[libvirt] [PATCH 0/2] Don't lose running domains configured with no seclabel

It's not exactly obvious but these two patches fix quite an ugly bug affecting setups without any useful security driver (i.e., either explicitly or implicitly using driver 'none'). When a domain is defined without any <seclabel> element in its XML and started by libvirt, an incorrect <seclabel> element is put into its runtime XML configuration which causes such domain to disappear from libvirt when libvirtd is restarted. Without these patches, the incorrect element is <seclabel type='dynamic' relabel='yes'/> after applying patch 2/2, the element is <seclabel type='none' relabel='yes'/> which is still wrong and after applying both of these patches, correct element <seclabel type='none'/> is placed into the runtime XML configuration. Jiri Denemark (2): seclabel: Do not output relabel attribute for type 'none' security: Driver 'none' cannot create confined guests src/conf/domain_conf.c | 9 +++++---- src/security/security_manager.c | 20 ++++++++++++++++++++ .../qemuxml2argv-seclabel-none.xml | 2 +- tests/seclabeltest.c | 2 +- 4 files changed, 27 insertions(+), 6 deletions(-) -- 1.7.8.4