On 8/23/21 4:41 AM, Peng Liang wrote: > When migrating with shared fs, the image labels has been remembered and > the ownership of the image has been set in the src host. If the dst > host remembers the ownership of the image again, the ownership of the > image remembered in the src host (the origin ownership) will lost. > > Signed-off-by: Peng Liang <liangpeng10@xxxxxxxxxx> > --- > src/security/security_dac.c | 32 +++++++++++++++++++++++--------- > 1 file changed, 23 insertions(+), 9 deletions(-) > I thought that refcounting should do the trick here. At least that was my intent when implementing this feature. I mean, the source sets seclabels and since the domain runs just once all refcounters are equal to 1. Then, during migration when the destination sets labels the refcounter is (temporarily) increased to 2, but only until the source calls restore (in which case the refcounter is decreased back to 1 again). Are you seeing different behaviour? BTW: what FS are you using to test this? Because I'm not aware of any shared FS that would support XATTRs. Michal
