Re: [libvirt] [PATCH 0/2] Manage SELinux labels on shared/readonly hostdev's

On 26.11.2014 19:11, John Ferlan wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=1082521 > > Patch 1 is innocuous and perhaps could have been pushed as trivial... > > For Patch 2 I wasn't sure if I should use the virSecuritySELinuxSetFilecon > or virSecuritySELinuxSetFileconOptional, so I went with the latter since it > follows what virSecuritySELinuxSetSecurityImageLabelInternal does. Beyond > the check for shared/readonly, the other difference would be for the else > condition which uses the Optional now as opposed to the previous code which > would call virSecuritySELinuxSetSecurityHostdevLabelHelper and use the > non optional call to set the label. > > > John Ferlan (2): > tests: Fix sharable typo > security: Manage SELinux labels on shared/readonly hostdev's > > src/security/security_selinux.c | 58 ++++++++++++++++++++++++++++++++++------- > tests/qemuargv2xmltest.c | 2 +- > 2 files changed, 50 insertions(+), 10 deletions(-) > Oh, now that we are in the freeze I should explicitly state that this is safe to push during the freeze - it's a bug fix, not a feature. Michal