELinuxSetFileconImpl: Drop @optional argument security_selinux: DropvirSecuritySELinuxSetFileconOptional() security_selinux: Drop @optional from _virSecuritySELinuxContextItem security_selinux: Drop virSecuritySELinuxSetFileconHelper security_selinux: Play nicely with network FS that only emulates SELinux src/security/security_selinux.c | 141 ++++++++++++++++---------------- 1 file changed, 70 insertions(+), 71 deletions(-) -- 2.21.0 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
