Dear list, it's been a while since I've tried to get the patches in [1]. However, it turned out that we need completely different approach. Now I'd like to revisit that decision. The problem is: libvirt sets various security labels (DAC, selinux) in order for a file to be readable by a qemu process. However, it doesn't record the original labels, so in process of tearing the domain down, we restore "defaults" (in case of DAC we set root:root instead of john:doe). Moreover, if a file is to be shared among multiple domains we can't restore the label as it would make it inaccessible for other qemu processes. My implementation dealt with this problem using XATTRs: one to store the original label, the other one as a reference counter. For each labeling the counter is increased. For each attempt to restore the label the counter is decreased. The original label is restored iff the counter is zero. However, this approach doesn't work well with two libvirtd instances fighting over a file. But one can argue that this is something for cluster. The question is - do we want to reimplement cluster in libvirt? I think my approach seems like reasonable trade-off. So what's your opinion on this? Michal 1: http://www.redhat.com/archives/libvir-list/2013-March/msg01289.html -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list