Re: [libvirt] [PATCH v3 0/3] Correctly label migration TCP socket
On Fri, Aug 26, 2011 at 10:23:45 +0200, Jiri Denemark wrote:
With current libvirt and qemu, migration is not working if SELinux is
in
enforcing mode, since the TCP socket we pass to qemu is not labeled in a way
that would allow qemu to read from it.
After this patchset, migration works even in enforcing mode.
Jiri Denemark (3):
security: Rename SetSocketLabel APIs to SetDaemonSocketLabel
security: Introduce SetSocketLabel
qemu: Correctly label migration TCP socket
Oops, thanks for spotting the missing part in apparmor driver. I fixed that
(and installed libapparmor and compile-tested libvirt with it) and pushed the
series.
Jirka