The file handle passed from libvirt to qemu is not set to the context of the
guest. So, set the selinux context of fd before passing it to qemu
Signed-off-by: Shivaprasad G Bhat<sbhat@xxxxxxxxxxxxxxxxxx>
---
src/qemu/qemu_driver.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 4bb4819..8cf3666 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -5522,6 +5522,9 @@ qemuDomainRestoreFlags(virConnectPtr conn,
goto cleanup;
def = NULL;
+ if (virSecurityManagerSetImageFDLabel(driver->securityManager, vm->def, fd) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list