Re: [libvirt] [PATCH] security: Re-apply commit ce53382ba28179d3a504b29b4f888b6e130d53f0
On Thu, Aug 30, 2012 at 04:22:48PM +0200, Peter Krempa wrote:
Recent changes in the security driver discarded changes that fixed
labeling un-confined guests.
---
src/security/security_manager.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index 367f7ad..07f5a9b 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -340,10 +340,12 @@ int virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
}
if (seclabel->type == VIR_DOMAIN_SECLABEL_DEFAULT) {
- if (sec_managers[i]->defaultConfined)
+ if (sec_managers[i]->defaultConfined) {
seclabel->type = VIR_DOMAIN_SECLABEL_DYNAMIC;
- else
+ } else {
seclabel->type = VIR_DOMAIN_SECLABEL_NONE;
+ seclabel->norelabel = true;
+ }
}
if ((seclabel->type == VIR_DOMAIN_SECLABEL_NONE) &&
ACK,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/