Re: [libvirt] [PATCH v3 2/3] security: Introduce SetSocketLabel
On Fri, Aug 26, 2011 at 10:23:47AM +0200, Jiri Denemark wrote:
This API labels all sockets created until ClearSocketLabel is called
in
a way that a vm can access them (i.e., they are labeled with svirt_t
based label in SELinux).
---
Notes:
Version 3:
- new patch
src/libvirt_private.syms | 1 +
src/security/security_dac.c | 9 +++++++++
src/security/security_driver.h | 3 +++
src/security/security_manager.c | 10 ++++++++++
src/security/security_manager.h | 2 ++
src/security/security_nop.c | 7 +++++++
src/security/security_selinux.c | 38 ++++++++++++++++++++++++++++++++++++++
src/security/security_stack.c | 17 +++++++++++++++++
8 files changed, 87 insertions(+), 0 deletions(-)
Again need a stub for apparmour
ACK if that is added.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|