If libvirt is doing labeling on a domain startup, the original
owner of files is not remembered. So later, when the domain is
shutting down and re-labelling is done, we have no other option,
just to fall back to 0:0. These patches are solving this issue
for DAC driver. I am sending them just to know if the path I wen
through is right so I don't bother with selinux if it is not.
Michal Privoznik (2):
conf: Add oldlabel field to virSecurityDeviceLabelDef
security driver: Remember the original DAC label
src/conf/domain_conf.c | 20 ++-
src/conf/domain_conf.h | 1 +
src/security/security_dac.c | 340 +++++++++++++++++++++++++++++++-------------
3 files changed, 260 insertions(+), 101 deletions(-)
--
1.8.0.2