Re: [PATCH 7/7] docs: Recommend static seclabels for migration on shared storage

There are some network FSs (ceph, CIFS) that propagate XATTTs properly and thus SELinux labels too. In such case using dynamic seclabels would get in the way of migration as new seclabel is assigned to the domain on the destination and thus two processes with different labels (the source and the destination QEMU/helper process) would try to access the same file. One of them is necessarily going to be denied access. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt; --- docs/drvqemu.rst | 7 +++++++ 1 file changed, 7 insertions(+)