On Wed, Aug 29, 2012 at 10:35:30PM -0700, Eric Blake wrote:
On 08/29/2012 05:37 PM, Daniel P. Berrange wrote:
From: "Daniel P. Berrange" <berrange@redhat.com>
If no 'security_driver' config option was set, then the code just loaded the 'dac' security driver. This is a regression on previous behaviour, where we would probe for a possible security driver. ie default to SELinux if available.
This changes things so that it 'security_driver' is not set, we once again do probing. For simplicity we also always create the stack driver, even if there is only one driver active.
The desired semantics are:
- security_driver not set -> probe for selinux/apparmour/nop -> auto-add DAC driver - security_driver set to a string -> add that one driver -> auto-add DAC driver - security_driver set to a list -> add all drivers in list -> auto-add DAC driver
It is not allowed, or possible to specify 'dac' in the security_driver config param, since that is always enabled.
That's true when dynamic_ownership is 1. But what happens if dynamic_ownership is 0 (defaults to off for all guests), but for one particular guest, I want to override that default and explicitly enable dac for that guest?
dynamic_ownership doesn't control whether the DAC driver is used or not, it merely controls whether the DAC driver does re-labelling or not. Now that we have multiple <seclabel> elements in the guest XML you can control that explicitly using teh relabel=yes|no attribute Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|