Hi, Thanks for merging the apparmor handle 9pfs patch! On 2014 03 10 00:03, Felix Geyer wrote:>
On 28.02.2014 21:36, Serge Hallyn wrote:
a separate patch was posted to a new launchpad bug which does a bit more sanity checking on the values passed in, so I went ahead and merged the two. I did however notice that there is no Signed-off-by for Felix. Felix, are you ok with this new version?
Yes, your merged patch looks fine except it still uses // instead of /* ... */ for the comment.
I have fixed that so hopefully this patch can be committed now.
Felix Geyer (1): virt-aa-helper: handle 9pfs
src/security/virt-aa-helper.c | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-)
I also have an issue related that selinux don't allow filesystem mounts. There is a work around for it. When a host directory to be shared is `/share` , running following command on host makes things working. ```bash sudo semanage fcontext -a -t virt_content_t "/share(/.*)?" sudo restorecon -R /share ``` IMO it is neccesary to fix /* XXX fixme process def->fss if relabel == true */ part of src/security/security_selinux.c Hiroshi -- Hiroshi Miura OpenStreetMap Foundation Japan