Re: [libvirt] Re: [RFC] sVirt v0.10 - initial prototype
libvir-list-bounces(a)redhat.com wrote on 10/22/2008 05:51:46 AM:
"Daniel P. Berrange" <berrange(a)redhat.com>
Sent by: libvir-list-bounces(a)redhat.com
[...]
>
> Again, I could have a three host machines each one with a different
> policy package say targeted, mls and overt policy package. If all
three
> understand what a system_u:system_r:virtd_t:s0 type is, then all
three
> could run the image.
I guess my point was that we need a way to determine whether the policy
on any machine is suitable for running a VM, before placing the VM on
that host. In the context of a data center mgmt app we can have 100's or
1000's of possible virtualization enabled hosts. Not all of these
hosts will be providing the same level of functionality / same versions
of software, including selinux policy.
This sounds like there would need to be an API for the retrieval of the
current policy module that applies to the labeling of for example the qemu
process. A management application would then certainly need to interpret
this policy module to understand what labels are possible. How about
enabling the update of this policy module by exposing an API that lets one
set a new policy so that virtual machines with new labels can be placed?
Would this be within scope of the security extensions? The actual labeling
of the virtual machine image files could probably have to be left up to
other management APIs that may deal with making those virtual machine
images available, but nevertheless an API for labeling of VM images may be
useful as well.
Stefan
Attachments:
- attachment.html (text/html — 1.9 KB)