Re: [libvirt] Updated James Morris patch to apply to libvirt-0.6.0 version
On Fri, 27 Feb 2009, Daniel J Walsh wrote:
I think we need a mechanism in libvirtd.conf to turn this off. And
allow perhaps three modes.
svirt=Disabled. No Security Driver.
svirt=MLS (Requires context in xml, no relabel of disks)
svirt=Standard, (If no XML label, then random generate one and reset
file context).
I wouldn't call these MLS and Standard. The simple isolation scheme with
automatic labeling is just one way to do things. Down the track, we'll
want to be able to specify arbitrary types for guests, not just for MLS.
--
James Morris
<jmorris(a)namei.org>