Re: [libvirt] Problem with the current svirt patch

On 03/13/2009 11:45 AM, Daniel P. Berrange wrote: >On Fri, Mar 13, 2009 at 11:03:26AM -0400, Daniel J Walsh wrote: >>The current svirt patch relabels all disk to the image_t:MCS, which is >>incorrect. Read Only Disks and Sharable Disks should not be labeled. >> >>Also when libvirt is completed running the image it needs to relabel the >>image back to something sane. Right now it is labeling everything >>imagelabel:s0, including phisical disk partitions. I considered two >>ways of labeling the "disk" back. We can either grab the label when >>libvirt starts and change it back to this label when ever an image >>completes or we can ask the system what the label should be. >>(matcpathcon). I originally coded up the first, but quickly realized if >>anything went wrong with libvirt labeling like a crash, the labels on >>disk could be wrong. And libvirt would continuously set them to this >>wrong label. With matchpathcon, libvirt will at least set them to >>something sane. >> >>So this patch Removes labeling of readonly and shared disks and restores >>the images label to the system default when the image completes. >> >>I would really like to get this in ASAP. Since currently libvirt is >>relabeing the cdrom to virt_image_t when it is complete as well as >>physical disks. > >ACK this all looks sane to me. > Is this going to be merged in?