On Mon, May 19, 2025 at 18:41:45 +0200, Ján Tomko wrote:
On a Monday in 2025, Peter Krempa via Devel wrote:
From: Peter Krempa <pkrempa@redhat.com>
In case selinux is used on the host the socket passed to qemu needs to be properly labelled. Add a hint to the example code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> --- docs/formatbackup.rst | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/docs/formatbackup.rst b/docs/formatbackup.rst index 155a45a22f..df6392e3bd 100644 --- a/docs/formatbackup.rst +++ b/docs/formatbackup.rst @@ -53,6 +53,10 @@ were supplied). The following child elements and attributes are supported:
import socket import libvirt + import selinux + + # Optionally setup selinux context for the socket if the distro uses it + # selinux.setsockcreatecon_raw("system_u:object_r:svirt_t:s0")
Should this hint that the category should also match the domain, to be "properly" labelled?
Well, possibly; but this is actually enough to make it work. I didn't care digging deeper.